Chev.de troie heeelllpppp merci
Résolu
fredyfred
Messages postés
71
Date d'inscription
Statut
Membre
Dernière intervention
-
mimi33840 -
mimi33840 -
Bonjour,
je reposte parce que je manque de temps,
donc voila je suis infecté par Trojan.Agent.AFWL, Trojan.Spy.BZub.UFY et Dropped: Adware.cinmus.XZ voici le rapport HJT merci encore pour votre aide généreuse.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:55, on 30/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {201C0B02-29D6-407B-9499-2AC7D7164B27} - C:\WINDOWS\system32\crtdl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [comrepl32] C:\windows\system32\com\comrepl32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
End of file - 4224 bytes
52 message(s) posté(s) depuis le vendredi 15 décembre 2006
je reposte parce que je manque de temps,
donc voila je suis infecté par Trojan.Agent.AFWL, Trojan.Spy.BZub.UFY et Dropped: Adware.cinmus.XZ voici le rapport HJT merci encore pour votre aide généreuse.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:11:55, on 30/11/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
C:\Program Files\Belkin\Belkin Wireless Network Utility\WLanCfgG.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender10\vsserv.exe
C:\WINDOWS\vVX1000.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Softwin\BitDefender10\bdmcon.exe
C:\Program Files\Softwin\BitDefender10\bdagent.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {201C0B02-29D6-407B-9499-2AC7D7164B27} - C:\WINDOWS\system32\crtdl.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [VX1000] C:\WINDOWS\vVX1000.exe
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg
O4 - HKLM\..\Run: [BDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKLM\..\Policies\Explorer\Run: [comrepl32] C:\windows\system32\com\comrepl32.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Fichiers communs\Softwin\BitDefender Scan Server\bdss.exe
O23 - Service: Belkin Wireless USB Network Adapter (Belkin Wireless USB Network Adapter Service) - Unknown owner - C:\Program Files\Belkin\Belkin Wireless Network Utility\WLService.exe
O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Fichiers communs\Softwin\BitDefender Update Service\livesrv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe
O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\Program Files\Fichiers communs\Softwin\BitDefender Communicator\xcommsvr.exe
End of file - 4224 bytes
52 message(s) posté(s) depuis le vendredi 15 décembre 2006
A voir également:
- Chev.de troie heeelllpppp merci
- Comment supprimer cheval de troie gratuitement - Télécharger - Antivirus & Antimalwares
- Ordinateur bloqué cheval de troie - Accueil - Arnaque
- Cheval de troie virus - Accueil - Virus
- Troie film complet streaming gratuit - Guide
- Supprimer cheval de troie - Forum Virus
6 réponses
Bonjour
Cherche et supprime ces fichier/dossiers ci-dessous en gras
- C:\WINDOWS\system32\crtdl.dll
- C:\windows\system32\com\ (dossier)
**Si un fichier/dossier persiste lors de la suppression fait ceci:
- Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu..
Puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement.
Télécharge et installe AVG anti-spyware : mets le à jour
Tu fais un scan complet de ton système, dès qu'il a fini.
Si il te trouve des espions,supprime les. Enregistre le rapport et colle le ici stp
AVG anti-spyware : reste gratuit après la période d'essai en français
---->http://www.infos-du-net.com/telecharger/Anti-Spyware-AVG,0301-7063.html
Si tu as besoin d'aide avec Ewido(devenu AVG-antispyware) regarde ce tutoriel:
--> http://kerio.probb.fr/chasser-les-virus-et-spywares-de-votre-systeme-f1/tutoriel-avg-anti-spyware-anti-spyware-t701.htm
A++
Cherche et supprime ces fichier/dossiers ci-dessous en gras
- C:\WINDOWS\system32\crtdl.dll
- C:\windows\system32\com\ (dossier)
**Si un fichier/dossier persiste lors de la suppression fait ceci:
- Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisis "mode sans echec" attends un peu..
Puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement.
Télécharge et installe AVG anti-spyware : mets le à jour
Tu fais un scan complet de ton système, dès qu'il a fini.
Si il te trouve des espions,supprime les. Enregistre le rapport et colle le ici stp
AVG anti-spyware : reste gratuit après la période d'essai en français
---->http://www.infos-du-net.com/telecharger/Anti-Spyware-AVG,0301-7063.html
Si tu as besoin d'aide avec Ewido(devenu AVG-antispyware) regarde ce tutoriel:
--> http://kerio.probb.fr/chasser-les-virus-et-spywares-de-votre-systeme-f1/tutoriel-avg-anti-spyware-anti-spyware-t701.htm
A++
merci boulapate62
pour l'instant je ne peux rien faire je reposte ce soir je te donnerais des nouvelles merci encore pour l'info
pour l'instant je ne peux rien faire je reposte ce soir je te donnerais des nouvelles merci encore pour l'info
Bonjour,
Voila une semaine mon antivirus a détecté un trojan horse bho adm sur crtdl.dll mais j'ai tout essayé même le mode sans échec et je ne peux pas l'effacer!!!!
Si quelqu'un a la solution chapeau!!!
Voila une semaine mon antivirus a détecté un trojan horse bho adm sur crtdl.dll mais j'ai tout essayé même le mode sans échec et je ne peux pas l'effacer!!!!
Si quelqu'un a la solution chapeau!!!
dls j'ai oublié d'ajouter
Logfile of HijackThis v1.99.1
Scan saved at 00:59:44, on 13/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
E:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
E:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Program Files\Skype\Phone\Skype.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
E:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
E:\Program Files\Norton AntiVirus\navapsvc.exe
E:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
E:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
E:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
E:\Program Files\Skype\Plugin Manager\skypePM.exe
E:\Program Files\MSN Messenger\usnsvc.exe
D:\Dossier d'instalation\eMule\emule.exe
E:\Documents and Settings\Emilie Payan\Mes documents\Mes fichiers reçus\HijackThis.exe
E:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - E:\WINDOWS\system32\dcads_sidebar.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - E:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {DBA70FED-A764-44AA-8FE7-D9BE7E287B7E} - E:\WINDOWS\System32\crtdl.dll
O2 - BHO: dcads - {F173E53F-E042-49b6-BD46-983E93DA1B17} - E:\WINDOWS\system32\nsj18.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] E:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LightScribe Control Panel] E:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Eraser] E:\Program Files\Eraser\Eraser.exe -hide
O4 - Startup: Magic Holdem.lnk = E:\Program Files\Magic Holdem\MagicHoldem.exe
O8 - Extra context menu item: &Windows Live Search - res://E:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://E:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?f88c8ab3a2d04d43b56c2d0f38139a48
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://E:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?f88c8ab3a2d04d43b56c2d0f38139a48
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Droppix Service - Droppix - E:\Program Files\Fichiers communs\Droppix\DxService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - E:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - E:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - E:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - E:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - E:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Merci!!
Logfile of HijackThis v1.99.1
Scan saved at 00:59:44, on 13/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
E:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
E:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
E:\Program Files\MSN Messenger\MsnMsgr.Exe
E:\Program Files\Skype\Phone\Skype.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
E:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
E:\Program Files\Norton AntiVirus\navapsvc.exe
E:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
E:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
E:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
E:\Program Files\Skype\Plugin Manager\skypePM.exe
E:\Program Files\MSN Messenger\usnsvc.exe
D:\Dossier d'instalation\eMule\emule.exe
E:\Documents and Settings\Emilie Payan\Mes documents\Mes fichiers reçus\HijackThis.exe
E:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - E:\WINDOWS\system32\dcads_sidebar.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - E:\WINDOWS\system32\BhoECart.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - E:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {DBA70FED-A764-44AA-8FE7-D9BE7E287B7E} - E:\WINDOWS\System32\crtdl.dll
O2 - BHO: dcads - {F173E53F-E042-49b6-BD46-983E93DA1B17} - E:\WINDOWS\system32\nsj18.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - E:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] E:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "E:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [MsnMsgr] "E:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LightScribe Control Panel] E:\Program Files\Fichiers communs\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [Eraser] E:\Program Files\Eraser\Eraser.exe -hide
O4 - Startup: Magic Holdem.lnk = E:\Program Files\Magic Holdem\MagicHoldem.exe
O8 - Extra context menu item: &Windows Live Search - res://E:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://E:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?f88c8ab3a2d04d43b56c2d0f38139a48
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://E:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?f88c8ab3a2d04d43b56c2d0f38139a48
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - E:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: Droppix Service - Droppix - E:\Program Files\Fichiers communs\Droppix\DxService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - E:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - E:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - E:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - E:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - E:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - E:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - E:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - E:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
Merci!!
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
et ca aussi
ComboFix 07-12-12.3 - Emilie Payan 2007-12-13 1:06:42.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.101 [GMT 1:00]
Running from: E:\Documents and Settings\Emilie Payan\Mes documents\Mes fichiers reçus\ComboFix.exe
* Created a new restore point
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
E:\WINDOWS\system32\nsj18.dll
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-13 to 2007-12-13 ))))))))))))))))))))))))))))))))))))
.
2007-12-12 22:24 . 2007-12-12 22:24 <REP> d-------- E:\Program Files\Eraser
2007-12-12 22:24 . 2007-12-12 22:24 <REP> d--h----- E:\Documents and Settings\All Users\Application Data\{74D61F17-FFC2-41AF-96E5-1DCB0631B6D1}
2007-12-12 22:14 . 2007-12-12 22:18 <REP> d-------- E:\Program Files\File Monster
2007-12-12 20:56 . 2007-12-12 20:56 <REP> d-------- E:\Documents and Settings\All Users\Application Data\MGS
2007-12-12 20:53 . 2007-12-12 20:53 <REP> d-------- E:\WINDOWS\system32\FlashAX
2007-12-12 20:53 . 2007-12-12 20:53 <REP> d-------- E:\MicroGaming
2007-12-11 19:45 . 2007-12-11 19:45 <REP> d-------- E:\Program Files\Xvid
2007-12-11 19:45 . 2007-06-28 18:52 765,952 --a------ E:\WINDOWS\system32\xvidcore.dll
2007-12-11 19:45 . 2007-06-28 18:54 180,224 --a------ E:\WINDOWS\system32\xvidvfw.dll
2007-12-11 19:45 . 2007-06-28 18:55 77,824 --a------ E:\WINDOWS\system32\xvid.ax
2007-12-11 13:00 . 2007-12-11 13:00 <REP> d-------- E:\Program Files\Virtualis
2007-12-10 23:20 . 2007-12-10 23:20 125 --a------ E:\ioSpecial.ini
2007-12-06 12:14 . 2007-12-06 12:14 <REP> d-------- E:\Documents and Settings\All Users\Application Data\LightScribe
2007-12-06 12:13 . 2007-12-06 12:13 <REP> d-------- E:\Documents and Settings\Emilie Payan\Application Data\Droppix
2007-12-06 12:13 . 2005-11-09 09:00 1,012,736 --a------ E:\WINDOWS\system32\vorbis.dll
2007-12-06 12:13 . 2005-11-09 09:00 462,848 --a------ E:\WINDOWS\system32\HHActiveX.dll
2007-12-06 12:13 . 2004-06-05 19:33 139,264 --a------ E:\WINDOWS\system32\RLAPEDec.ax
2007-12-06 12:13 . 2004-04-27 16:05 98,304 --a------ E:\WINDOWS\system32\RLMPCDec.ax
2007-12-06 12:13 . 2005-11-09 09:00 12,800 --a------ E:\WINDOWS\system32\ogg.dll
2007-12-06 12:12 . 2007-12-06 12:12 <REP> d-------- E:\Program Files\illiminable
2007-12-06 12:12 . 2007-12-06 12:12 <REP> d-------- E:\Program Files\Fichiers communs\LightScribe
2007-12-06 12:12 . 2007-12-06 12:13 <REP> d-------- E:\Program Files\Fichiers communs\Droppix
2007-12-06 12:12 . 2007-12-06 12:12 <REP> d-------- E:\Program Files\Droppix
2007-12-06 12:12 . 2005-11-09 09:00 1,700,352 --a------ E:\WINDOWS\system32\gdiplus.dll
2007-12-06 12:12 . 2005-11-09 09:00 487,424 --a-s---- E:\WINDOWS\system32\msvcp70.dll
2007-12-06 12:12 . 2005-11-09 09:00 344,064 -ra------ E:\WINDOWS\system32\msvcr70.dll
2007-12-06 12:12 . 2005-11-09 09:00 24,576 --a------ E:\WINDOWS\system32\msxml3a.dll
2007-12-06 12:00 . 2007-12-06 12:14 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Droppix
2007-12-05 20:41 . 2004-08-04 07:08 26,496 --a--c--- E:\WINDOWS\system32\dllcache\usbstor.sys
2007-12-05 17:13 . 2007-12-05 17:13 <REP> d-------- E:\Program Files\Alcohol Soft
2007-12-05 17:13 . 2005-04-25 10:43 159,616 --a------ E:\WINDOWS\system32\drivers\Vax347b.sys
2007-12-05 17:13 . 2004-04-30 09:33 5,248 --a------ E:\WINDOWS\system32\drivers\Vax347s.sys
2007-12-05 10:41 . 2007-12-05 10:41 4,096 --a------ E:\WINDOWS\d3dx.dat
2007-12-05 10:36 . 2007-12-05 10:36 <REP> d-------- E:\Program Files\ReflexiveArcade
2007-12-05 10:36 . 2007-12-06 21:28 <REP> d-------- E:\Program Files\Flower Shop Big City Break
2007-12-05 00:18 . 2007-12-05 00:18 8,192 --ahs---- E:\WINDOWS\Thumbs.db
2007-12-03 18:51 . 2007-12-13 00:04 <REP> d-------- E:\Documents and Settings\Emilie Payan\Application Data\skypePM
2007-12-03 18:51 . 2007-12-03 18:51 32 --a------ E:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-12-03 18:49 . 2007-12-13 00:32 <REP> d-------- E:\Documents and Settings\Emilie Payan\Application Data\Skype
2007-12-03 18:48 . 2007-12-03 18:49 <REP> d-------- E:\Program Files\Skype
2007-12-03 18:48 . 2007-12-03 18:48 <REP> d-------- E:\Program Files\Fichiers communs\Skype
2007-12-03 18:48 . 2007-12-03 18:49 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Skype
2007-12-03 18:13 . 2007-12-03 18:13 282,624 --a------ E:\WINDOWS\system32\dcads_sidebar.dll
2007-12-03 16:53 . 2007-12-10 22:51 59,219 --a------ E:\WINDOWS\system32\dcads_sidebar_uninstall.exe
2007-12-01 11:52 . 2007-12-01 11:52 80,118 --a------ E:\WINDOWS\system32\dcads-remove.exe
2007-11-30 03:05 . 2007-11-30 03:05 <REP> d-------- E:\Program Files\Windows Live Favorites
2007-11-29 11:21 . 2003-06-23 01:44 1,415,680 --a------ E:\WINDOWS\system32\wmv9vcm.dll
2007-11-29 11:21 . 2003-08-29 00:55 423,424 --a------ E:\WINDOWS\system32\WMAVDS32.ax
2007-11-29 11:21 . 2001-03-26 03:41 245,760 --a------ E:\WINDOWS\system32\mp4sds32.ax
2007-11-29 11:19 . 2002-12-14 17:41 246,272 --a------ E:\WINDOWS\system32\mswmdm.dll
2007-11-29 11:19 . 2002-11-27 03:03 159,232 --a------ E:\WINDOWS\system32\CEWMDM.dll
2007-11-29 11:19 . 2002-12-17 18:45 52,736 --a------ E:\WINDOWS\system32\mspmsnsv.dll
2007-11-29 11:19 . 2002-11-27 03:03 27,136 --a------ E:\WINDOWS\system32\wmdmlog.dll
2007-11-29 11:19 . 2002-11-27 03:03 23,552 --a------ E:\WINDOWS\system32\wmdmps.dll
2007-11-29 03:20 . 2006-08-21 10:14 128,896 -----c--- E:\WINDOWS\system32\dllcache\fltmgr.sys
2007-11-29 03:20 . 2006-08-21 10:14 23,040 -----c--- E:\WINDOWS\system32\dllcache\fltmc.exe
2007-11-29 03:20 . 2006-08-21 13:26 16,896 -----c--- E:\WINDOWS\system32\dllcache\fltlib.dll
2007-11-28 03:53 . 2007-07-09 14:11 584,192 -----c--- E:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-11-27 19:57 . 2007-11-27 19:57 <REP> d-------- E:\Documents and Settings\All Users\Application Data\HipSoft
2007-11-27 15:29 . 2004-08-20 00:09 221,184 --a------ E:\WINDOWS\system32\wmpns.dll
2007-11-27 15:27 . 2007-11-27 15:27 <REP> d-------- E:\WINDOWS\provisioning
2007-11-27 15:24 . 2007-11-27 15:24 <REP> d-------- E:\WINDOWS\ServicePackFiles
2007-11-27 15:18 . 2007-11-27 15:18 <REP> d-------- E:\WINDOWS\EHome
2007-11-27 11:48 . 2007-11-27 11:49 <REP> d-------- E:\Program Files\Fichiers communs\Adobe
2007-11-27 00:17 . 2007-11-27 00:17 <REP> d--hs---- E:\WINDOWS\ftpcache
2007-11-27 00:17 . 2007-11-27 13:57 <REP> d-a------ E:\Documents and Settings\All Users\Application Data\TEMP
2007-11-27 00:15 . 2007-11-27 00:17 <REP> d-------- E:\Program Files\Dirty Dancing
2007-11-27 00:03 . 2007-11-27 00:03 <REP> d-------- E:\Program Files\bfgclient
2007-11-27 00:03 . 2007-11-27 00:17 <REP> d-------- E:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2007-11-25 13:41 . 2007-11-25 13:41 <REP> d---s---- E:\Documents and Settings\Emilie Payan\UserData
2007-11-25 01:26 . 2007-11-25 01:26 <REP> d-------- E:\WINDOWS\Sun
2007-11-25 01:25 . 2007-11-25 01:25 <REP> d-------- E:\Program Files\Java
2007-11-25 01:25 . 2007-09-24 23:31 69,632 --a------ E:\WINDOWS\system32\javacpl.cpl
2007-11-25 01:23 . 2007-11-25 01:23 <REP> d-------- E:\Program Files\Fichiers communs\Java
2007-11-25 01:23 . 2007-11-25 01:26 659 --a------ E:\WINDOWS\mozver.dat
2007-11-24 20:38 . 2007-11-24 20:38 664 --a------ E:\WINDOWS\system32\d3d9caps.dat
2007-11-24 03:20 . 2007-11-24 03:20 <REP> d-------- E:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-24 03:07 . 2002-04-15 21:11 67,866 --------- E:\WINDOWS\system32\drivers\netwlan5.img
2007-11-24 03:07 . 2004-08-19 16:10 11,776 --------- E:\WINDOWS\system32\spnpinst.exe
2007-11-24 03:07 . 2004-08-02 14:20 7,208 --------- E:\WINDOWS\system32\secupd.sig
2007-11-24 03:07 . 2004-08-02 14:20 4,569 --------- E:\WINDOWS\system32\secupd.dat
2007-11-24 01:27 . 2005-10-20 23:25 1,097,728 --a------ E:\WINDOWS\system32\esent.dll
2007-11-23 19:05 . 2007-11-23 19:06 <REP> d-------- E:\WINDOWS\system32\bits
2007-11-23 19:04 . 2007-12-12 06:15 <REP> d--h----- E:\WINDOWS\$hf_mig$
2007-11-23 19:04 . 2005-06-28 10:21 22,752 --a------ E:\WINDOWS\system32\spupdsvc.exe
2007-11-23 18:45 . 2007-12-04 14:07 <REP> d-------- E:\Program Files\PKR
2007-11-23 18:42 . 2004-08-20 00:09 351,232 --a------ E:\WINDOWS\system32\winhttp.dll
2007-11-23 18:42 . 2004-08-20 00:09 18,944 --a------ E:\WINDOWS\system32\qmgrprxy.dll
2007-11-23 18:42 . 2004-08-20 00:09 8,192 --------- E:\WINDOWS\system32\bitsprx2.dll
2007-11-23 18:42 . 2004-08-20 00:09 7,168 --------- E:\WINDOWS\system32\bitsprx3.dll
2007-11-23 18:41 . 2007-11-23 18:41 13,690 --a------ E:\WINDOWS\system32\wpa.bak
2007-11-23 18:38 . 2007-12-05 02:51 <REP> d-------- E:\Documents and Settings\Emilie Payan\Contacts
2007-11-23 18:38 . 2007-11-23 18:38 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2007-11-23 18:38 . 2007-07-30 19:19 271,224 --a------ E:\WINDOWS\system32\mucltui.dll
2007-11-23 18:38 . 2007-07-30 19:19 207,736 --a------ E:\WINDOWS\system32\muweb.dll
2007-11-23 18:38 . 2007-07-30 19:18 30,072 --a------ E:\WINDOWS\system32\mucltui.dll.mui
2007-11-23 18:36 . 2007-11-30 03:07 <REP> d-------- E:\Program Files\Windows Live Toolbar
2007-11-23 18:34 . 2007-11-27 18:38 <REP> d-------- E:\Program Files\MSN Messenger
2007-11-23 18:15 . 2007-11-23 18:15 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-23 18:15 . 2004-09-15 14:44 13,824 -ra------ E:\WINDOWS\system32\drivers\atinmdxx.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-12 10:37 --------- d-----w E:\Program Files\Fichiers communs\Symantec Shared
2007-11-23 16:23 --------- d-----w E:\Program Files\Services en ligne
2007-11-22 20:38 --------- d-----w E:\Program Files\Symantec
2007-11-22 20:25 --------- d-----w E:\Documents and Settings\All Users\Application Data\Symantec
2007-11-22 19:59 --------- d-----w E:\Documents and Settings\All Users\Application Data\Fugazo
2007-11-22 19:25 --------- d-----w E:\Program Files\microsoft frontpage
2007-11-22 19:23 --------- d-----w E:\Program Files\HighMAT CD Writing Wizard
2007-11-22 19:22 --------- d-----w E:\Program Files\Common Files
2007-11-22 19:20 --------- d-----w E:\Program Files\Windows Journal Viewer
2007-11-22 19:18 558,142 ----a-w E:\WINDOWS\java\Packages\GE3P3ZHV.ZIP
2007-11-22 19:18 155,995 ----a-w E:\WINDOWS\java\Packages\QA4FJ77Z.ZIP
2007-11-22 19:16 --------- d-----w E:\Program Files\Fichiers communs\MSSoap
2007-11-22 19:07 --------- d-----w E:\Program Files\Fichiers communs\SpeechEngines
2007-11-22 19:07 --------- d-----w E:\Program Files\Fichiers communs\ODBC
2007-11-13 10:25 20,480 ----a-w E:\WINDOWS\system32\drivers\secdrv.sys
2007-10-29 22:43 1,293,824 ----a-w E:\WINDOWS\system32\quartz.dll
2007-10-25 09:00 230,912 ----a-w E:\WINDOWS\system32\wmasf.dll
2007-10-17 17:23 10,752 ----a-w E:\WINDOWS\system32\WhoisCL.exe
.
ComboFix 07-12-12.3 - Emilie Payan 2007-12-13 1:06:42.1 - NTFSx86
Microsoft Windows XP Édition familiale 5.1.2600.2.1252.1.1036.18.101 [GMT 1:00]
Running from: E:\Documents and Settings\Emilie Payan\Mes documents\Mes fichiers reçus\ComboFix.exe
* Created a new restore point
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
E:\WINDOWS\system32\nsj18.dll
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-13 to 2007-12-13 ))))))))))))))))))))))))))))))))))))
.
2007-12-12 22:24 . 2007-12-12 22:24 <REP> d-------- E:\Program Files\Eraser
2007-12-12 22:24 . 2007-12-12 22:24 <REP> d--h----- E:\Documents and Settings\All Users\Application Data\{74D61F17-FFC2-41AF-96E5-1DCB0631B6D1}
2007-12-12 22:14 . 2007-12-12 22:18 <REP> d-------- E:\Program Files\File Monster
2007-12-12 20:56 . 2007-12-12 20:56 <REP> d-------- E:\Documents and Settings\All Users\Application Data\MGS
2007-12-12 20:53 . 2007-12-12 20:53 <REP> d-------- E:\WINDOWS\system32\FlashAX
2007-12-12 20:53 . 2007-12-12 20:53 <REP> d-------- E:\MicroGaming
2007-12-11 19:45 . 2007-12-11 19:45 <REP> d-------- E:\Program Files\Xvid
2007-12-11 19:45 . 2007-06-28 18:52 765,952 --a------ E:\WINDOWS\system32\xvidcore.dll
2007-12-11 19:45 . 2007-06-28 18:54 180,224 --a------ E:\WINDOWS\system32\xvidvfw.dll
2007-12-11 19:45 . 2007-06-28 18:55 77,824 --a------ E:\WINDOWS\system32\xvid.ax
2007-12-11 13:00 . 2007-12-11 13:00 <REP> d-------- E:\Program Files\Virtualis
2007-12-10 23:20 . 2007-12-10 23:20 125 --a------ E:\ioSpecial.ini
2007-12-06 12:14 . 2007-12-06 12:14 <REP> d-------- E:\Documents and Settings\All Users\Application Data\LightScribe
2007-12-06 12:13 . 2007-12-06 12:13 <REP> d-------- E:\Documents and Settings\Emilie Payan\Application Data\Droppix
2007-12-06 12:13 . 2005-11-09 09:00 1,012,736 --a------ E:\WINDOWS\system32\vorbis.dll
2007-12-06 12:13 . 2005-11-09 09:00 462,848 --a------ E:\WINDOWS\system32\HHActiveX.dll
2007-12-06 12:13 . 2004-06-05 19:33 139,264 --a------ E:\WINDOWS\system32\RLAPEDec.ax
2007-12-06 12:13 . 2004-04-27 16:05 98,304 --a------ E:\WINDOWS\system32\RLMPCDec.ax
2007-12-06 12:13 . 2005-11-09 09:00 12,800 --a------ E:\WINDOWS\system32\ogg.dll
2007-12-06 12:12 . 2007-12-06 12:12 <REP> d-------- E:\Program Files\illiminable
2007-12-06 12:12 . 2007-12-06 12:12 <REP> d-------- E:\Program Files\Fichiers communs\LightScribe
2007-12-06 12:12 . 2007-12-06 12:13 <REP> d-------- E:\Program Files\Fichiers communs\Droppix
2007-12-06 12:12 . 2007-12-06 12:12 <REP> d-------- E:\Program Files\Droppix
2007-12-06 12:12 . 2005-11-09 09:00 1,700,352 --a------ E:\WINDOWS\system32\gdiplus.dll
2007-12-06 12:12 . 2005-11-09 09:00 487,424 --a-s---- E:\WINDOWS\system32\msvcp70.dll
2007-12-06 12:12 . 2005-11-09 09:00 344,064 -ra------ E:\WINDOWS\system32\msvcr70.dll
2007-12-06 12:12 . 2005-11-09 09:00 24,576 --a------ E:\WINDOWS\system32\msxml3a.dll
2007-12-06 12:00 . 2007-12-06 12:14 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Droppix
2007-12-05 20:41 . 2004-08-04 07:08 26,496 --a--c--- E:\WINDOWS\system32\dllcache\usbstor.sys
2007-12-05 17:13 . 2007-12-05 17:13 <REP> d-------- E:\Program Files\Alcohol Soft
2007-12-05 17:13 . 2005-04-25 10:43 159,616 --a------ E:\WINDOWS\system32\drivers\Vax347b.sys
2007-12-05 17:13 . 2004-04-30 09:33 5,248 --a------ E:\WINDOWS\system32\drivers\Vax347s.sys
2007-12-05 10:41 . 2007-12-05 10:41 4,096 --a------ E:\WINDOWS\d3dx.dat
2007-12-05 10:36 . 2007-12-05 10:36 <REP> d-------- E:\Program Files\ReflexiveArcade
2007-12-05 10:36 . 2007-12-06 21:28 <REP> d-------- E:\Program Files\Flower Shop Big City Break
2007-12-05 00:18 . 2007-12-05 00:18 8,192 --ahs---- E:\WINDOWS\Thumbs.db
2007-12-03 18:51 . 2007-12-13 00:04 <REP> d-------- E:\Documents and Settings\Emilie Payan\Application Data\skypePM
2007-12-03 18:51 . 2007-12-03 18:51 32 --a------ E:\Documents and Settings\All Users\Application Data\ezsid.dat
2007-12-03 18:49 . 2007-12-13 00:32 <REP> d-------- E:\Documents and Settings\Emilie Payan\Application Data\Skype
2007-12-03 18:48 . 2007-12-03 18:49 <REP> d-------- E:\Program Files\Skype
2007-12-03 18:48 . 2007-12-03 18:48 <REP> d-------- E:\Program Files\Fichiers communs\Skype
2007-12-03 18:48 . 2007-12-03 18:49 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Skype
2007-12-03 18:13 . 2007-12-03 18:13 282,624 --a------ E:\WINDOWS\system32\dcads_sidebar.dll
2007-12-03 16:53 . 2007-12-10 22:51 59,219 --a------ E:\WINDOWS\system32\dcads_sidebar_uninstall.exe
2007-12-01 11:52 . 2007-12-01 11:52 80,118 --a------ E:\WINDOWS\system32\dcads-remove.exe
2007-11-30 03:05 . 2007-11-30 03:05 <REP> d-------- E:\Program Files\Windows Live Favorites
2007-11-29 11:21 . 2003-06-23 01:44 1,415,680 --a------ E:\WINDOWS\system32\wmv9vcm.dll
2007-11-29 11:21 . 2003-08-29 00:55 423,424 --a------ E:\WINDOWS\system32\WMAVDS32.ax
2007-11-29 11:21 . 2001-03-26 03:41 245,760 --a------ E:\WINDOWS\system32\mp4sds32.ax
2007-11-29 11:19 . 2002-12-14 17:41 246,272 --a------ E:\WINDOWS\system32\mswmdm.dll
2007-11-29 11:19 . 2002-11-27 03:03 159,232 --a------ E:\WINDOWS\system32\CEWMDM.dll
2007-11-29 11:19 . 2002-12-17 18:45 52,736 --a------ E:\WINDOWS\system32\mspmsnsv.dll
2007-11-29 11:19 . 2002-11-27 03:03 27,136 --a------ E:\WINDOWS\system32\wmdmlog.dll
2007-11-29 11:19 . 2002-11-27 03:03 23,552 --a------ E:\WINDOWS\system32\wmdmps.dll
2007-11-29 03:20 . 2006-08-21 10:14 128,896 -----c--- E:\WINDOWS\system32\dllcache\fltmgr.sys
2007-11-29 03:20 . 2006-08-21 10:14 23,040 -----c--- E:\WINDOWS\system32\dllcache\fltmc.exe
2007-11-29 03:20 . 2006-08-21 13:26 16,896 -----c--- E:\WINDOWS\system32\dllcache\fltlib.dll
2007-11-28 03:53 . 2007-07-09 14:11 584,192 -----c--- E:\WINDOWS\system32\dllcache\rpcrt4.dll
2007-11-27 19:57 . 2007-11-27 19:57 <REP> d-------- E:\Documents and Settings\All Users\Application Data\HipSoft
2007-11-27 15:29 . 2004-08-20 00:09 221,184 --a------ E:\WINDOWS\system32\wmpns.dll
2007-11-27 15:27 . 2007-11-27 15:27 <REP> d-------- E:\WINDOWS\provisioning
2007-11-27 15:24 . 2007-11-27 15:24 <REP> d-------- E:\WINDOWS\ServicePackFiles
2007-11-27 15:18 . 2007-11-27 15:18 <REP> d-------- E:\WINDOWS\EHome
2007-11-27 11:48 . 2007-11-27 11:49 <REP> d-------- E:\Program Files\Fichiers communs\Adobe
2007-11-27 00:17 . 2007-11-27 00:17 <REP> d--hs---- E:\WINDOWS\ftpcache
2007-11-27 00:17 . 2007-11-27 13:57 <REP> d-a------ E:\Documents and Settings\All Users\Application Data\TEMP
2007-11-27 00:15 . 2007-11-27 00:17 <REP> d-------- E:\Program Files\Dirty Dancing
2007-11-27 00:03 . 2007-11-27 00:03 <REP> d-------- E:\Program Files\bfgclient
2007-11-27 00:03 . 2007-11-27 00:17 <REP> d-------- E:\Documents and Settings\All Users\Application Data\BigFishGamesCache
2007-11-25 13:41 . 2007-11-25 13:41 <REP> d---s---- E:\Documents and Settings\Emilie Payan\UserData
2007-11-25 01:26 . 2007-11-25 01:26 <REP> d-------- E:\WINDOWS\Sun
2007-11-25 01:25 . 2007-11-25 01:25 <REP> d-------- E:\Program Files\Java
2007-11-25 01:25 . 2007-09-24 23:31 69,632 --a------ E:\WINDOWS\system32\javacpl.cpl
2007-11-25 01:23 . 2007-11-25 01:23 <REP> d-------- E:\Program Files\Fichiers communs\Java
2007-11-25 01:23 . 2007-11-25 01:26 659 --a------ E:\WINDOWS\mozver.dat
2007-11-24 20:38 . 2007-11-24 20:38 664 --a------ E:\WINDOWS\system32\d3d9caps.dat
2007-11-24 03:20 . 2007-11-24 03:20 <REP> d-------- E:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-24 03:07 . 2002-04-15 21:11 67,866 --------- E:\WINDOWS\system32\drivers\netwlan5.img
2007-11-24 03:07 . 2004-08-19 16:10 11,776 --------- E:\WINDOWS\system32\spnpinst.exe
2007-11-24 03:07 . 2004-08-02 14:20 7,208 --------- E:\WINDOWS\system32\secupd.sig
2007-11-24 03:07 . 2004-08-02 14:20 4,569 --------- E:\WINDOWS\system32\secupd.dat
2007-11-24 01:27 . 2005-10-20 23:25 1,097,728 --a------ E:\WINDOWS\system32\esent.dll
2007-11-23 19:05 . 2007-11-23 19:06 <REP> d-------- E:\WINDOWS\system32\bits
2007-11-23 19:04 . 2007-12-12 06:15 <REP> d--h----- E:\WINDOWS\$hf_mig$
2007-11-23 19:04 . 2005-06-28 10:21 22,752 --a------ E:\WINDOWS\system32\spupdsvc.exe
2007-11-23 18:45 . 2007-12-04 14:07 <REP> d-------- E:\Program Files\PKR
2007-11-23 18:42 . 2004-08-20 00:09 351,232 --a------ E:\WINDOWS\system32\winhttp.dll
2007-11-23 18:42 . 2004-08-20 00:09 18,944 --a------ E:\WINDOWS\system32\qmgrprxy.dll
2007-11-23 18:42 . 2004-08-20 00:09 8,192 --------- E:\WINDOWS\system32\bitsprx2.dll
2007-11-23 18:42 . 2004-08-20 00:09 7,168 --------- E:\WINDOWS\system32\bitsprx3.dll
2007-11-23 18:41 . 2007-11-23 18:41 13,690 --a------ E:\WINDOWS\system32\wpa.bak
2007-11-23 18:38 . 2007-12-05 02:51 <REP> d-------- E:\Documents and Settings\Emilie Payan\Contacts
2007-11-23 18:38 . 2007-11-23 18:38 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
2007-11-23 18:38 . 2007-07-30 19:19 271,224 --a------ E:\WINDOWS\system32\mucltui.dll
2007-11-23 18:38 . 2007-07-30 19:19 207,736 --a------ E:\WINDOWS\system32\muweb.dll
2007-11-23 18:38 . 2007-07-30 19:18 30,072 --a------ E:\WINDOWS\system32\mucltui.dll.mui
2007-11-23 18:36 . 2007-11-30 03:07 <REP> d-------- E:\Program Files\Windows Live Toolbar
2007-11-23 18:34 . 2007-11-27 18:38 <REP> d-------- E:\Program Files\MSN Messenger
2007-11-23 18:15 . 2007-11-23 18:15 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Grisoft
2007-11-23 18:15 . 2004-09-15 14:44 13,824 -ra------ E:\WINDOWS\system32\drivers\atinmdxx.sys
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-12 10:37 --------- d-----w E:\Program Files\Fichiers communs\Symantec Shared
2007-11-23 16:23 --------- d-----w E:\Program Files\Services en ligne
2007-11-22 20:38 --------- d-----w E:\Program Files\Symantec
2007-11-22 20:25 --------- d-----w E:\Documents and Settings\All Users\Application Data\Symantec
2007-11-22 19:59 --------- d-----w E:\Documents and Settings\All Users\Application Data\Fugazo
2007-11-22 19:25 --------- d-----w E:\Program Files\microsoft frontpage
2007-11-22 19:23 --------- d-----w E:\Program Files\HighMAT CD Writing Wizard
2007-11-22 19:22 --------- d-----w E:\Program Files\Common Files
2007-11-22 19:20 --------- d-----w E:\Program Files\Windows Journal Viewer
2007-11-22 19:18 558,142 ----a-w E:\WINDOWS\java\Packages\GE3P3ZHV.ZIP
2007-11-22 19:18 155,995 ----a-w E:\WINDOWS\java\Packages\QA4FJ77Z.ZIP
2007-11-22 19:16 --------- d-----w E:\Program Files\Fichiers communs\MSSoap
2007-11-22 19:07 --------- d-----w E:\Program Files\Fichiers communs\SpeechEngines
2007-11-22 19:07 --------- d-----w E:\Program Files\Fichiers communs\ODBC
2007-11-13 10:25 20,480 ----a-w E:\WINDOWS\system32\drivers\secdrv.sys
2007-10-29 22:43 1,293,824 ----a-w E:\WINDOWS\system32\quartz.dll
2007-10-25 09:00 230,912 ----a-w E:\WINDOWS\system32\wmasf.dll
2007-10-17 17:23 10,752 ----a-w E:\WINDOWS\system32\WhoisCL.exe
.
