Virus CiD: rapport hijackthis

Résolu
elodie -  
 cordlesstuba -
même problème que pas mal de monde apparemment.
Quelqu'un peut il m'aider?
Merci d'avance.
voilà mon rapport Hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 11:47:52, on 12/04/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\jre1.5.0_11\bin\jucheck.exe
C:\WINDOWS\System32\cmd.exe
C:\WINDOWS\System32\cmd.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Elodie\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\System32\BhoECart.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - J:\audrey\BitDownload\TorrentManager.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPSON Stylus CX3200 (Copie 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P29 "EPSON Stylus CX3200 (Copie 1)" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCMService] "D:\Program Files\CyberLink\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [EPSON Stylus CX3200] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P19 "EPSON Stylus CX3200" /O6 "USB001" /M "Stylus CX3200"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [TransStartBrowseThe] C:\Documents and Settings\All Users\Application Data\drv data trans start\Part name.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://D:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photoservice.photos.orange.fr/migrationorange/index.cfm
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {C45B1500-7B63-47C2-AB25-C28CB46AFDEE} (MediaBar) - http://sib1.od2.com/common/musicmanager/installation/MusicManagerPlugin.CAB
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Fichiers communs\EPSON\EBAPI\eEBSVC.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Fichiers communs\EPSON\EBAPI\SAgent2.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
A voir également:

9 réponses

Réponse 1 / 9
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Ok !

voir ici :

securite proteger un ordinateur contre les malwares d internet

++
1
billie joe
 
Bonjour,
je pourrai déposé mon rapport ici svp?
0
Réponse 2 / 9
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Salut

voir ici :

comment bloquer les fenetres cid

++
0
elodie
 
déjà vu mais j'ai pas CiD Help dans "ajouter ou supprimer des prigrammes"
0
elodie > elodie
 
programmes (pardon)
0
Réponse 3 / 9
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
ok,

Fais un clic droit sur lopxp.bat < enregistrer la cible sous
choisis l'option 1 et poste le rapport stp

http://cjoint.com/data/emouh8C0S0.htm

++

La sagesse, c'est d'avoir des rêves suffisamment grands pour ne pas les
perdre de vue lorsqu'on les poursuit. (Oscar Wilde)
0
elodie
 
ça me met "le chemin d'accès spécifié est introuvable"
0
elodie
 
finalement ça a marché. Je sais pas trop comment mais toujours est il que j'ai plus de pub CiD.
merci beaucoup !
0
Réponse 4 / 9
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Salut

Oui, poste le.

++
0
billie joe
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56:27, on 21/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe
C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe
C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\P4P\P4P.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Samsung\EmoDio\SMSTray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Damien\Program Files\DNA\btdna.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Samsung\EmoDio\SMSMain.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\ArbeKillPub\ArbeKillPub.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Users\Damien\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [comp view eggs idol] "C:\ProgramData\setup web meal.cje8baw"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Damien\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [web bore] "C:\ProgramData\4 BYTE BYTE.xat29b"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra 'Tools' menuitem: ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\Windows\system32\pr2ah4nc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
0
billie joe
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:56:27, on 21/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe
C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe
C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\P4P\P4P.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Samsung\EmoDio\SMSTray.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Damien\Program Files\DNA\btdna.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Samsung\EmoDio\SMSMain.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\ArbeKillPub\ArbeKillPub.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Users\Damien\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://actus.sfr.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://actus.sfr.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = https://actus.sfr.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [comp view eggs idol] "C:\ProgramData\setup web meal.cje8baw"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Damien\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [web bore] "C:\ProgramData\4 BYTE BYTE.xat29b"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra 'Tools' menuitem: ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\Windows\system32\pr2ah4nc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Tu es très rapide ! :)

peux tu en poster un datant d'aujourd'hui stp

++
0
Réponse 6 / 9
billie joe
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:15:23, on 24/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\AsGHost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe
C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe
C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe
C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
C:\Windows\System32\rundll32.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\ASUS\ATK Media\DMedia.exe
C:\Program Files\P4P\P4P.exe
C:\Windows\AsScrPro.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
C:\Program Files\Samsung\EmoDio\SMSTray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Users\Damien\Program Files\DNA\btdna.exe
C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Damien\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 9\SnagItBHO.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: ASUS Security Protect Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ItIEAddIn.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 9\SnagItIEAddin.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [CLMLServer] "C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\Kernel\CLML\CLMLSvc.exe"
O4 - HKLM\..\Run: [P2Go_Menu] "C:\Program Files\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [PCMAgent] "C:\Program Files\ASUS\AI TouchMedia\AI TouchMedia\PCMAgent.exe"
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\ASUS\AI TouchMedia\PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [HControlUser] C:\Program Files\ASUS\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files\ASUS\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~1\ASUSSE~1\ASUSSE~1\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [PowerForPhone] "C:\Program Files\P4P\P4P.exe"
O4 - HKLM\..\Run: [ASUS Screen Saver Protector] C:\Windows\AsScrPro.exe
O4 - HKLM\..\Run: [ASUS Camera ScreenSaver] C:\Windows\AsScrProlog.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SMSTray] C:\Program Files\Samsung\EmoDio\SMSTray.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [comp view eggs idol] "C:\ProgramData\setup web meal.cje8baw"
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\Damien\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [web bore] "C:\ProgramData\4 BYTE BYTE.xat29b"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: ASUS Security Protect Manager e-Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra 'Tools' menuitem: ASUS Security Protect Manager e-&Wallet - {1009C944-97D5-44A9-9E32-DFF54F498968} - C:\Program Files\ASUS Security Center\ASUS Security Protect Manager\Bin\ASWallet.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASLDR Service (ASLDRService) - Unknown owner - C:\Program Files\ASUS\ATK Hotkey\ASLDRSrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - Unknown owner - C:\Program Files\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\Windows\system32\pr2ah4nc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: spmgr - Unknown owner - C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe
0
Réponse 7 / 9
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
* Télécharger Lop S&D d'Eric71 sur le bureau : https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2
* Double-cliquer sur le raccourci Lop S&D ainsi crée pour lancer l'installation. (Clic droit > Exécuter en tant qu'administrateur pour Vista)
* Séléctionner la langue souhaitée, puis choisir l'option 1 (Recherche).
* Une fois le scan terminé, enregistrez le rapport généré qui se situera par défaut sous la racine du disque : C:\lopR.txt.


==> poste le stp.

++
0
Réponse 8 / 9
billie joe
 
--------------------\\ Lop S&D 4.2.5-0 XP/Vista

Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU P7350 @ 2.00GHz )
BIOS : Default System BIOS
USER : Damien ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total:116 Go (Free:22 Go)
D:\ (Local Disk) - NTFS - Total:106 Go (Free:99 Go)
E:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 19-12-2008|23:40 )
Option : [1] ( 24/02/2009|12:29 )

[ UAC => 1 ]

--------------------\\ Listing des dossiers dans Local

[24/12/2008|14:57] C:\Users\Damien\AppData\Local\Adobe
[19/12/2008|21:16] C:\Users\Damien\AppData\Local\Apple
[19/12/2008|21:18] C:\Users\Damien\AppData\Local\Apple Computer
[19/12/2008|17:10] C:\Users\Damien\AppData\Local\Application Data
[20/12/2008|23:03] C:\Users\Damien\AppData\Local\Apps
[19/12/2008|22:22] C:\Users\Damien\AppData\Local\ASUS
[20/12/2008|00:36] C:\Users\Damien\AppData\Local\Codemasters
[01/01/2009|21:52] C:\Users\Damien\AppData\Local\d3d9caps.dat
[21/02/2009|19:19] C:\Users\Damien\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[01/02/2009|18:25] C:\Users\Damien\AppData\Local\DNA
[20/12/2008|00:33] C:\Users\Damien\AppData\Local\GDIPFONTCACHEV1.DAT
[19/12/2008|21:00] C:\Users\Damien\AppData\Local\Google
[19/12/2008|17:10] C:\Users\Damien\AppData\Local\Historique
[24/02/2009|03:14] C:\Users\Damien\AppData\Local\IconCache.db
[23/12/2008|19:31] C:\Users\Damien\AppData\Local\Microsoft
[29/12/2008|21:48] C:\Users\Damien\AppData\Local\Microsoft Games
[19/12/2008|19:32] C:\Users\Damien\AppData\Local\Mozilla
[27/12/2008|23:25] C:\Users\Damien\AppData\Local\PlayMovie
[27/12/2008|23:24] C:\Users\Damien\AppData\Local\PowerCinema
[18/02/2009|14:05] C:\Users\Damien\AppData\Local\TechSmith
[24/02/2009|12:25] C:\Users\Damien\AppData\Local\Temp
[19/12/2008|17:10] C:\Users\Damien\AppData\Local\Temporary Internet Files
[19/12/2008|19:45] C:\Users\Damien\AppData\Local\VirtualStore

--------------------\\ Tâches planifiées dans C:\Windows\tasks

[23/02/2009 12:35][--ah-----] C:\Windows\tasks\User_Feed_Synchronization-{4C3DDD33-3F48-46AE-8AAA-8A314C10CFEC}.job
[24/02/2009 11:53][--ah-----] C:\Windows\tasks\SA.DAT
[24/02/2009 03:15][--a------] C:\Windows\tasks\SCHEDLGU.TXT

--------------------\\ Listing des dossiers dans C:\ProgramData

[19/12/2008|21:17] C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
[20/11/2008|22:53] C:\ProgramData\{623D32E9-0C62-4453-AD44-98B31F52A5E1}
[19/12/2008|22:12] C:\ProgramData\4 BYTE BYTE.betpw
[19/12/2008|22:12] C:\ProgramData\4 BYTE BYTE.mbwo0
[18/02/2009|12:35] C:\ProgramData\4 BYTE BYTE.ug3yt1
[26/12/2008|14:12] C:\ProgramData\4 BYTE BYTE.veguf
[18/02/2009|12:35] C:\ProgramData\4 BYTE BYTE.xat29b
[30/01/2009|19:37] C:\ProgramData\Adobe
[19/12/2008|21:15] C:\ProgramData\Apple
[19/12/2008|21:17] C:\ProgramData\Apple Computer
[02/11/2006|14:02] C:\ProgramData\Application Data
[19/12/2008|22:22] C:\ProgramData\ASUS
[21/11/2008|00:37] C:\ProgramData\Atheros
[28/12/2008|00:14] C:\ProgramData\AVS4YOU
[04/01/2009|19:47] C:\ProgramData\CanonBJ
[19/02/2009|19:42] C:\ProgramData\Codemasters
[17/02/2009|18:18] C:\ProgramData\CyberLink
[02/11/2006|14:02] C:\ProgramData\Desktop
[02/11/2006|14:02] C:\ProgramData\Documents
[02/11/2006|14:02] C:\ProgramData\Favorites
[18/02/2009|12:35] C:\ProgramData\FlawDead
[20/11/2008|23:56] C:\ProgramData\Google
[26/12/2008|14:12] C:\ProgramData\gpl bin that.fi6oy
[19/12/2008|22:58] C:\ProgramData\Installations
[18/02/2009|12:35] C:\ProgramData\loud bike comp view
[21/12/2008|22:36] C:\ProgramData\Microsoft
[14/02/2009|02:30] C:\ProgramData\Microsoft Help
[21/11/2008|00:56] C:\ProgramData\NVIDIA
[24/02/2009|11:54] C:\ProgramData\nvModes.001
[23/02/2009|22:33] C:\ProgramData\nvModes.dat
[21/11/2008|00:47] C:\ProgramData\P4G
[19/12/2008|23:53] C:\ProgramData\PC Suite
[18/02/2009|12:35] C:\ProgramData\setup web meal.cje8baw
[02/11/2006|14:02] C:\ProgramData\Start Menu
[19/12/2008|20:52] C:\ProgramData\Symantec
[18/02/2009|14:05] C:\ProgramData\TechSmith
[24/02/2009|11:54] C:\ProgramData\Temp
[02/11/2006|14:02] C:\ProgramData\Templates
[17/02/2009|23:26] C:\ProgramData\TrackMania
[17/02/2009|14:25] C:\ProgramData\WinZip
[22/12/2008|20:38] C:\ProgramData\WLInstaller

--------------------\\ Listing des dossiers dans C:\Program Files

[28/12/2008|00:43] C:\Program Files\123 DVD Converter
[20/11/2008|22:53] C:\Program Files\Activation Assistant for the 2007 Microsoft Office suites
[28/12/2008|19:49] C:\Program Files\Activision
[30/01/2009|19:37] C:\Program Files\Adobe
[19/12/2008|21:59] C:\Program Files\Alwil Software
[19/12/2008|21:16] C:\Program Files\Apple Software Update
[20/12/2008|15:10] C:\Program Files\ArbeKillPub
[23/12/2008|01:23] C:\Program Files\ASUS
[21/11/2008|00:44] C:\Program Files\ASUS Security Center
[21/11/2008|00:38] C:\Program Files\Atheros
[21/11/2008|00:25] C:\Program Files\ATKGFNEX
[28/12/2008|00:30] C:\Program Files\AVS4YOU
[27/12/2008|23:36] C:\Program Files\bitRipper
[01/02/2009|18:25] C:\Program Files\BitTorrent
[19/12/2008|21:17] C:\Program Files\Bonjour
[18/02/2009|12:52] C:\Program Files\CamStudio
[04/01/2009|20:04] C:\Program Files\Canon
[04/01/2009|19:46] C:\Program Files\CanonBJ
[21/11/2008|00:46] C:\Program Files\ChkMail
[21/11/2008|00:37] C:\Program Files\Cisco
[17/02/2009|17:39] C:\Program Files\Codemasters
[04/01/2009|19:50] C:\Program Files\Common Files
[20/11/2008|23:01] C:\Program Files\CyberLink
[19/12/2008|23:01] C:\Program Files\DIFX
[01/02/2009|18:25] C:\Program Files\DNA
[21/11/2008|00:37] C:\Program Files\Dolby
[21/11/2008|00:43] C:\Program Files\Fingerprint Sensor
[19/02/2009|16:36] C:\Program Files\GIMP-2.0
[20/11/2008|23:56] C:\Program Files\Google
[28/12/2008|22:18] C:\Program Files\Guitar Pro 5
[28/12/2008|20:06] C:\Program Files\InstallShield Installation Information
[21/11/2008|00:16] C:\Program Files\Intel
[19/12/2008|21:17] C:\Program Files\Internet Explorer
[19/12/2008|21:17] C:\Program Files\iPod
[19/12/2008|21:17] C:\Program Files\iTunes
[25/12/2008|21:05] C:\Program Files\Java
[19/12/2008|22:00] C:\Program Files\MarkAny
[22/12/2008|22:35] C:\Program Files\Microsoft
[02/11/2006|13:37] C:\Program Files\Microsoft Games
[20/11/2008|22:51] C:\Program Files\Microsoft Office
[22/12/2008|22:36] C:\Program Files\Microsoft Silverlight
[22/12/2008|22:37] C:\Program Files\Microsoft SQL Server Compact Edition
[20/11/2008|22:51] C:\Program Files\Microsoft Visual Studio
[20/11/2008|22:51] C:\Program Files\Microsoft Works
[20/11/2008|22:51] C:\Program Files\Microsoft.NET
[16/04/2008|12:26] C:\Program Files\Movie Maker
[07/02/2009|14:29] C:\Program Files\Mozilla Firefox
[02/11/2006|13:37] C:\Program Files\MSBuild
[20/12/2008|20:00] C:\Program Files\MSXML 4.0
[10/01/2009|14:47] C:\Program Files\Neuf
[19/12/2008|23:02] C:\Program Files\Nokia
[19/12/2008|20:52] C:\Program Files\Norton Internet Security
[19/02/2009|19:41] C:\Program Files\OpenAL
[21/11/2008|00:47] C:\Program Files\P4G
[21/11/2008|00:48] C:\Program Files\P4P
[19/12/2008|23:00] C:\Program Files\PC Connectivity Solution
[20/11/2008|23:47] C:\Program Files\Picasa2
[19/12/2008|21:17] C:\Program Files\QuickTime
[21/11/2008|00:35] C:\Program Files\Realtek
[02/11/2006|13:37] C:\Program Files\Reference Assemblies
[14/02/2009|00:50] C:\Program Files\Samsung
[28/12/2008|00:36] C:\Program Files\Smallvideosoft
[21/11/2008|00:51] C:\Program Files\Synaptics
[18/02/2009|14:05] C:\Program Files\TechSmith
[20/12/2008|14:19] C:\Program Files\TmUnitedForever
[02/11/2006|14:01] C:\Program Files\Uninstall Information
[23/12/2008|22:44] C:\Program Files\VideoLAN
[16/04/2008|12:26] C:\Program Files\Windows Calendar
[16/04/2008|12:26] C:\Program Files\Windows Collaboration
[16/04/2008|12:26] C:\Program Files\Windows Defender
[16/04/2008|12:26] C:\Program Files\Windows Journal
[18/02/2009|22:37] C:\Program Files\Windows Live
[22/12/2008|22:35] C:\Program Files\Windows Live SkyDrive
[14/02/2009|02:30] C:\Program Files\Windows Mail
[16/04/2008|12:26] C:\Program Files\Windows Media Player
[02/11/2006|13:37] C:\Program Files\Windows NT
[16/04/2008|12:26] C:\Program Files\Windows Photo Gallery
[16/04/2008|12:26] C:\Program Files\Windows Sidebar
[17/02/2009|14:24] C:\Program Files\WinZip
[21/11/2008|00:39] C:\Program Files\Wireless Console 2
[28/12/2008|00:30] C:\Program Files\Xvid

--------------------\\ Listing des dossiers dans C:\Program Files\Common Files

[30/01/2009|19:37] C:\Program Files\Common Files\Adobe
[19/12/2008|21:17] C:\Program Files\Common Files\Apple
[28/12/2008|00:30] C:\Program Files\Common Files\AVSMedia
[04/01/2009|19:50] C:\Program Files\Common Files\CANON
[20/11/2008|22:51] C:\Program Files\Common Files\DESIGNER
[21/11/2008|00:34] C:\Program Files\Common Files\InstallShield
[20/11/2008|22:59] C:\Program Files\Common Files\LightScribe
[18/02/2009|22:37] C:\Program Files\Common Files\microsoft shared
[19/12/2008|23:02] C:\Program Files\Common Files\Nokia
[19/12/2008|23:02] C:\Program Files\Common Files\PCSuite
[02/11/2006|12:18] C:\Program Files\Common Files\Services
[02/11/2006|12:18] C:\Program Files\Common Files\SpeechEngines
[19/12/2008|20:52] C:\Program Files\Common Files\Symantec Shared
[20/11/2008|22:47] C:\Program Files\Common Files\System
[22/12/2008|22:27] C:\Program Files\Common Files\Windows Live
[19/12/2008|19:43] C:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 107 Processes )

iexplore.exe ~ [PID:4560]
iexplore.exe ~ [PID:4584]
iexplore.exe ~ [PID:4340]

--------------------\\ Recherche avec S_Lop

C:\ProgramData\4 BYTE BYTE.betpw
C:\ProgramData\4 BYTE BYTE.mbwo0
C:\ProgramData\4 BYTE BYTE.veguf
C:\ProgramData\gpl bin that.fi6oy
C:\ProgramData\4 BYTE BYTE.ug3yt1
C:\ProgramData\4 BYTE BYTE.xat29b
C:\ProgramData\setup web meal.cje8baw
C:\Users\Damien\AppData\Local\Temp\bis603A.exe

--------------------\\ Recherche de Fichiers / Dossiers Lop

C:\Users\Damien\AppData\Local\Temp\nsj7B7D.tmp
C:\Users\Damien\AppData\Local\Temp\sta4D73.exe
C:\Users\Damien\AppData\Local\Temp\staEBC4.exe
C:\Users\Damien\AppData\Roaming\MICROS~1\Windows\Cookies\damien@32vegas[1].txt
C:\Users\Damien\AppData\Roaming\MICROS~1\Windows\Cookies\damien@banner.32vegas[2].txt

--------------------\\ Verification du Registre

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"web bore"="\"C:\\ProgramData\\4 BYTE BYTE.xat29b\""
"comp view eggs idol"="\"C:\\ProgramData\\setup web meal.cje8baw\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE


--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-24 12:30:08
Windows 6.0.6001 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 53

--------------------\\ Recherche d'autres infections

--------------------\\ Cracks & Keygens ..

C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\0x040c.ini
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\CRACK + SERIAL
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\FirewallInstallHelper.dll
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\ISSetup.dll
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\PB.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\Setup.ini
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\splash.bmp
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\_0186A73494F1AB97B0D4F979D873E17A
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\_5C2ADCE0E1A711CAA80532E7B765859B
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\_903BAEE2A58182CEB081A6C9AC63072B
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\_A5532775603B7EC7E37C456F7A47E273
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\_F1453A1AC83A1D5BFCC10E169950DA8B
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\CRACK + SERIAL\Serial Call Of Duty 4.txt
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\Apr2005_d3dx9_25_x64.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\Apr2005_d3dx9_25_x86.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\Apr2006_d3dx9_30_x64.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\Apr2006_d3dx9_30_x86.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\Apr2006_MDX1_x86.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\Apr2006_MDX1_x86_Archive.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\Apr2006_XACT_x64.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\Apr2006_XACT_x86.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\Apr2006_xinput_x64.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\Apr2006_xinput_x86.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\APR2007_d3dx10_33_x64.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\APR2007_d3dx10_33_x86.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\APR2007_d3dx9_33_x64.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\APR2007_d3dx9_33_x86.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\APR2007_XACT_x64.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\APR2007_XACT_x86.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\APR2007_xinput_x64.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\APR2007_xinput_x86.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\Aug2005_d3dx9_27_x64.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\Aug2005_d3dx9_27_x86.cab
C:\Users\Damien\AppData\Local\Microsoft\Messenger\el-sid@hotmail.fr\Sharing Folders\gcarves@hotmail.fr\Call Of Duty 4 - Modern Warfare FR + Crack & Serial (By Serial-Crackeur)\DirectX\AUG2006_XACT_x64.cab
C:\Users\Damien\Downloads\rdg\crack
C:\Users\Damien\Downloads\rdg\crack\GRID.exe


[F:907][D:72]-> C:\Users\Damien\AppData\Local\Temp
[F:322][D:1]-> C:\Users\Damien\AppData\Roaming\MICROS~1\Windows\Cookies
[F:1964][D:4]-> C:\Users\Damien\AppData\Local\MICROS~1\Windows\TEMPOR~1\content.IE5
[F:148][D:11]-> C:\$Recycle.Bin

1 - "C:\Lop SD\LopR_1.txt" - 24/02/2009|12:32 - Option : [1]

--------------------\\ Fin du rapport a 12:32:19
[ UAC => 1 ]
0
cordlesstuba
 
Bonjour je ne voudrais pas faire un détérage de sujet, mais juste comprendre pourquoi mon adresse mail se retrouve dans le rapport de cette personne ainsi que celle d'un ami ?
0
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
Salut,

C'est un historique de conversation WLM non ?
0
cordlesstuba
 
donc je connaîtrais cet utilisateur ?
0
juju666 Messages postés 35446 Date d'inscription   Statut Contributeur sécurité Dernière intervention   4 796
 
Re,
Certainement oui.
Si tu veux je peux supprimer le topik, toute façon l'adware lop n'existe plus.
0
cordlesstuba
 
Non non tkt c'etait juste pour savoir
0
Réponse 9 / 9
green day Messages postés 26374 Date d'inscription   Statut Modérateur, Contributeur sécurité Dernière intervention   2 163
 
Ok, passe à l'option 2 et poste le rapport stp.

++
0
billiejoe
 
je poste le rapport aussi ?
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
message de postmaster incessant !
wasap -
wasap -

9 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses
4 virus en raison d’un porno ????
valou -
Bello040420 -

9 réponses