Virus W32.Sinnaka.A@mm

pierre -  
aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur -
pour matthieu1 donc j'ai suivi les conseil que tu as donné a d'autre personnes donc je voulais avoir si je te donne le rapport de hijackthis si tu pouvais me dire quelle sont les fichiers inféctés merci

5 réponses

  1. Séb08 Messages postés 18169 Date d'inscription   Statut Contributeur Dernière intervention   1 430
     
    Slt,

    Merci de poster ton log Hijack sur ce post et non d'en créer un autre...Le deuxième va être supprimer.

    A+
    0
  2. pierre
     
    bonjours dsl d'avoir crée tro de message. voila mon rapport si vous pouviez m'aider je vous en serez reconnaissant merci
    voila mon rapport:
    Logfile of HijackThis v1.99.1
    Scan saved at 11:49:44, on 10/04/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\system32\mssearchnet.exe
    C:\WINDOWS\system32\nvctrl.exe
    C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\apps\ABoard\ABoard.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\apps\ABoard\AOSD.exe
    C:\Program Files\CursorXP\CursorXP.exe
    C:\APPS\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    C:\Program Files\modem ADSL USB\modem ADSL USB\dslmon.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\WINDOWS\System32\imapi.exe
    C:\apps\Adobe\Acrobat 5.0\Reader\AcroRd32.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.9online.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    O2 - BHO: Nothing - {7a932ed2-1737-4ab8-b84d-c71779958551} - C:\WINDOWS\system32\hp9097.tmp
    O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [I downloaded pirated Software from P2P and now I post my Hijack log whining] C:\WINDOWS\system32\Pro Evolution Soccer 5 crack.exe
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
    O4 - HKCU\..\Run: [Actual Transparent Window] C:\Program Files\Actual Transparent Window\ActualTransparentWindowCenter.exe
    O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\APPS\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    O4 - Global Startup: DSLMON.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe (file missing)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
    O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
    O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt3_x.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by21fd.bay21.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by21fd.bay21.hotmail.msn.com/activex/HMAtchmt.ocx
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe (file missing)
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe (file missing)
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe (file missing)
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe (file missing)
    O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe
    0
  3. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    re
    fais d abord 1er ménage conseillé par seb
    càd

    CCM
    Merci de procéder dans l’ordre,
    Télécharge TOUS ces programmes (si tu n’as pas), installe-les.
    Fais les mises à jour des progr 1/, 2/, 3/
    Scan avec TOUS, COLLE les rapports de 3/ & 6/

    1/ -Ad-Aware (gratuit) :
    https://forums.cnetfrance.fr

    2/ - Spybot (gratuit) :
    http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html

    3/ - Ewido (dowload)- gratuit même après 14 jours d’essai
    http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
    Copie/COLLE le rapport généré sur ce forum

    4/ - regcleaner ( nettoyeur de registre)
    http://www.01net.com/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/4894.html
    Son tuto
    http://www.softastuces.com/tuto/maint/regcleaner/index.php

    5/ - cleanup40 (nettoyeur de cookies+temps+tempos+prefetch+historique+etc..)
    http://pageperso.aol.fr/Balltrap34/CleanUp40.exe
    Démo
    http://pageperso.aol.fr/balltrap34/democleanup.htm

    6/ - Scan online avec BitDefender – fonctionne uniquement sous Internet Explorer en acceptant l’activX
    https://assiste.com/404_La_page_demandee_n_existe_pas.php
    Copie/COLLE le rapport entier

    7/ - Hijackthis – outil de diagnostic et réparation
    lire démo
    http://pageperso.aol.fr/balltrap34/Hijenr.gifhttp://pageperso.aol.fr/balltrap34/d...

    Au boulot – Bon courage
    0
  4. pierre
     
    ya certain rapport que je ne peut pas copier
    tu voila celui de hijackthis et de ad aware j'espere que vous pourrez faire quelque chose pour cela merci a vous.

    Logfile of HijackThis v1.99.1
    Scan saved at 10:29:25, on 11/04/2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\CTsvcCDA.exe
    C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
    C:\WINDOWS\wanmpsvc.exe
    C:\WINDOWS\system32\MsPMSPSv.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\mssearchnet.exe
    C:\WINDOWS\system32\nvctrl.exe
    C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe
    C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\apps\ABoard\ABoard.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\D-Tools\daemon.exe
    C:\apps\ABoard\AOSD.exe
    C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\CursorXP\CursorXP.exe
    C:\APPS\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    C:\Program Files\modem ADSL USB\modem ADSL USB\dslmon.exe
    C:\Program Files\eMule\emule.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.9online.fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    O2 - BHO: Nothing - {7a932ed2-1737-4ab8-b84d-c71779958551} - C:\WINDOWS\system32\hp9858.tmp
    O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4 SDK\system\vcsplay.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [CleanEasyImg] c:\apps\easydvd\cleanall.exe
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
    O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [I downloaded pirated Software from P2P and now I post my Hijack log whining] C:\WINDOWS\system32\Pro Evolution Soccer 5 crack.exe
    O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe
    O4 - HKCU\..\Run: [Actual Transparent Window] C:\Program Files\Actual Transparent Window\ActualTransparentWindowCenter.exe
    O4 - Global Startup: Contrôleur de calendrier Ulead.lnk = C:\APPS\Ulead Systems\Ulead Photo Express 4.0 SE\CalCheck.exe
    O4 - Global Startup: DSLMON.lnk = ?
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe (file missing)
    O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Ebates - {6685509E-B47B-4f47-8E16-9A5F3A62F683} - file://C:\Program Files\Ebates_MoeMoneyMaker\Sy350\Tp350\scri350a.htm (file missing) (HKCU)
    O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
    O16 - DPF: Yahoo! Poker - http://download.games.yahoo.com/games/clients/y/pt3_x.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by21fd.bay21.hotmail.msn.com/resources/MsnPUpld.cab
    O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by21fd.bay21.hotmail.msn.com/activex/HMAtchmt.ocx
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe (file missing)
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe (file missing)
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe (file missing)
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe (file missing)
    O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) - H+H Software GmbH - C:\Program Files\Virtual CD v4 SDK\system\vcssecs.exe
    O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

    Ad-Aware SE Build 1.05
    Logfile Created on:mardi 11 avril 2006 10:30:18
    Created with Ad-Aware SE Personal, free for private use.
    Using definitions file:SE1R102 03.04.2006
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    References detected during the scan:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    MRU List(TAC index:0):24 total references
    Tracking Cookie(TAC index:3):11 total references
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Ad-Aware SE Settings
    ===========================
    Set : Search for negligible risk entries
    Set : Safe mode (always request confirmation)
    Set : Scan active processes
    Set : Scan registry
    Set : Deep-scan registry
    Set : Scan my IE Favorites for banned URLs
    Set : Scan within archives
    Set : Scan my Hosts file

    Extended Ad-Aware SE Settings
    ===========================
    Set : Unload recognized processes & modules during scan
    Set : Scan registry for all users instead of current user only
    Set : Always try to unload modules before deletion
    Set : During removal, unload Explorer and IE if necessary
    Set : Let Windows remove files in use at next reboot
    Set : Delete quarantined objects after restoring
    Set : Include basic Ad-Aware settings in log file
    Set : Include additional Ad-Aware settings in log file
    Set : Include reference summary in log file
    Set : Include alternate data stream details in log file
    Set : Play sound at scan completion if scan locates critical objects

    11-04-2006 10:30:18 - Scan started. (Full System Scan)

    MRU List Object Recognized!
    Location: : C:\Documents and Settings\P. Minereau\recent
    Description : list of recently opened documents

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles
    Description : list of recently used files in adobe reader

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\direct3d\mostrecentapplication
    Description : most recent application to use microsoft direct3d

    MRU List Object Recognized!
    Location: : software\microsoft\direct3d\mostrecentapplication
    Description : most recent application to use microsoft direct3d

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\direct3d\mostrecentapplication
    Description : most recent application to use microsoft direct X

    MRU List Object Recognized!
    Location: : software\microsoft\direct3d\mostrecentapplication
    Description : most recent application to use microsoft direct X

    MRU List Object Recognized!
    Location: : software\microsoft\directdraw\mostrecentapplication
    Description : most recent application to use microsoft directdraw

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\directinput\mostrecentapplication
    Description : most recent application to use microsoft directinput

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\directinput\mostrecentapplication
    Description : most recent application to use microsoft directinput

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\internet explorer
    Description : last download directory used in microsoft internet explorer

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\internet explorer\typedurls
    Description : list of recently entered addresses in microsoft internet explorer

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\mediaplayer\medialibraryui
    Description : last selected node in the microsoft windows media player media library

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\mediaplayer\player\recentfilelist
    Description : list of recently used files in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\mediaplayer\preferences
    Description : last playlist index loaded in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\mediaplayer\preferences
    Description : last playlist loaded in microsoft windows media player

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\microsoft management console\recent file list
    Description : list of recent snap-ins used in the microsoft management console

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\office\11.0\publisher\recent file list
    Description : list of recent files used by microsoft publisher

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\search assistant\acmru
    Description : list of recent search terms used with the search assistant

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
    Description : list of recent programs opened

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
    Description : list of recently saved files, stored according to file extension

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\windows\currentversion\explorer\recentdocs
    Description : list of recent documents opened

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\windows\currentversion\explorer\runmru
    Description : mru list for items opened in start | run

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\microsoft\windows media\wmsdk\general
    Description : windows media sdk

    MRU List Object Recognized!
    Location: : S-1-5-21-594075825-750554805-2532241555-1007\software\winrar\dialogedithistory\extrpath
    Description : winrar "extract-to" history

    Listing running processes
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ProcessID : 648
    ThreadCreationTime : 11-04-2006 06:48:42
    BasePriority : Normal

    #:2 [csrss.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 704
    ThreadCreationTime : 11-04-2006 06:48:44
    BasePriority : Normal

    #:3 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 728
    ThreadCreationTime : 11-04-2006 06:48:45
    BasePriority : High

    #:4 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 772
    ThreadCreationTime : 11-04-2006 06:48:45
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Applications Services et Contrôleur
    InternalName : services.exe
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : services.exe

    #:5 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 784
    ThreadCreationTime : 11-04-2006 06:48:45
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : lsass.exe

    #:6 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 976
    ThreadCreationTime : 11-04-2006 06:48:45
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:7 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1024
    ThreadCreationTime : 11-04-2006 06:48:46
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:8 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1168
    ThreadCreationTime : 11-04-2006 06:48:46
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:9 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1272
    ThreadCreationTime : 11-04-2006 06:48:46
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:10 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 1348
    ThreadCreationTime : 11-04-2006 06:48:46
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:11 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1588
    ThreadCreationTime : 11-04-2006 06:48:47
    BasePriority : Normal
    FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
    ProductVersion : 5.1.2600.2696
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : spoolsv.exe

    #:12 [aswupdsv.exe]
    FilePath : C:\Program Files\Alwil Software\Avast4\
    ProcessID : 1744
    ThreadCreationTime : 11-04-2006 06:48:47
    BasePriority : Normal

    #:13 [ashserv.exe]
    FilePath : C:\Program Files\Alwil Software\Avast4\
    ProcessID : 1772
    ThreadCreationTime : 11-04-2006 06:48:47
    BasePriority : High
    FileVersion : 4, 6, 665, 0
    ProductVersion : 4, 6, 0, 0
    ProductName : avast! Antivirus
    FileDescription : avast! antivirus service
    InternalName : aswServ
    LegalCopyright : Copyright (c) 2005 ALWIL Software
    OriginalFilename : aswServ.exe

    #:14 [ctsvccda.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1800
    ThreadCreationTime : 11-04-2006 06:48:47
    BasePriority : Normal
    FileVersion : 1.0.1.0
    ProductVersion : 1.0.0.0
    ProductName : Creative Service for CDROM Access
    CompanyName : Creative Technology Ltd
    FileDescription : Creative Service for CDROM Access
    InternalName : CTsvcCDAEXE
    LegalCopyright : Copyright (c) Creative Technology Ltd., 1999. All rights reserved.
    OriginalFilename : CTsvcCDA.EXE

    #:15 [sagent2.exe]
    FilePath : C:\Program Files\Fichiers communs\EPSON\EBAPI\
    ProcessID : 1828
    ThreadCreationTime : 11-04-2006 06:48:47
    BasePriority : Normal
    FileVersion : 2, 3, 0, 0
    ProductVersion : 1, 0, 0, 0
    ProductName : EPSON Bidirectional Printer
    CompanyName : SEIKO EPSON CORPORATION
    FileDescription : EPSON Printer Status Agent
    InternalName : SAgent2
    LegalCopyright : Copyright (C) SEIKO EPSON CORP. 2000-2001
    OriginalFilename : SAgent2.exe

    #:16 [mdm.exe]
    FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\
    ProcessID : 1864
    ThreadCreationTime : 11-04-2006 06:48:48
    BasePriority : Normal
    FileVersion : 7.00.9466
    ProductVersion : 7.00.9466
    ProductName : Microsoft® Visual Studio .NET
    CompanyName : Microsoft Corporation
    FileDescription : Machine Debug Manager
    InternalName : mdm.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : mdm.exe

    #:17 [slserv.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1984
    ThreadCreationTime : 11-04-2006 06:48:48
    BasePriority : Normal
    FileVersion : 2.80.00(24Apr2000)
    ProductVersion : 2.80.00
    ProductName : Modem
    FileDescription : User-Level Modem Service
    InternalName : slserv
    LegalCopyright : Copyright © 1999-2000
    OriginalFilename : slserv.exe

    #:18 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 288
    ThreadCreationTime : 11-04-2006 06:48:49
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:19 [wdfmgr.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 596
    ThreadCreationTime : 11-04-2006 06:48:49
    BasePriority : Normal
    FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
    ProductVersion : 5.2.3790.1230
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows User Mode Driver Manager
    InternalName : WdfMgr
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : WdfMgr.exe

    #:20 [vcssecs.exe]
    FilePath : C:\Program Files\Virtual CD v4 SDK\system\
    ProcessID : 620
    ThreadCreationTime : 11-04-2006 06:48:50
    BasePriority : Normal
    FileVersion : 4, 3, 0, 1
    ProductVersion : 4, 3, 0, 0
    ProductName : Virtual CD
    CompanyName : H+H Software GmbH
    FileDescription : Virtual CD v4.3 SDK - Security Service
    InternalName : VCSSecS
    LegalCopyright : Copyright © 2001 by H+H Software GmbH
    OriginalFilename : VCSSecS.exe

    #:21 [wanmpsvc.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 148
    ThreadCreationTime : 11-04-2006 06:48:50
    BasePriority : Normal
    FileVersion : 7, 0, 0, 2
    ProductVersion : 7, 0, 0, 2
    ProductName : America Online
    CompanyName : America Online, Inc.
    FileDescription : Wan Miniport (ATW) Service
    InternalName : WanMPSvc
    LegalCopyright : Copyright © 2001 America Online, Inc.
    OriginalFilename : WanMPSvc.exe

    #:22 [mspmspsv.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 696
    ThreadCreationTime : 11-04-2006 06:48:50
    BasePriority : Normal
    FileVersion : 7.00.00.1954
    ProductVersion : 7.00.00.1954
    ProductName : Microsoft (R) DRM
    CompanyName : Microsoft Corporation
    FileDescription : WMDM PMSP Service
    InternalName : MSPMSPSV.EXE
    LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
    OriginalFilename : MSPMSPSV.EXE

    #:23 [ashmaisv.exe]
    FilePath : C:\Program Files\Alwil Software\Avast4\
    ProcessID : 228
    ThreadCreationTime : 11-04-2006 06:48:54
    BasePriority : Normal

    #:24 [ashwebsv.exe]
    FilePath : C:\Program Files\Alwil Software\Avast4\
    ProcessID : 532
    ThreadCreationTime : 11-04-2006 06:48:54
    BasePriority : Normal

    #:25 [alg.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 432
    ThreadCreationTime : 11-04-2006 06:48:54
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Application Layer Gateway Service
    InternalName : ALG.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : ALG.exe

    #:26 [wscntfy.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 2116
    ThreadCreationTime : 11-04-2006 06:48:55
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Windows Security Center Notification App
    InternalName : wscntfy.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : wscntfy.exe

    #:27 [explorer.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 2200
    ThreadCreationTime : 11-04-2006 06:48:56
    BasePriority : Normal
    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 6.00.2900.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Explorateur Windows
    InternalName : explorer
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : EXPLORER.EXE

    #:28 [mssearchnet.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 2372
    ThreadCreationTime : 11-04-2006 06:48:58
    BasePriority : Normal

    #:29 [nvctrl.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 2424
    ThreadCreationTime : 11-04-2006 06:48:58
    BasePriority : Normal

    #:30 [vcsplay.exe]
    FilePath : C:\Program Files\Virtual CD v4 SDK\system\
    ProcessID : 2468
    ThreadCreationTime : 11-04-2006 06:48:58
    BasePriority : Normal
    FileVersion : 4, 5, 0, 6
    ProductVersion : 4, 3, 0, 0
    ProductName : Virtual CD v4
    CompanyName : H+H Software GmbH
    FileDescription : Virtual CD v4.3 SDK - Player
    InternalName : VCSPlay
    LegalCopyright : Copyright (C) 2001-2002 by H+H Software GmbH
    OriginalFilename : VCSPlay.EXE

    #:31 [realsched.exe]
    FilePath : C:\Program Files\Fichiers communs\Real\Update_OB\
    ProcessID : 2476
    ThreadCreationTime : 11-04-2006 06:48:58
    BasePriority : Normal
    FileVersion : 0.1.0.1622
    ProductVersion : 0.1.0.1622
    ProductName : RealOne Player (32-bit)
    CompanyName : RealNetworks, Inc.
    FileDescription : RealNetworks Scheduler
    InternalName : schedapp
    LegalCopyright : Copyright © RealNetworks, Inc. 1995-2002
    LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
    OriginalFilename : realsched.exe

    #:32 [soundman.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 2484
    ThreadCreationTime : 11-04-2006 06:48:59
    BasePriority : Normal
    FileVersion : 5.1.09
    ProductVersion : 5.1.09
    ProductName : Realtek Sound Manager
    CompanyName : Realtek Semiconductor Corp.
    FileDescription : Realtek Sound Manager
    InternalName : ALSMTray
    LegalCopyright : Copyright (c) 2001-2003 Realtek Semiconductor Corp.
    OriginalFilename : ALSMTray.exe
    Comments : Realtek AC97 Audio Sound Manager

    #:33 [atiptaxx.exe]
    FilePath : C:\ATI Technologies\ATI Control Panel\
    ProcessID : 2528
    ThreadCreationTime : 11-04-2006 06:48:59
    BasePriority : Normal
    FileVersion : 6.14.10.5046
    ProductVersion : 6.14.10.5046
    ProductName : ATI Desktop Component
    CompanyName : ATI Technologies, Inc.
    FileDescription : ATI Desktop Control Panel
    InternalName : Atiptaxx.exe
    LegalCopyright : Copyright (C) 1998-2002 ATI Technologies Inc.
    OriginalFilename : Atiptaxx.exe

    #:34 [aboard.exe]
    FilePath : C:\apps\ABoard\
    ProcessID : 2544
    ThreadCreationTime : 11-04-2006 06:48:59
    BasePriority : Normal
    FileVersion : 1, 2, 0, 0
    ProductVersion : 1, 2, 0, 0
    ProductName : Activboard Application
    CompanyName : NEC Computers International
    FileDescription : Activboard Application
    InternalName : Activboard
    LegalCopyright : Copyright (C) 2003
    OriginalFilename : ABoard.exe

    #:35 [qttask.exe]
    FilePath : C:\Program Files\QuickTime\
    ProcessID : 2552
    ThreadCreationTime : 11-04-2006 06:48:59
    BasePriority : Normal
    FileVersion : 6.0.2
    ProductVersion : QuickTime 6.0.2
    ProductName : QuickTime
    CompanyName : Apple Computer, Inc.
    InternalName : QuickTime Task
    LegalCopyright : © Apple Computer, Inc. 2001-2002
    OriginalFilename : QTTask.exe

    #:36 [winampa.exe]
    FilePath : C:\Program Files\Winamp\
    ProcessID : 2560
    ThreadCreationTime : 11-04-2006 06:48:59
    BasePriority : Normal

    #:37 [daemon.exe]
    FilePath : C:\Program Files\D-Tools\
    ProcessID : 2568
    ThreadCreationTime : 11-04-2006 06:48:59
    BasePriority : Normal

    #:38 [aosd.exe]
    FilePath : C:\apps\ABoard\
    ProcessID : 2576
    ThreadCreationTime : 11-04-2006 06:48:59
    BasePriority : ?
    FileVersion : 1, 2, 0, 0
    ProductVersion : 1, 2, 0, 0
    ProductName : ActivOSD Application
    CompanyName : NEC Computers International
    FileDescription : ActivOSD Application
    InternalName : ActivOSD
    LegalCopyright : Copyright (C) 2003
    OriginalFilename : ActivOSD.exe

    #:39 [ctsysvol.exe]
    FilePath : C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\
    ProcessID : 2588
    ThreadCreationTime : 11-04-2006 06:48:59
    BasePriority : Normal
    FileVersion : 1.4.1.0
    ProductVersion : 1.0.0.0
    ProductName : Creative Volume Control
    CompanyName : Creative Technology Ltd
    FileDescription : CTSysVol.exe
    LegalCopyright : Copyright (c) Creative Technology Ltd., 2002-2003. All rights reserved.
    OriginalFilename : CTSysVol.exe

    #:40 [pdvdserv.exe]
    FilePath : C:\Program Files\CyberLink\PowerDVD\
    ProcessID : 2604
    ThreadCreationTime : 11-04-2006 06:48:59
    BasePriority : Normal
    FileVersion : 6.00.1027
    ProductVersion : 6.00.1027
    ProductName : PowerDVD
    CompanyName : Cyberlink Corp.
    FileDescription : PowerDVD RC Service
    InternalName : PowerDVD RC Service
    LegalCopyright : Copyright (c) CyberLink Corp. 1997-2004
    OriginalFilename : PDVDSERV.EXE

    #:41 [ashdisp.exe]
    FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
    ProcessID : 2612
    ThreadCreationTime : 11-04-2006 06:49:00
    BasePriority : Normal
    FileVersion : 4, 6, 665, 0
    ProductVersion : 4, 6, 0, 0
    ProductName : avast! Antivirus
    FileDescription : avast! service GUI component
    InternalName : aswDisp
    LegalCopyright : Copyright (c) 2005 ALWIL Software
    OriginalFilename : aswDisp.exe

    #:42 [msnmsgr.exe]
    FilePath : C:\Program Files\MSN Messenger\
    ProcessID : 2632
    ThreadCreationTime : 11-04-2006 06:49:00
    BasePriority : Normal
    FileVersion : 7.5.0299
    ProductVersion : 7.5.0299
    ProductName : MSN Messenger
    CompanyName : Microsoft Corporation
    FileDescription : MSN Messenger
    InternalName : msnmsgr
    LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
    LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
    OriginalFilename : msnmsgr.exe

    #:43 [ctfmon.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 2680
    ThreadCreationTime : 11-04-2006 06:49:00
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : CTF Loader
    InternalName : CTFMON
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : CTFMON.EXE

    #:44 [cursorxp.exe]
    FilePath : C:\Program Files\CursorXP\
    ProcessID : 2716
    ThreadCreationTime : 11-04-2006 06:49:00
    BasePriority : High

    #:45 [calcheck.exe]
    FilePath : C:\APPS\Ulead Systems\Ulead Photo Express 4.0 SE\
    ProcessID : 2752
    ThreadCreationTime : 11-04-2006 06:49:01
    BasePriority : Normal
    FileVersion : 4, 0, 0, 0
    ProductVersion : 4, 0, 0, 0
    ProductName : Calendar Checker Application
    CompanyName : Ulead Systems, Inc.
    FileDescription : Photo Express -- Calendar Checker
    InternalName : CalCheck
    LegalCopyright : Copyright (C) 1992-1999.Ulead Systems, Inc.
    LegalTrademarks : Ulead Systems, MediaStudio, PhotoImpact and Photo Express are registered trademarks of Ulead Systems, Inc.
    OriginalFilename : CalCheck.EXE

    #:46 [dslmon.exe]
    FilePath : C:\Program Files\modem ADSL USB\modem ADSL USB\
    ProcessID : 2792
    ThreadCreationTime : 11-04-2006 06:49:02
    BasePriority : Normal
    FileVersion : 1, 0, 0, 1
    ProductVersion : 1, 0, 0, 1
    ProductName : DSLMON Application
    FileDescription : ADIMON MFC Application
    InternalName : DSLMON
    LegalCopyright : Copyright (C) 2000
    OriginalFilename : ADIMON.EXE

    #:47 [emule.exe]
    FilePath : C:\Program Files\eMule\
    ProcessID : 2152
    ThreadCreationTime : 11-04-2006 08:21:01
    BasePriority : Normal
    FileVersion : 0.44.3 Unicode
    ProductVersion : 0.44.3 Unicode
    ProductName : eMule
    CompanyName : https://www.emule-project.net/home/perl/general.cgi?l=1
    FileDescription : eMule
    InternalName : emule.exe
    LegalCopyright : Copyright © 2002-2004 Merkur - read license.txt for more infos
    OriginalFilename : emule.exe

    #:48 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ProcessID : 316
    ThreadCreationTime : 11-04-2006 08:24:31
    BasePriority : Normal
    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 6.00.2900.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : IEXPLORE.EXE

    #:49 [iexplore.exe]
    FilePath : C:\Program Files\Internet Explorer\
    ProcessID : 3764
    ThreadCreationTime : 11-04-2006 08:25:30
    BasePriority : Normal
    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 6.00.2900.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Internet Explorer
    InternalName : iexplore
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : IEXPLORE.EXE

    #:50 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
    ProcessID : 3276
    ThreadCreationTime : 11-04-2006 08:30:10
    BasePriority : Normal
    FileVersion : 6.2.0.206
    ProductVersion : VI.Second Edition
    ProductName : Lavasoft Ad-Aware SE
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-Aware SE Core application
    InternalName : Ad-Aware.exe
    LegalCopyright : Copyright © Lavasoft Sweden
    OriginalFilename : Ad-Aware.exe
    Comments : All Rights Reserved

    Memory scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 24

    Started registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Registry Scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 24

    Started deep registry scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Deep registry scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 24

    Started Tracking Cookie scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : p. minereau@adtech[2].txt
    Category : Data Miner
    Comment : Hits:2
    Value : Cookie:p. minereau@adtech.de/
    Expires : 07-04-2016 16:39:02
    LastSync : Hits:2
    UseCount : 0
    Hits : 2

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : p. minereau@www.cibleclick[1].txt
    Category : Data Miner
    Comment : Hits:1
    Value : Cookie:p. minereau@www.cibleclick.com/
    Expires : 10-05-2006 16:22:48
    LastSync : Hits:1
    UseCount : 0
    Hits : 1

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : p. minereau@as1.falkag[2].txt
    Category : Data Miner
    Comment : Hits:11
    Value : Cookie:p. minereau@as1.falkag.de/
    Expires : 10-06-2006 08:52:10
    LastSync : Hits:11
    UseCount : 0
    Hits : 11

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : p. minereau@www.smartadserver[1].txt
    Category : Data Miner
    Comment : Hits:15
    Value : Cookie:p. minereau@www.smartadserver.com/
    Expires : 06-04-2026 09:33:52
    LastSync : Hits:15
    UseCount : 0
    Hits : 15

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : p. minereau@estat[1].txt
    Category : Data Miner
    Comment : Hits:4
    Value : Cookie:p. minereau@estat.com/
    Expires : 07-04-2016 16:05:06
    LastSync : Hits:4
    UseCount : 0
    Hits : 4

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : p. minereau@serving-sys[2].txt
    Category : Data Miner
    Comment : Hits:41
    Value : Cookie:p. minereau@serving-sys.com/
    Expires : 01-01-2038
    LastSync : Hits:41
    UseCount : 0
    Hits : 41

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : p. minereau@fl01.ct2.comclick[1].txt
    Category : Data Miner
    Comment : Hits:52
    Value : Cookie:p. minereau@fl01.ct2.comclick.com/
    Expires : 10-01-2029 02:00:00
    LastSync : Hits:52
    UseCount : 0
    Hits : 52

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : p. minereau@bs.serving-sys[1].txt
    Category : Data Miner
    Comment : Hits:2
    Value : Cookie:p. minereau@bs.serving-sys.com/
    Expires : 01-01-2038
    LastSync : Hits:2
    UseCount : 0
    Hits : 2

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : p. minereau@weborama[2].txt
    Category : Data Miner
    Comment : Hits:6
    Value : Cookie:p. minereau@weborama.fr/
    Expires : 09-04-2011 16:22:50
    LastSync : Hits:6
    UseCount : 0
    Hits : 6

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : p. minereau@bluestreak[2].txt
    Category : Data Miner
    Comment : Hits:26
    Value : Cookie:p. minereau@bluestreak.com/
    Expires : 08-04-2016 06:24:30
    LastSync : Hits:26
    UseCount : 0
    Hits : 26

    Tracking Cookie Object Recognized!
    Type : IECache Entry
    Data : p. minereau@247realmedia[2].txt
    Category : Data Miner
    Comment : Hits:6
    Value : Cookie:p. minereau@247realmedia.com/
    Expires : 01-01-2021 02:00:00
    LastSync : Hits:6
    UseCount : 0
    Hits : 6

    Tracking cookie scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 11
    Objects found so far: 35

    Deep scanning and examining files (C:)
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Disk Scan Result for C:\
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 35

    Scanning Hosts file......
    Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Hosts file scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    1 entries scanned.
    New critical objects:0
    Objects found so far: 35

    Performing conditional scans...
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Conditional scan result:
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    New critical objects: 0
    Objects found so far: 35

    10:42:22 Scan Complete

    Summary Of This Scan
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Total scanning time:00:12:04.15
    Objects scanned:156625
    Objects identified:11
    Objects ignored:0
    New critical objects:11

    merci
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. aranjuez31 Messages postés 8161 Date d'inscription   Statut Contributeur 354
     
    hello
    as-tu scanné avec ewido ?
    as-tu fait scan online de bit defender ?
    ====
    ne conserve pas sauvegarde de ad-aware
    clic sur cadenas et supprime tout
    ========
    ordi tjrs infecté
    ==========
    fais ceci

    1/ - Télécharger ceci (merci a S!RI pour ce petit programme) :
    http://siri.urz.free.fr/Fix/SmitfraudFix.zip
    L'exécuter, puis double-cliquer sur Smitfraudfix.cmd
    Choisir l’option 1, il va générer un rapport
    Copier-coller ce dernier dans un message sur le forum.
    En image :
    http://siri.urz.free.fr/Fix/SmitfraudFix.php
    -------
    2/ Démarre en mode sans échec :
    Pour cela, tu tapotes la touche F8 dès le début de l’allumage du PC sans t’arrêter
    Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
    Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
    (Si F8 ne marche pas utilise la touche F5).
    -----
    Relance le programme Smitfraud,
    Cette fois choisit l’option 2, répond oui a tous ;
    Sauvegarde le rapport, redémarre en mode normal, copie-colle le rapport sauvegardé sur le forum.

    0