Sujet Précédent Sujet Suivant

Virus W32.Sinnaka.A@mm

pierre -  
aranjuez31 Messages postés 8069 Statut Contributeur -
pour matthieu1 donc j'ai suivi les conseil que tu as donné a d'autre personnes donc je voulais avoir si je te donne le rapport de hijackthis si tu pouvais me dire quelle sont les fichiers inféctés merci
A voir également:

5 réponses

Réponse 1 / 5
Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
 
Slt,

Merci de poster ton log Hijack sur ce post et non d'en créer un autre...Le deuxième va être supprimer.

A+
0
Réponse 2 / 5
pierre
 
bonjours dsl d'avoir crée tro de message. voila mon rapport si vous pouviez m'aider je vous en serez reconnaissant merci
voila mon rapport:
Logfile of HijackThis v1.99.1
Scan saved at 11:49:44, on 10/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\mssearchnet.exe
C:\WINDOWS\system32\nvctrl.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\APPS\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\modem ADSL USB\modem ADSL USB\dslmon.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\WINDOWS\System32\imapi.exe
C:\apps\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.9online.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Nothing - {7a932ed2-1737-4ab8-b84d-c71779958551} - C:\WINDOWS\system32\hp9097.tmp
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P and now I post my Hijack log whining] C:\WINDOWS\system32\Pro Evolution Soccer 5 crack.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [Actual Transparent Window] C:\Program Files\Actual Transparent Window\ActualTransparentWindowCenter.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\APPS\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt3_x.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by21fd.bay21.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by21fd.bay21.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe (file missing)
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe (file missing)
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
0
Réponse 3 / 5
aranjuez31 Messages postés 8069 Statut Contributeur 354
 
re
fais d abord 1er ménage conseillé par seb
càd

CCM
Merci de procéder dans l’ordre,
Télécharge TOUS ces programmes (si tu n’as pas), installe-les.
Fais les mises à jour des progr 1/, 2/, 3/
Scan avec TOUS, COLLE les rapports de 3/ & 6/

1/ -Ad-Aware (gratuit) :
https://forums.cnetfrance.fr

2/ - Spybot (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html

3/ - Ewido (dowload)- gratuit même après 14 jours d’essai
http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
Copie/COLLE le rapport généré sur ce forum

4/ - regcleaner ( nettoyeur de registre)
http://www.01net.com/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/4894.html
Son tuto
http://www.softastuces.com/tuto/maint/regcleaner/index.php

5/ - cleanup40 (nettoyeur de cookies+temps+tempos+prefetch+historique+etc..)
http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
Démo
http://pageperso.aol.fr/balltrap34/democleanup.htm

6/ - Scan online avec BitDefender – fonctionne uniquement sous Internet Explorer en acceptant l’activX
https://assiste.com/404_La_page_demandee_n_existe_pas.php
Copie/COLLE le rapport entier

7/ - Hijackthis – outil de diagnostic et réparation
lire démo
http://pageperso.aol.fr/balltrap34/Hijenr.gifhttp://pageperso.aol.fr/balltrap34/d...

Au boulot – Bon courage
0
Réponse 4 / 5
pierre
 
ya certain rapport que je ne peut pas copier
tu voila celui de hijackthis et de ad aware j'espere que vous pourrez faire quelque chose pour cela merci a vous.

Logfile of HijackThis v1.99.1
Scan saved at 10:29:25, on 11/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
C:\WINDOWS\wanmpsvc.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\mssearchnet.exe
C:\WINDOWS\system32\nvctrl.exe
C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\D-Tools\daemon.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CursorXP\CursorXP.exe
C:\APPS\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
C:\Program Files\modem ADSL USB\modem ADSL USB\dslmon.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.9online.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
O2 - BHO: Nothing - {7a932ed2-1737-4ab8-b84d-c71779958551} - C:\WINDOWS\system32\hp9858.tmp
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P and now I post my Hijack log whining] C:\WINDOWS\system32\Pro Evolution Soccer 5 crack.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [Actual Transparent Window] C:\Program Files\Actual Transparent Window\ActualTransparentWindowCenter.exe
O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\APPS\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
O4 - Global Startup: DSLMON.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt3_x.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by21fd.bay21.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by21fd.bay21.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe (file missing)
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe (file missing)
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

Ad-Aware SE Build 1.05
Logfile Created on:mardi 11 avril 2006 10:30:18
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R102 03.04.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):24 total references
Tracking Cookie(TAC index:3):11 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

11-04-2006 10:30:18 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\P. Minereau\recent
Description : list of recently opened documents

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\microsoft management console\recent file list
Description : list of recent snap-ins used in the microsoft management console

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\office\11.0\publisher\recent file list
Description : list of recent files used by microsoft publisher

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\windows\currentversion\explorer\runmru
Description : mru list for items opened in start | run

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

MRU List Object Recognized!
Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 648
ThreadCreationTime : 11-04-2006 06:48:42
BasePriority : Normal

#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 704
ThreadCreationTime : 11-04-2006 06:48:44
BasePriority : Normal

#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 728
ThreadCreationTime : 11-04-2006 06:48:45
BasePriority : High

#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 772
ThreadCreationTime : 11-04-2006 06:48:45
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 784
ThreadCreationTime : 11-04-2006 06:48:45
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 976
ThreadCreationTime : 11-04-2006 06:48:45
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1024
ThreadCreationTime : 11-04-2006 06:48:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1168
ThreadCreationTime : 11-04-2006 06:48:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1272
ThreadCreationTime : 11-04-2006 06:48:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1348
ThreadCreationTime : 11-04-2006 06:48:46
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1588
ThreadCreationTime : 11-04-2006 06:48:47
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [aswupdsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1744
ThreadCreationTime : 11-04-2006 06:48:47
BasePriority : Normal

#:13 [ashserv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1772
ThreadCreationTime : 11-04-2006 06:48:47
BasePriority : High
FileVersion : 4, 6, 665, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright (c) 2005 ALWIL Software
OriginalFilename : aswServ.exe

#:14 [ctsvccda.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1800
ThreadCreationTime : 11-04-2006 06:48:47
BasePriority : Normal
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
ProductName : Creative Service for CDROM Access
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
LegalCopyright : Copyright (c) Creative Technology Ltd., 1999. All rights reserved.
OriginalFilename : CTsvcCDA.EXE

#:15 [sagent2.exe]
FilePath : C:\Program Files\Fichiers communs\EPSON\EBAPI\
ProcessID : 1828
ThreadCreationTime : 11-04-2006 06:48:47
BasePriority : Normal
FileVersion : 2, 3, 0, 0
ProductVersion : 1, 0, 0, 0
ProductName : EPSON Bidirectional Printer
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Printer Status Agent
InternalName : SAgent2
LegalCopyright : Copyright (C) SEIKO EPSON CORP. 2000-2001
OriginalFilename : SAgent2.exe

#:16 [mdm.exe]
FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\
ProcessID : 1864
ThreadCreationTime : 11-04-2006 06:48:48
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:17 [slserv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1984
ThreadCreationTime : 11-04-2006 06:48:48
BasePriority : Normal
FileVersion : 2.80.00(24Apr2000)
ProductVersion : 2.80.00
ProductName : Modem
FileDescription : User-Level Modem Service
InternalName : slserv
LegalCopyright : Copyright © 1999-2000
OriginalFilename : slserv.exe

#:18 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 288
ThreadCreationTime : 11-04-2006 06:48:49
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:19 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 596
ThreadCreationTime : 11-04-2006 06:48:49
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:20 [vcssecs.exe]
FilePath : C:\Program Files\Virtual CD v4 SDK\system\
ProcessID : 620
ThreadCreationTime : 11-04-2006 06:48:50
BasePriority : Normal
FileVersion : 4, 3, 0, 1
ProductVersion : 4, 3, 0, 0
ProductName : Virtual CD
CompanyName : H+H Software GmbH
FileDescription : Virtual CD v4.3 SDK - Security Service
InternalName : VCSSecS
LegalCopyright : Copyright © 2001 by H+H Software GmbH
OriginalFilename : VCSSecS.exe

#:21 [wanmpsvc.exe]
FilePath : C:\WINDOWS\
ProcessID : 148
ThreadCreationTime : 11-04-2006 06:48:50
BasePriority : Normal
FileVersion : 7, 0, 0, 2
ProductVersion : 7, 0, 0, 2
ProductName : America Online
CompanyName : America Online, Inc.
FileDescription : Wan Miniport (ATW) Service
InternalName : WanMPSvc
LegalCopyright : Copyright © 2001 America Online, Inc.
OriginalFilename : WanMPSvc.exe

#:22 [mspmspsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 696
ThreadCreationTime : 11-04-2006 06:48:50
BasePriority : Normal
FileVersion : 7.00.00.1954
ProductVersion : 7.00.00.1954
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename : MSPMSPSV.EXE

#:23 [ashmaisv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 228
ThreadCreationTime : 11-04-2006 06:48:54
BasePriority : Normal

#:24 [ashwebsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 532
ThreadCreationTime : 11-04-2006 06:48:54
BasePriority : Normal

#:25 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 432
ThreadCreationTime : 11-04-2006 06:48:54
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:26 [wscntfy.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2116
ThreadCreationTime : 11-04-2006 06:48:55
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows Security Center Notification App
InternalName : wscntfy.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : wscntfy.exe

#:27 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2200
ThreadCreationTime : 11-04-2006 06:48:56
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

#:28 [mssearchnet.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2372
ThreadCreationTime : 11-04-2006 06:48:58
BasePriority : Normal

#:29 [nvctrl.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2424
ThreadCreationTime : 11-04-2006 06:48:58
BasePriority : Normal

#:30 [vcsplay.exe]
FilePath : C:\Program Files\Virtual CD v4 SDK\system\
ProcessID : 2468
ThreadCreationTime : 11-04-2006 06:48:58
BasePriority : Normal
FileVersion : 4, 5, 0, 6
ProductVersion : 4, 3, 0, 0
ProductName : Virtual CD v4
CompanyName : H+H Software GmbH
FileDescription : Virtual CD v4.3 SDK - Player
InternalName : VCSPlay
LegalCopyright : Copyright (C) 2001-2002 by H+H Software GmbH
OriginalFilename : VCSPlay.EXE

#:31 [realsched.exe]
FilePath : C:\Program Files\Fichiers communs\Real\Update_OB\
ProcessID : 2476
ThreadCreationTime : 11-04-2006 06:48:58
BasePriority : Normal
FileVersion : 0.1.0.1622
ProductVersion : 0.1.0.1622
ProductName : RealOne Player (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2002
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe

#:32 [soundman.exe]
FilePath : C:\WINDOWS\
ProcessID : 2484
ThreadCreationTime : 11-04-2006 06:48:59
BasePriority : Normal
FileVersion : 5.1.09
ProductVersion : 5.1.09
ProductName : Realtek Sound Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Sound Manager
InternalName : ALSMTray
LegalCopyright : Copyright (c) 2001-2003 Realtek Semiconductor Corp.
OriginalFilename : ALSMTray.exe
Comments : Realtek AC97 Audio Sound Manager

#:33 [atiptaxx.exe]
FilePath : C:\ATI Technologies\ATI Control Panel\
ProcessID : 2528
ThreadCreationTime : 11-04-2006 06:48:59
BasePriority : Normal
FileVersion : 6.14.10.5046
ProductVersion : 6.14.10.5046
ProductName : ATI Desktop Component
CompanyName : ATI Technologies, Inc.
FileDescription : ATI Desktop Control Panel
InternalName : Atiptaxx.exe
LegalCopyright : Copyright (C) 1998-2002 ATI Technologies Inc.
OriginalFilename : Atiptaxx.exe

#:34 [aboard.exe]
FilePath : C:\apps\ABoard\
ProcessID : 2544
ThreadCreationTime : 11-04-2006 06:48:59
BasePriority : Normal
FileVersion : 1, 2, 0, 0
ProductVersion : 1, 2, 0, 0
ProductName : Activboard Application
CompanyName : NEC Computers International
FileDescription : Activboard Application
InternalName : Activboard
LegalCopyright : Copyright (C) 2003
OriginalFilename : ABoard.exe

#:35 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 2552
ThreadCreationTime : 11-04-2006 06:48:59
BasePriority : Normal
FileVersion : 6.0.2
ProductVersion : QuickTime 6.0.2
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2002
OriginalFilename : QTTask.exe

#:36 [winampa.exe]
FilePath : C:\Program Files\Winamp\
ProcessID : 2560
ThreadCreationTime : 11-04-2006 06:48:59
BasePriority : Normal

#:37 [daemon.exe]
FilePath : C:\Program Files\D-Tools\
ProcessID : 2568
ThreadCreationTime : 11-04-2006 06:48:59
BasePriority : Normal

#:38 [aosd.exe]
FilePath : C:\apps\ABoard\
ProcessID : 2576
ThreadCreationTime : 11-04-2006 06:48:59
BasePriority : ?
FileVersion : 1, 2, 0, 0
ProductVersion : 1, 2, 0, 0
ProductName : ActivOSD Application
CompanyName : NEC Computers International
FileDescription : ActivOSD Application
InternalName : ActivOSD
LegalCopyright : Copyright (C) 2003
OriginalFilename : ActivOSD.exe

#:39 [ctsysvol.exe]
FilePath : C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\
ProcessID : 2588
ThreadCreationTime : 11-04-2006 06:48:59
BasePriority : Normal
FileVersion : 1.4.1.0
ProductVersion : 1.0.0.0
ProductName : Creative Volume Control
CompanyName : Creative Technology Ltd
FileDescription : CTSysVol.exe
LegalCopyright : Copyright (c) Creative Technology Ltd., 2002-2003. All rights reserved.
OriginalFilename : CTSysVol.exe

#:40 [pdvdserv.exe]
FilePath : C:\Program Files\CyberLink\PowerDVD\
ProcessID : 2604
ThreadCreationTime : 11-04-2006 06:48:59
BasePriority : Normal
FileVersion : 6.00.1027
ProductVersion : 6.00.1027
ProductName : PowerDVD
CompanyName : Cyberlink Corp.
FileDescription : PowerDVD RC Service
InternalName : PowerDVD RC Service
LegalCopyright : Copyright (c) CyberLink Corp. 1997-2004
OriginalFilename : PDVDSERV.EXE

#:41 [ashdisp.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ProcessID : 2612
ThreadCreationTime : 11-04-2006 06:49:00
BasePriority : Normal
FileVersion : 4, 6, 665, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright (c) 2005 ALWIL Software
OriginalFilename : aswDisp.exe

#:42 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 2632
ThreadCreationTime : 11-04-2006 06:49:00
BasePriority : Normal
FileVersion : 7.5.0299
ProductVersion : 7.5.0299
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:43 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2680
ThreadCreationTime : 11-04-2006 06:49:00
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:44 [cursorxp.exe]
FilePath : C:\Program Files\CursorXP\
ProcessID : 2716
ThreadCreationTime : 11-04-2006 06:49:00
BasePriority : High

#:45 [calcheck.exe]
FilePath : C:\APPS\Ulead Systems\Ulead Photo Express 4.0 SE\
ProcessID : 2752
ThreadCreationTime : 11-04-2006 06:49:01
BasePriority : Normal
FileVersion : 4, 0, 0, 0
ProductVersion : 4, 0, 0, 0
ProductName : Calendar Checker Application
CompanyName : Ulead Systems, Inc.
FileDescription : Photo Express -- Calendar Checker
InternalName : CalCheck
LegalCopyright : Copyright (C) 1992-1999.Ulead Systems, Inc.
LegalTrademarks : Ulead Systems, MediaStudio, PhotoImpact and Photo Express are registered trademarks of Ulead Systems, Inc.
OriginalFilename : CalCheck.EXE

#:46 [dslmon.exe]
FilePath : C:\Program Files\modem ADSL USB\modem ADSL USB\
ProcessID : 2792
ThreadCreationTime : 11-04-2006 06:49:02
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : DSLMON Application
FileDescription : ADIMON MFC Application
InternalName : DSLMON
LegalCopyright : Copyright (C) 2000
OriginalFilename : ADIMON.EXE

#:47 [emule.exe]
FilePath : C:\Program Files\eMule\
ProcessID : 2152
ThreadCreationTime : 11-04-2006 08:21:01
BasePriority : Normal
FileVersion : 0.44.3 Unicode
ProductVersion : 0.44.3 Unicode
ProductName : eMule
CompanyName : https://www.emule-project.net/home/perl/general.cgi?l=1
FileDescription : eMule
InternalName : emule.exe
LegalCopyright : Copyright © 2002-2004 Merkur - read license.txt for more infos
OriginalFilename : emule.exe

#:48 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 316
ThreadCreationTime : 11-04-2006 08:24:31
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : IEXPLORE.EXE

#:49 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 3764
ThreadCreationTime : 11-04-2006 08:25:30
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : IEXPLORE.EXE

#:50 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 3276
ThreadCreationTime : 11-04-2006 08:30:10
BasePriority : Normal
FileVersion : 6.2.0.206
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 24

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 24

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 24

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : p. minereau@adtech[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:p. minereau@adtech.de/
Expires : 07-04-2016 16:39:02
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : p. minereau@www.cibleclick[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:p. minereau@www.cibleclick.com/
Expires : 10-05-2006 16:22:48
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : p. minereau@as1.falkag[2].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:p. minereau@as1.falkag.de/
Expires : 10-06-2006 08:52:10
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : p. minereau@www.smartadserver[1].txt
Category : Data Miner
Comment : Hits:15
Value : Cookie:p. minereau@www.smartadserver.com/
Expires : 06-04-2026 09:33:52
LastSync : Hits:15
UseCount : 0
Hits : 15

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : p. minereau@estat[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:p. minereau@estat.com/
Expires : 07-04-2016 16:05:06
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : p. minereau@serving-sys[2].txt
Category : Data Miner
Comment : Hits:41
Value : Cookie:p. minereau@serving-sys.com/
Expires : 01-01-2038
LastSync : Hits:41
UseCount : 0
Hits : 41

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : p. minereau@fl01.ct2.comclick[1].txt
Category : Data Miner
Comment : Hits:52
Value : Cookie:p. minereau@fl01.ct2.comclick.com/
Expires : 10-01-2029 02:00:00
LastSync : Hits:52
UseCount : 0
Hits : 52

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : p. minereau@bs.serving-sys[1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:p. minereau@bs.serving-sys.com/
Expires : 01-01-2038
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : p. minereau@weborama[2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:p. minereau@weborama.fr/
Expires : 09-04-2011 16:22:50
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : p. minereau@bluestreak[2].txt
Category : Data Miner
Comment : Hits:26
Value : Cookie:p. minereau@bluestreak.com/
Expires : 08-04-2016 06:24:30
LastSync : Hits:26
UseCount : 0
Hits : 26

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : p. minereau@247realmedia[2].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:p. minereau@247realmedia.com/
Expires : 01-01-2021 02:00:00
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 11
Objects found so far: 35

Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 35

Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 35

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 35

10:42:22 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:12:04.15
Objects scanned:156625
Objects identified:11
Objects ignored:0
New critical objects:11

merci
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 5
aranjuez31 Messages postés 8069 Statut Contributeur 354
 
hello
as-tu scanné avec ewido ?
as-tu fait scan online de bit defender ?
====
ne conserve pas sauvegarde de ad-aware
clic sur cadenas et supprime tout
========
ordi tjrs infecté
==========
fais ceci

1/ - Télécharger ceci (merci a S!RI pour ce petit programme) :
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
L'exécuter, puis double-cliquer sur Smitfraudfix.cmd
Choisir l’option 1, il va générer un rapport
Copier-coller ce dernier dans un message sur le forum.
En image :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
-------
2/ Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du PC sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
-----
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, redémarre en mode normal, copie-colle le rapport sauvegardé sur le forum.

0

Discussions similaires

W32 L32: correspondance entre taille US et taille française
efg -
sibel -

6 réponses
Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses