Sujet Précédent Sujet Suivant

Infections multiple

Résolu
fado97 Messages postés 111 Statut Membre -  
fado97 Messages postés 111 Statut Membre -
Bonjour,

depuis hier au soir mon pc est infecté par des virus adware ou autres cochonneries du même genre. Après un moment a lutter pour récupérer un peu de marge pour réparer tout ça je me suis retrouvé avec un message en fond d'écran me disant que mon ordi était infecté par Win32/Adware.Virtumonde et Win32/PrivacyRemover.M64. Je sais pas trop comment m'en débarrasser. C'est la premier fois que je me retrouve avec une infection massive aussi subite (après trois scan avec Adaware et 2 autres antivirus on dirait que y'en a encore).Je reçois aussi des messages d'alerte me disant d'installer tel ou tel trucs, je les ai laissés tel quel sans y toucher on sait jamais. J'ai eu déjà quelques écrans bleus souvent quand je tentais un scan antivirus (les autres scan on été fait en mode sans échec vu que le pc redémarait tout seul au bout d'une dizaine de minutes). PLusieurs éléments comme le panneau de configuration semblent être désactivés. Au final je sais plus trop quoi faire et j'hésite a tenter quoi que ce soit de plus sans conseils.

129 réponses

Réponse 1 / 129
fado97 Messages postés 111 Statut Membre
 
Rapport Hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:24:52, on 13/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Virtual CD v9\System\vc9secs.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Virtual CD v9\System\VC9Play.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Virtual CD v9\System\VC9Tray.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\monjack.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [VC9Player] C:\Program Files\Virtual CD v9\System\VC9Play.exe
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P] Star Wars Empire at War Forces of Corruption
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\PROGRA~1\ORANGE~1\ORANGE~1\ORANGE~1.EXE" /tray
O4 - HKCU\..\Run: [WindowsAPI32] C:\rmxgdx.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 11.70.1193.0 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 11.70.1193.0 (User 'Default user')
O4 - S-1-5-18 Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (User 'Default user')
O4 - Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bw+0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: xggwfe.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Virtual CD v9 Management Service (VC9SecS) - H+H Software GmbH - C:\Program Files\Virtual CD v9\System\vc9secs.exe
1
Réponse 2 / 129
fado97 Messages postés 111 Statut Membre
 
2008-08-06 14:44 55726 --a------ C:\Program Files\alaplaya\S4League\_resources\e15ceda4409148e2
2008-08-06 14:44 55672 --a------ C:\Program Files\alaplaya\S4League\_resources\6831cd7ab64b6fe4
2008-08-06 14:44 556357 --a------ C:\Program Files\alaplaya\S4League\_resources\ac5e1c0d7d5ac585
2008-08-06 14:44 5519 --a------ C:\Program Files\alaplaya\S4League\_resources\ce322f00f2753fb9
2008-08-06 14:44 5514 --a------ C:\Program Files\alaplaya\S4League\_resources\492ad71c50460910
2008-08-06 14:44 5495 --a------ C:\Program Files\alaplaya\S4League\_resources\56aa3c5d2b696d2c
2008-08-06 14:44 5493 --a------ C:\Program Files\alaplaya\S4League\_resources\4c370663e2e5be93
2008-08-06 14:44 54888 --a------ C:\Program Files\alaplaya\S4League\_resources\346cac7133c80d5d
2008-08-06 14:44 5452 --a------ C:\Program Files\alaplaya\S4League\_resources\79b5a62c5a69e489
2008-08-06 14:44 54352 --a------ C:\Program Files\alaplaya\S4League\_resources\9cb06bbaa9fcb206
2008-08-06 14:44 542953 --a------ C:\Program Files\alaplaya\S4League\_resources\1dc4e7c9443a12f1
2008-08-06 14:44 54293 --a------ C:\Program Files\alaplaya\S4League\_resources\f8df6dd23bbbf24a
2008-08-06 14:44 541887 --a------ C:\Program Files\alaplaya\S4League\_resources\300348fbcac35444
2008-08-06 14:44 538817 --a------ C:\Program Files\alaplaya\S4League\_resources\ec7be49b7efb46f2
2008-08-06 14:44 53791 --a------ C:\Program Files\alaplaya\S4League\_resources\ce047b7377d6b0a8
2008-08-06 14:44 536889 --a------ C:\Program Files\alaplaya\S4League\_resources\53f8b4abf56ffb74
2008-08-06 14:44 53124 --a------ C:\Program Files\alaplaya\S4League\_resources\cf2dead9678b90d5
2008-08-06 14:44 52957 --a------ C:\Program Files\alaplaya\S4League\_resources\caaf111cb0de6606
2008-08-06 14:44 52788 --a------ C:\Program Files\alaplaya\S4League\_resources\abed3924a88c656d
2008-08-06 14:44 526818 --a------ C:\Program Files\alaplaya\S4League\_resources\fe6c269a97aa5613
2008-08-06 14:44 5259 --a------ C:\Program Files\alaplaya\S4League\_resources\edab59a57c5df42c
2008-08-06 14:44 524970 --a------ C:\Program Files\alaplaya\S4League\_resources\44a94b43bb99e9a7
2008-08-06 14:44 524784 --a------ C:\Program Files\alaplaya\S4League\_resources\19c203b3b9a2b021
2008-08-06 14:44 524660 --a------ C:\Program Files\alaplaya\S4League\_resources\81ced343fa06fcfe
2008-08-06 14:44 52459 --a------ C:\Program Files\alaplaya\S4League\_resources\d31c48c957d8beac
2008-08-06 14:44 52329 --a------ C:\Program Files\alaplaya\S4League\_resources\3a85ddb3335a703b
2008-08-06 14:44 5230 --a------ C:\Program Files\alaplaya\S4League\_resources\b07927f7e9c888c7
2008-08-06 14:44 523 --a------ C:\Program Files\alaplaya\S4League\_resources\98b40263b7f188d4
2008-08-06 14:44 5202 --a------ C:\Program Files\alaplaya\S4League\_resources\f9f7f41fb7a60f
2008-08-06 14:44 5187 --a------ C:\Program Files\alaplaya\S4League\_resources\5f3605be6d5af69b
2008-08-06 14:44 51842 --a------ C:\Program Files\alaplaya\S4League\_resources\dea97b323ad1f80a
2008-08-06 14:44 5178 --a------ C:\Program Files\alaplaya\S4League\_resources\b707ff9026cc52dc
2008-08-06 14:44 51697 --a------ C:\Program Files\alaplaya\S4League\_resources\16a55e39f16a6ce
2008-08-06 14:44 516811 --a------ C:\Program Files\alaplaya\S4League\_resources\3fde09f09b403f5f
2008-08-06 14:44 516493 --a------ C:\Program Files\alaplaya\S4League\_resources\b63c656671d98672
2008-08-06 14:44 5162 --a------ C:\Program Files\alaplaya\S4League\_resources\28a509b80e6559b3
2008-08-06 14:44 512864 --a------ C:\Program Files\alaplaya\S4League\_resources\3bc9368133bb353c
2008-08-06 14:44 510351 --a------ C:\Program Files\alaplaya\S4League\_resources\8d8573405de18129
2008-08-06 14:44 51030 --a------ C:\Program Files\alaplaya\S4League\_resources\29239d66c5f6dc7e
2008-08-06 14:44 50987 --a------ C:\Program Files\alaplaya\S4League\_resources\15dd4b6454ee2b3f
2008-08-06 14:44 50985 --a------ C:\Program Files\alaplaya\S4League\_resources\9b9cbfc5d529cf4d
2008-08-06 14:44 50645 --a------ C:\Program Files\alaplaya\S4League\_resources\c1299073021d40b7
2008-08-06 14:44 50552 --a------ C:\Program Files\alaplaya\S4League\_resources\a4692953eeaf9a8c
2008-08-06 14:44 50405 --a------ C:\Program Files\alaplaya\S4League\_resources\4f6864d207984bc1
2008-08-06 14:44 5032 --a------ C:\Program Files\alaplaya\S4League\_resources\6184f068cd525172
2008-08-06 14:44 502740 --a------ C:\Program Files\alaplaya\S4League\_resources\4f00cda0e842ab0c
2008-08-06 14:44 501953 --a------ C:\Program Files\alaplaya\S4League\_resources\3e69192271eafe36
2008-08-06 14:44 501484 --a------ C:\Program Files\alaplaya\S4League\_resources\a07e6417189acf0
2008-08-06 14:44 497723 --a------ C:\Program Files\alaplaya\S4League\_resources\578736ea3d0916e1
2008-08-06 14:44 49554 --a------ C:\Program Files\alaplaya\S4League\_resources\8503fb4ced1f36fa
2008-08-06 14:44 4951 --a------ C:\Program Files\alaplaya\S4League\_resources\a1f4ef7fbf7e166f
2008-08-06 14:44 4934 --a------ C:\Program Files\alaplaya\S4League\_resources\161dd437903d55ff
2008-08-06 14:44 492148 --a------ C:\Program Files\alaplaya\S4League\_resources\b588c220cd88296a
2008-08-06 14:44 488791 --a------ C:\Program Files\alaplaya\S4League\_resources\844612e04826e2a0
2008-08-06 14:44 487343 --a------ C:\Program Files\alaplaya\S4League\_resources\7cf213ea17253774
2008-08-06 14:44 48721 --a------ C:\Program Files\alaplaya\S4League\_resources\926235247446e91e
2008-08-06 14:44 486220 --a------ C:\Program Files\alaplaya\S4League\_resources\68e03caebeac2c62
2008-08-06 14:44 4856 --a------ C:\Program Files\alaplaya\S4League\_resources\335b6abf0dae91f4
2008-08-06 14:44 481 --a------ C:\Program Files\alaplaya\S4League\_resources\2f4c29e700e6418f
2008-08-06 14:44 478248 --a------ C:\Program Files\alaplaya\S4League\_resources\6a4b6f82e25bf2fd
2008-08-06 14:44 47647 --a------ C:\Program Files\alaplaya\S4League\_resources\1f6d7536e2269b06
2008-08-06 14:44 476113 --a------ C:\Program Files\alaplaya\S4League\_resources\557e104bc9d2dc7a
2008-08-06 14:44 4752 --a------ C:\Program Files\alaplaya\S4League\_resources\5181497128f57792
2008-08-06 14:44 47364 --a------ C:\Program Files\alaplaya\S4League\_resources\cc9ca38846dd09a6
2008-08-06 14:44 47359 --a------ C:\Program Files\alaplaya\S4League\_resources\b65cf1e9e9450b87
2008-08-06 14:44 47238 --a------ C:\Program Files\alaplaya\S4League\_resources\a9dc1aa86354bc46
2008-08-06 14:44 47200 --a------ C:\Program Files\alaplaya\S4League\_resources\16499bb66796900b
2008-08-06 14:44 471810 --a------ C:\Program Files\alaplaya\S4League\_resources\65ec7fa3bad7e15a
2008-08-06 14:44 47169 --a------ C:\Program Files\alaplaya\S4League\_resources\df5c187f2cb3d9ca
2008-08-06 14:44 47009 --a------ C:\Program Files\alaplaya\S4League\_resources\c0dcf33ec3893204
2008-08-06 14:44 4698 --a------ C:\Program Files\alaplaya\S4League\_resources\899a2f48e9c88430
2008-08-06 14:44 4647 --a------ C:\Program Files\alaplaya\S4League\_resources\9283f305fee2f179
2008-08-06 14:44 46315 --a------ C:\Program Files\alaplaya\S4League\_resources\75e76c624ede1c58
2008-08-06 14:44 46151 --a------ C:\Program Files\alaplaya\S4League\_resources\a59c4a1e2d9af529
2008-08-06 14:44 45964 --a------ C:\Program Files\alaplaya\S4League\_resources\f082fccc50475df4
2008-08-06 14:44 45903 --a------ C:\Program Files\alaplaya\S4League\_resources\f916e0396843f417
2008-08-06 14:44 45890 --a------ C:\Program Files\alaplaya\S4League\_resources\ea4adfb44be1501a
2008-08-06 14:44 45766 --a------ C:\Program Files\alaplaya\S4League\_resources\f5ca34f50956222e
2008-08-06 14:44 45722 --a------ C:\Program Files\alaplaya\S4League\_resources\8f0a6694d36d80c0
2008-08-06 14:44 45697 --a------ C:\Program Files\alaplaya\S4League\_resources\2bddbebf5a5694a5
2008-08-06 14:44 45649 --a------ C:\Program Files\alaplaya\S4League\_resources\908a8dd5ae8bfefb
2008-08-06 14:44 45630 --a------ C:\Program Files\alaplaya\S4League\_resources\944c69de61e110d3
2008-08-06 14:44 45539 --a------ C:\Program Files\alaplaya\S4League\_resources\42b0e03d5c7632d2
2008-08-06 14:44 454149 --a------ C:\Program Files\alaplaya\S4League\_resources\474b05ccc12e323d
2008-08-06 14:44 453860 --a------ C:\Program Files\alaplaya\S4League\_resources\aa08296109e2dd7b
2008-08-06 14:44 4519 --a------ C:\Program Files\alaplaya\S4League\_resources\5f801f2cf3e3b657
2008-08-06 14:44 450092 --a------ C:\Program Files\alaplaya\S4League\_resources\5a4e3625be44fdd8
2008-08-06 14:44 450092 --a------ C:\Program Files\alaplaya\S4League\_resources\5572cd0bbe44fdd8
2008-08-06 14:44 446062 --a------ C:\Program Files\alaplaya\S4League\_resources\692d2442313e72e0
2008-08-06 14:44 444389 --a------ C:\Program Files\alaplaya\S4League\_resources\e76cd0e3bb23a177
2008-08-06 14:44 44249 --a------ C:\Program Files\alaplaya\S4League\_resources\ee8c3bbfdb4ea2ad
2008-08-06 14:44 440989 --a------ C:\Program Files\alaplaya\S4League\_resources\5d72c7bdf158b9c3
2008-08-06 14:44 440047 --a------ C:\Program Files\alaplaya\S4League\_resources\e0c5cc10f585e9b7
2008-08-06 14:44 4388 --a------ C:\Program Files\alaplaya\S4League\_resources\fa81f8ee87440295
2008-08-06 14:44 438544 --a------ C:\Program Files\alaplaya\S4League\_resources\949b1f0913c72c03
2008-08-06 14:44 43775 --a------ C:\Program Files\alaplaya\S4League\_resources\18b03e78ae86ebf3
2008-08-06 14:44 43773 --a------ C:\Program Files\alaplaya\S4League\_resources\381d054813c16d52
2008-08-06 14:44 437612 --a------ C:\Program Files\alaplaya\S4League\_resources\95ea3f514dc0c311
2008-08-06 14:44 437327 --a------ C:\Program Files\alaplaya\S4League\_resources\b354f29518f4104b
2008-08-06 14:44 43714 --a------ C:\Program Files\alaplaya\S4League\_resources\62706c19ca6ed4e7
2008-08-06 14:44 43679 --a------ C:\Program Files\alaplaya\S4League\_resources\9e3acf01cb60d8cd
2008-08-06 14:44 4364 --a------ C:\Program Files\alaplaya\S4League\_resources\7ad40b396cf72554
2008-08-06 14:44 43417 --a------ C:\Program Files\alaplaya\S4League\_resources\f10cd0feb0217c86
2008-08-06 14:44 43386 --a------ C:\Program Files\alaplaya\S4League\_resources\4e9d079fec14874b
2008-08-06 14:44 433303 --a------ C:\Program Files\alaplaya\S4League\_resources\9aa7a8d7310ae697
2008-08-06 14:44 43291 --a------ C:\Program Files\alaplaya\S4League\_resources\2aca44bc96069e94
2008-08-06 14:44 43167 --a------ C:\Program Files\alaplaya\S4League\_resources\6abb69c1b31c0f00
2008-08-06 14:44 43159 --a------ C:\Program Files\alaplaya\S4League\_resources\5c4a466be152d17e
2008-08-06 14:44 42951 --a------ C:\Program Files\alaplaya\S4League\_resources\81ba24408e5f3fda
2008-08-06 14:44 42841 --a------ C:\Program Files\alaplaya\S4League\_resources\f3b173f918ae3b6b
2008-08-06 14:44 42811 --a------ C:\Program Files\alaplaya\S4League\_resources\e4fa9d609a3e9244
2008-08-06 14:44 426 --a------ C:\Program Files\alaplaya\S4League\_resources\398b3c0c1e878804
2008-08-06 14:44 4253 --a------ C:\Program Files\alaplaya\S4League\_resources\b95ae7e04043405
2008-08-06 14:44 42516 --a------ C:\Program Files\alaplaya\S4League\_resources\958626ff33c72a17
2008-08-06 14:44 425 --a------ C:\Program Files\alaplaya\S4League\_resources\4731d41f85555a3d
2008-08-06 14:44 4248 --a------ C:\Program Files\alaplaya\S4League\_resources\c25e82b73e6cacac
2008-08-06 14:44 42254 --a------ C:\Program Files\alaplaya\S4League\_resources\1fb72ff561fd7efb
2008-08-06 14:44 42236 --a------ C:\Program Files\alaplaya\S4League\_resources\3b213bf73ce9c667
2008-08-06 14:44 4210976 --a------ C:\Program Files\alaplaya\S4League\_resources\1c82222193f94bb
2008-08-06 14:44 41978 --a------ C:\Program Files\alaplaya\S4League\_resources\454f48e179ea5970
2008-08-06 14:44 41963 --a------ C:\Program Files\alaplaya\S4League\_resources\1dbc089dcea4564a
2008-08-06 14:44 41762 --a------ C:\Program Files\alaplaya\S4League\_resources\ad3c5bb464b4553d
2008-08-06 14:44 417 --a------ C:\Program Files\alaplaya\S4League\_resources\9fbe8a052a50c31f
2008-08-06 14:44 4153 --a------ C:\Program Files\alaplaya\S4League\_resources\b983050fd06aa230
2008-08-06 14:44 4083 --a------ C:\Program Files\alaplaya\S4League\_resources\406d9d6db0b6dd53
2008-08-06 14:44 40749 --a------ C:\Program Files\alaplaya\S4League\_resources\c051ea67651ef033
2008-08-06 14:44 40735 --a------ C:\Program Files\alaplaya\S4League\_resources\5190f5872a5b9c2c
2008-08-06 14:44 40680 --a------ C:\Program Files\alaplaya\S4League\_resources\dfd10126929cdfda
2008-08-06 14:44 40652 --a------ C:\Program Files\alaplaya\S4League\_resources\2a28ddf2ad920783
2008-08-06 14:44 40532 --a------ C:\Program Files\alaplaya\S4League\_resources\f8039088c06aaf4b
2008-08-06 14:44 404809 --a------ C:\Program Files\alaplaya\S4League\_resources\e7089f574d6f8f
2008-08-06 14:44 40450 --a------ C:\Program Files\alaplaya\S4League\_resources\58d763e4e15fbd5
2008-08-06 14:44 402410 --a------ C:\Program Files\alaplaya\S4League\_resources\9fc6494bd3cbc49a
2008-08-06 14:44 40214 --a------ C:\Program Files\alaplaya\S4League\_resources\6d05d2cfb36ad95f
2008-08-06 14:44 4013 --a------ C:\Program Files\alaplaya\S4League\_resources\bb7c3b1640bf3c6
2008-08-06 14:44 401129 --a------ C:\Program Files\alaplaya\S4League\_resources\ae8de1a15b209e75
2008-08-06 14:44 401 --a------ C:\Program Files\alaplaya\S4League\_resources\a19a075ebbd655f1
2008-08-06 14:44 40064 --a------ C:\Program Files\alaplaya\S4League\_resources\d92a4490d909e9a3
2008-08-06 14:44 40048 --a------ C:\Program Files\alaplaya\S4League\_resources\ebc8c1b205bd7fe8
2008-08-06 14:44 39990 --a------ C:\Program Files\alaplaya\S4League\_resources\da25b92008c2fff8
2008-08-06 14:44 39988 --a------ C:\Program Files\alaplaya\S4League\_resources\38ff9c06a9fa5194
2008-08-06 14:44 3996 --a------ C:\Program Files\alaplaya\S4League\_resources\131aeae25b9dd3cc
2008-08-06 14:44 39876 --a------ C:\Program Files\alaplaya\S4League\_resources\6491ce3ae740840a
2008-08-06 14:44 3968 --a------ C:\Program Files\alaplaya\S4League\_resources\765a53c2a03e3e89
2008-08-06 14:44 3960 --a------ C:\Program Files\alaplaya\S4League\_resources\69dab883f72bf643
2008-08-06 14:44 39584 --a------ C:\Program Files\alaplaya\S4League\_resources\4536202f2867ff6e
2008-08-06 14:44 3954 --a------ C:\Program Files\alaplaya\S4League\_resources\c9a01a3c4ab7a15
2008-08-06 14:44 39535 --a------ C:\Program Files\alaplaya\S4League\_resources\23ce3dc8306002f
2008-08-06 14:44 3913 --a------ C:\Program Files\alaplaya\S4League\_resources\1cf4655055b7f39a
2008-08-06 14:44 3909133 --a------ C:\Program Files\alaplaya\S4League\_resources\ec6abbcd331a486
2008-08-06 14:44 3904 --a------ C:\Program Files\alaplaya\S4League\_resources\bcb788d9bb6611aa
2008-08-06 14:44 3904 --a------ C:\Program Files\alaplaya\S4League\_resources\2afc2821bb6611aa
2008-08-06 14:44 390110 --a------ C:\Program Files\alaplaya\S4League\_resources\baaf220abac2ca52
2008-08-06 14:44 390110 --a------ C:\Program Files\alaplaya\S4League\_resources\8b692b7abac2ca52
2008-08-06 14:44 38891 --a------ C:\Program Files\alaplaya\S4League\_resources\57c6913810206a58
2008-08-06 14:44 38773 --a------ C:\Program Files\alaplaya\S4League\_resources\9e2b68ca10e166c1
2008-08-06 14:44 38603 --a------ C:\Program Files\alaplaya\S4League\_resources\bd1b50734eb9c74e
2008-08-06 14:44 38569 --a------ C:\Program Files\alaplaya\S4League\_resources\4132d40f05888059
2008-08-06 14:44 385393 --a------ C:\Program Files\alaplaya\S4League\_resources\ca297e134a878c19
2008-08-06 14:44 38475 --a------ C:\Program Files\alaplaya\S4League\_resources\e671912ef2693e66
2008-08-06 14:44 3839 --a------ C:\Program Files\alaplaya\S4League\_resources\fb0a2b2624256cc0
2008-08-06 14:44 38319 --a------ C:\Program Files\alaplaya\S4League\_resources\d0eec1a09b3f9757
2008-08-06 14:44 38300 --a------ C:\Program Files\alaplaya\S4League\_resources\b48f4c86279eed71
2008-08-06 14:44 38285 --a------ C:\Program Files\alaplaya\S4League\_resources\a51153475b74939c
2008-08-06 14:44 381873 --a------ C:\Program Files\alaplaya\S4League\_resources\8a2ee28222adf2c
2008-08-06 14:44 38141 --a------ C:\Program Files\alaplaya\S4League\_resources\5eaf3501dc33efe9
2008-08-06 14:44 381221 --a------ C:\Program Files\alaplaya\S4League\_resources\f56e170fa5e6d6fa
2008-08-06 14:44 38042 --a------ C:\Program Files\alaplaya\S4League\_resources\18ebf02f6efe55c2
2008-08-06 14:44 38000 --a------ C:\Program Files\alaplaya\S4League\_resources\1fd76f6de808ae0f
2008-08-06 14:44 379831 --a------ C:\Program Files\alaplaya\S4League\_resources\45a91ba749c652e5
2008-08-06 14:44 3791 --a------ C:\Program Files\alaplaya\S4League\_resources\cc75b4c70f2880d4
2008-08-06 14:44 37810 --a------ C:\Program Files\alaplaya\S4League\_resources\92591a78cfa8cd93
2008-08-06 14:44 378 --a------ C:\Program Files\alaplaya\S4League\_resources\2e8f4e7d55ea468c
2008-08-06 14:44 3779 --a------ C:\Program Files\alaplaya\S4League\_resources\100b66a7aadd59c9
2008-08-06 14:44 3770 --a------ C:\Program Files\alaplaya\S4League\_resources\250d0f0d79bec7d7
2008-08-06 14:44 377 --a------ C:\Program Files\alaplaya\S4League\_resources\702b524f33aa4c6f
2008-08-06 14:44 3768 --a------ C:\Program Files\alaplaya\S4League\_resources\81ca7947abee7fee
2008-08-06 14:44 37678 --a------ C:\Program Files\alaplaya\S4League\_resources\2d06c3591c3b7f1f
2008-08-06 14:44 37658 --a------ C:\Program Files\alaplaya\S4League\_resources\656191d138984
2008-08-06 14:44 374773 --a------ C:\Program Files\alaplaya\S4League\_resources\d29fe8031f9a41f7
2008-08-06 14:44 37248 --a------ C:\Program Files\alaplaya\S4League\_resources\334a402157da2ba8
2008-08-06 14:44 37124 --a------ C:\Program Files\alaplaya\S4League\_resources\7df08758a516e2bd
2008-08-06 14:44 371032 --a------ C:\Program Files\alaplaya\S4League\_resources\c049106fe7d82360
2008-08-06 14:44 3709 --a------ C:\Program Files\alaplaya\S4League\_resources\2c9913f86056d983
2008-08-06 14:44 37072 --a------ C:\Program Files\alaplaya\S4League\_resources\e7837bc96b4006ba
2008-08-06 14:44 37052 --a------ C:\Program Files\alaplaya\S4League\_resources\80dde9863d490027
2008-08-06 14:44 3705 --a------ C:\Program Files\alaplaya\S4League\_resources\388a0aeecea6783c
2008-08-06 14:44 36820 --a------ C:\Program Files\alaplaya\S4League\_resources\ddaecf1a110367e0
2008-08-06 14:44 36624 --a------ C:\Program Files\alaplaya\S4League\_resources\dc920c5e44415792
2008-08-06 14:44 36608 --a------ C:\Program Files\alaplaya\S4League\_resources\76426429ef08c9b0
2008-08-06 14:44 3659 --a------ C:\Program Files\alaplaya\S4League\_resources\c266f6c9ca302e4
2008-08-06 14:44 3653 --a------ C:\Program Files\alaplaya\S4League\_resources\afde6e5797953427
2008-08-06 14:44 36521 --a------ C:\Program Files\alaplaya\S4League\_resources\9080f8e26186a736
2008-08-06 14:44 36514 --a------ C:\Program Files\alaplaya\S4League\_resources\eec83a9693bcfb9e
2008-08-06 14:44 36491 --a------ C:\Program Files\alaplaya\S4League\_resources\f5c041c2fa48035f
2008-08-06 14:44 36482 --a------ C:\Program Files\alaplaya\S4League\_resources\87f59a03c070d45d
2008-08-06 14:44 36353 --a------ C:\Program Files\alaplaya\S4League\_resources\d157ca91968c1429
2008-08-06 14:44 36334 --a------ C:\Program Files\alaplaya\S4League\_resources\9c1d9705a6a096c2
2008-08-06 14:44 3619 --a------ C:\Program Files\alaplaya\S4League\_resources\25b640778139a8a3
2008-08-06 14:44 36172 --a------ C:\Program Files\alaplaya\S4League\_resources\95898bf05680ebb0
2008-08-06 14:44 3617 --a------ C:\Program Files\alaplaya\S4League\_resources\4405f0cb1aee6115
2008-08-06 14:44 36062 --a------ C:\Program Files\alaplaya\S4League\_resources\48467a7989280e95
2008-08-06 14:44 35991 --a------ C:\Program Files\alaplaya\S4League\_resources\45f30796fa61f50d
2008-08-06 14:44 3594 --a------ C:\Program Files\alaplaya\S4League\_resources\156079a5f9f48cd5
2008-08-06 14:44 35849 --a------ C:\Program Files\alaplaya\S4League\_resources\fc1f7b6205b78849
2008-08-06 14:44 358126 --a------ C:\Program Files\alaplaya\S4League\_resources\d3b85c0e3eefc21
2008-08-06 14:44 3572 --a------ C:\Program Files\alaplaya\S4League\_resources\8d10ebea6612c124
2008-08-06 14:44 35695 --a------ C:\Program Files\alaplaya\S4League\_resources\e3c6b19f5b59d19d
2008-08-06 14:44 356829 --a------ C:\Program Files\alaplaya\S4League\_resources\4503c51412c8facd
2008-08-06 14:44 35654 --a------ C:\Program Files\alaplaya\S4League\_resources\b795a0b9115dc234
2008-08-06 14:44 35557 --a------ C:\Program Files\alaplaya\S4League\_resources\a9d20ef11e3870e9
2008-08-06 14:44 35537 --a------ C:\Program Files\alaplaya\S4League\_resources\fea772a08c19158
2008-08-06 14:44 35420 --a------ C:\Program Files\alaplaya\S4League\_resources\2759a26ae4409e6c
2008-08-06 14:44 35269 --a------ C:\Program Files\alaplaya\S4League\_resources\e45c6138377bc303
2008-08-06 14:44 35206 --a------ C:\Program Files\alaplaya\S4League\_resources\e48556349d182f4e
2008-08-06 14:44 3518 --a------ C:\Program Files\alaplaya\S4League\_resources\dd5b614798c607ca
2008-08-06 14:44 35003 --a------ C:\Program Files\alaplaya\S4League\_resources\d98765993efbfb62
2008-08-06 14:44 34948 --a------ C:\Program Files\alaplaya\S4League\_resources\b77cf20d3aee62ab
2008-08-06 14:44 34927 --a------ C:\Program Files\alaplaya\S4League\_resources\d2d519994997d3d2
2008-08-06 14:44 3488 --a------ C:\Program Files\alaplaya\S4League\_resources\f10ce556b50150ca
2008-08-06 14:44 345581 --a------ C:\Program Files\alaplaya\S4League\_resources\29300edf977fc0b7
1
Réponse 3 / 129
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Salut,

fais ceci pour voir ce qui ce passe concrètement :

Télécharges et installes le logiciel HijackThis :

ici : ftp://ftp.commentcamarche.com/download/HJTInstall.exe
ou ici : http://www.trendsecure.com/portal/en-US/_download/HJTInstall.exe
ou ici : https://www.clubic.com/telecharger-fiche17891-hijackthis.html

1- Cliques sur le setup pour lancer l'installe : laisses toi guider et ne modifies pas les paramètres d'installation .
A la fin de l'installe , le prg ce lance automatiquement : fermes le en cliquant sur la croix rouge .
Au final, tu dois avoir un raccourci sur ton bureau et aussi un cheminement comme : "C:\ program files\Trend Micro\HijackThis\HijackThis.exe " .
Supprimes le raccourcis stp ...

Important :
Renommer le prg HijackThis (pour contrer une éventuelle infection Vundo):
Rends toi sur ton PC ici "C:\ program files\Trend Micro\HijackThis\HijackThis.exe"<---cliques droit sur ce dernier et choisis "renommer" : tapes monjack et valides .
Puis cliques droit sur "monjack.exe" et choisis "envoyer vers" -> le bureau ( créer un raccourci ).

tuto pour utilisation
Regardes ici, c'est parfaitement expliqué en images (merci balltrap34) :
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
( Ne fixes encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement )

2-!! Déconnectes toi et fermes toute tes applications en cours !!

Cliques sur le raccourci du bureau pour lancer le prg :
fais un scan "monjack" (ou HijackThis renommé) en cliquant sur : "Do a system scan and save a logfile"

---> Postes le rapport généré pour analyse ...
0
Réponse 4 / 129
hyaccynthe
 
télécharge Hijackthis : http://www.trendsecure.com/portal/en-US/tools/security_tools/hijackthis

et essaye ça,ça pourra peu être d'aider. http://www.hijackthis.de/fr
sinon post le sur ton message ça aidera à comprendre ce qu'il y a sur ton ordinateur.

Et tu as cela aussi si tu veux des infos : https://www.bleepingcomputer.com/tutorials/comment-utiliser-hijackthis/
0
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Salut,

et essaye ça,ça pourra peu être d'aider. http://www.hijackthis.de/fr

-> ce robot est d'une fiabiliter plus que douteuse ... ^^"

poster le rapport ici est beaucoup plus viable ....


A+ ;)
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 129
fado97 Messages postés 111 Statut Membre
 
Voici le rapport suite au scan:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:52: VIRUS ALERT!, on 13/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\afinding.exe
C:\WINDOWS\system32\afisicx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\mabidwe.exe
C:\WINDOWS\system32\macidwe.exe
C:\WINDOWS\system32\noytcyr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\perfs.exe
C:\WINDOWS\system32\perfs.exe
C:\WINDOWS\system32\routing.exe
C:\WINDOWS\system32\roytctm.exe
C:\WINDOWS\system32\soxpeca.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\tdxdowkc.exe
C:\WINDOWS\system32\tdydowkc.exe
C:\Program Files\Virtual CD v9\System\vc9secs.exe
C:\WINDOWS\system32\wserving.exe
C:\WINDOWS\system32\wsldoekd.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Application Data\ijqtyben\cnkzwdej.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Virtual CD v9\System\VC9Play.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\DOCUME~1\Asus\LOCALS~1\Temp\winlogen.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\System32\rs32net.exe
C:\WINDOWS\system32\lphcvj0j0ep2v.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\rs32net.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
c:\d1.exe
C:\Program Files\RSSoft\RedSwoosh.exe
C:\Program Files\Virtual CD v9\System\VC9Tray.exe
C:\DOCUME~1\Asus\LOCALS~1\Temp\csrssc.exe
C:\Documents and Settings\Asus\Application Data\Adobe\Player.exe
C:\DOCUME~1\Asus\LOCALS~1\Temp\csrssc.exe
C:\WINDOWS\system32\fspsbqvk.exe
C:\WINDOWS\System32\rs32net.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Trend Micro\HijackThis\monjack.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {0574d50f-c261-490d-bf39-4e91183c4efb} - C:\WINDOWS\system32\byXnoNHY.dll
O2 - BHO: (no name) - {3e30eb48-f2e8-4878-831c-baefb5ba0645} - C:\WINDOWS\system32\jkklIbbb.dll
O2 - BHO: C:\WINDOWS\system32\jsd72hf4t.dll - {c5bf49a2-94f3-42bd-f434-3604812c897d} - C:\WINDOWS\system32\jsd72hf4t.dll
O2 - BHO: QXK Olive - {e81a1b8a-4dae-45e2-ae1a-674465df0a91} - C:\WINDOWS\vortsgbqpvo.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O3 - Toolbar: olnmraew - {B57C06B1-B493-4579-840D-0ED09B8BDDF6} - C:\WINDOWS\olnmraew.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [VC9Player] C:\Program Files\Virtual CD v9\System\VC9Play.exe
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P] Star Wars Empire at War Forces of Corruption
O4 - HKLM\..\Run: [ksjf93orkekfniw73nfdd] C:\DOCUME~1\Asus\LOCALS~1\Temp\winlogen.exe
O4 - HKLM\..\Run: [lphcvj0j0ep2v] C:\WINDOWS\system32\lphcvj0j0ep2v.exe
O4 - HKLM\..\Run: [inrhcrj0j0ep2v] C:\WINDOWS\Temp\.tt2C.tmp.exe /CR=BF41E8B2D96ED8F141145E40F597DD534F50C50E2C5D45DE20F421A46F0D55DA09408D163EC769508CD3A85536A18A1D953DA3A4C015E5DA4EE06533528A7517CADF69D786EA381430DB75811B43C15625E96EA358388F
O4 - HKLM\..\Run: [7c1cd381] rundll32.exe "C:\WINDOWS\system32\oeaysyat.dll",b
O4 - HKLM\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Red Swoosh] C:\Program Files\RSSoft\RedSwoosh.exe /S
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\PROGRA~1\ORANGE~1\ORANGE~1\ORANGE~1.EXE" /tray
O4 - HKCU\..\Run: [user16] C:\WINDOWS\system32\winhlp.exe
O4 - HKCU\..\Run: [] C:\Documents and Settings\Asus\Application Data\Adobe\Player.exe
O4 - HKCU\..\Run: [ksjf93orkekfniw73nfdd] C:\DOCUME~1\Asus\LOCALS~1\Temp\winlogen.exe
O4 - HKCU\..\Run: [Jnskdfmf9eldfd] C:\DOCUME~1\Asus\LOCALS~1\Temp\csrssc.exe
O4 - HKCU\..\Run: [\YUR1687.exe] C:\Windows\system32\YUR1687.exe
O4 - HKCU\..\Run: [\YUR168A.exe] C:\Windows\system32\YUR168A.exe
O4 - HKCU\..\Run: [\YUR168D.exe] C:\Windows\system32\YUR168D.exe
O4 - HKCU\..\Run: [\YUR168E.exe] C:\Windows\system32\YUR168E.exe
O4 - HKCU\..\Run: [hlpsrvstr] C:\WINDOWS\system32\fspsbqvk.exe
O4 - HKCU\..\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKCU\..\Run: [\YUR5.exe] C:\Windows\system32\YUR5.exe
O4 - HKCU\..\Run: [\YUR6.exe] C:\Windows\system32\YUR6.exe
O4 - HKCU\..\Run: [\YUR7.exe] C:\Windows\system32\YUR7.exe
O4 - HKCU\..\Run: [WindowsAPI32] c:\rmxgdx.exe
O4 - HKLM\..\Policies\Explorer\Run: [iUJeR2IUld] C:\Documents and Settings\All Users\Application Data\ijqtyben\cnkzwdej.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 11.70.1193.0 (User 'Default user')
O4 - .DEFAULT Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (User 'Default user')
O4 - Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bw+0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: xggwfe.dll
O20 - Winlogon Notify: byXnoNHY - C:\WINDOWS\SYSTEM32\byXnoNHY.dll
O20 - Winlogon Notify: winbqe32 - C:\WINDOWS\SYSTEM32\winbqe32.dll
O20 - Winlogon Notify: xsrbgna - C:\WINDOWS\SYSTEM32\xsrbgna32.dll
O21 - SSODL: qmafxprs - {0E5ED858-533F-4267-9A47-1167E32416F9} - C:\WINDOWS\qmafxprs.dll
O21 - SSODL: lfstbwvd - {67848EE2-0BAD-49F8-8AE2-DDBB74802A74} - C:\WINDOWS\lfstbwvd.dll
O21 - SSODL: ComEn - {476EC286-BF47-D98D-6C8B-052C2888455E} - C:\Program Files\pkjjpce\ComEn.dll
O22 - SharedTaskScheduler: lksdfj98w3rmsekfnaui3rgfdgf - {C5BF49A2-94F3-42BD-F434-3604812C897D} - C:\WINDOWS\system32\jsd72hf4t.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AFinding Service (AFinding) - Unknown owner - C:\WINDOWS\system32\afinding.exe
O23 - Service: afisicx Service (afisicx) - Unknown owner - C:\WINDOWS\system32\afisicx.exe
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: mabidwe Service (mabidwe) - Unknown owner - C:\WINDOWS\system32\mabidwe.exe
O23 - Service: macidwe Service (macidwe) - Unknown owner - C:\WINDOWS\system32\macidwe.exe
O23 - Service: noytcyr Service (noytcyr) - Unknown owner - C:\WINDOWS\system32\noytcyr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: perfmons Service (perfmons) - Unknown owner - C:\WINDOWS\system32\perfs.exe
O23 - Service: perfs Service (perfs) - Unknown owner - C:\WINDOWS\system32\perfs.exe
O23 - Service: Routing Service (Routing) - Unknown owner - C:\WINDOWS\system32\routing.exe
O23 - Service: roytctm Service (roytctm) - Unknown owner - C:\WINDOWS\system32\roytctm.exe
O23 - Service: soxpeca Service (soxpeca) - Unknown owner - C:\WINDOWS\system32\soxpeca.exe
O23 - Service: tdxdowkc Service (tdxdowkc) - Unknown owner - C:\WINDOWS\system32\tdxdowkc.exe
O23 - Service: tdydowkc Service (tdydowkc) - Unknown owner - C:\WINDOWS\system32\tdydowkc.exe
O23 - Service: Virtual CD v9 Management Service (VC9SecS) - H+H Software GmbH - C:\Program Files\Virtual CD v9\System\vc9secs.exe
O23 - Service: WServing Service (WServing) - Unknown owner - C:\WINDOWS\system32\wserving.exe
O23 - Service: wsldoekd Service (wsldoekd) - Unknown owner - C:\WINDOWS\system32\wsldoekd.exe
0
Réponse 6 / 129
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Bien ....

jamais vu ça lol !

C'est la méga cata ton PC !!!

fais ceci pour commencer :

Télécharges SmitfraudFix (de S!Ri, balltrap34 et moe31 ) :
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Installes le soft sur ton bureau ( et pas ailleurs! ) .

!! Déconnectes toi, fermes toute tes applications et désactives tes défenses ( anti-virus ,anti-spyware,...) le temps de la manipe !!

Tuto ( aide ) : http://siri.urz.free.fr/Fix/SmitfraudFix.php

Utilisation ---> option 1 / Recherche :
Double cliques sur l'icône "Smitfraudfix.exe" et sélectionnes 1 (et pas sur autre chose sans notre accord !) pour créer un rapport des fichiers responsables de l'infection.

Postes le rapport ( "rapport.txt" qui se trouve sous C\: ) et attends la suite ...

(Attention : "process.exe", un composant de l'outil, est détecté par certains antivirus comme étant un "RiskTool". Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité.)
0
Réponse 7 / 129
fado97 Messages postés 111 Statut Membre
 
Comme quoi suffit d'un clic pour causer un drame lol

Voici le rapport avec SmitFraudFix:

SmitFraudFix v2.359

Rapport fait à 16:42:50,49, 13/10/2008
Executé à partir de C:\Documents and Settings\Asus\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\afinding.exe
C:\WINDOWS\system32\afisicx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\mabidwe.exe
C:\WINDOWS\system32\macidwe.exe
C:\WINDOWS\system32\noytcyr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\perfs.exe
C:\WINDOWS\system32\perfs.exe
C:\WINDOWS\system32\routing.exe
C:\WINDOWS\system32\roytctm.exe
C:\WINDOWS\system32\soxpeca.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\tdxdowkc.exe
C:\WINDOWS\system32\tdydowkc.exe
C:\Program Files\Virtual CD v9\System\vc9secs.exe
C:\WINDOWS\system32\wserving.exe
C:\WINDOWS\system32\wsldoekd.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\All Users\Application Data\ijqtyben\cnkzwdej.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Virtual CD v9\System\VC9Play.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\DOCUME~1\Asus\LOCALS~1\Temp\winlogen.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\System32\rs32net.exe
C:\WINDOWS\system32\lphcvj0j0ep2v.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\rs32net.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
c:\d1.exe
C:\Program Files\RSSoft\RedSwoosh.exe
C:\Program Files\Virtual CD v9\System\VC9Tray.exe
C:\Documents and Settings\Asus\Application Data\Adobe\Player.exe
C:\WINDOWS\system32\fspsbqvk.exe
C:\WINDOWS\System32\rs32net.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\DOCUME~1\Asus\LOCALS~1\Temp\csrssc.exe
C:\Documents and Settings\Asus\Bureau\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts

»»»»»»»»»»»»»»»»»»»»»»»» C:\

C:\drsmartload?.exe PRESENT !
C:\drsmartload??.exe PRESENT !
C:\drsmartload???.exe PRESENT !
C:\drsmartload????.exe PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\lfstbwvd.dll PRESENT !
C:\WINDOWS\qkeftmxn.exe PRESENT !
C:\WINDOWS\Tasks\At?.job PRESENT !
C:\WINDOWS\Tasks\At??.job PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\1.ico PRESENT !
C:\WINDOWS\system32\2.ico PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Asus

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Asus\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Asus\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\akl\ PRESENT !
C:\Program Files\PCHealthCenter\ PRESENT !
C:\Program Files\serial.zip PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
+--------------------------------------------------+
[!] Suspicious: vortsgbqpvo.dll
BHO: QXK Olive - {e81a1b8a-4dae-45e2-ae1a-674465df0a91}
TypeLib: {9B53CB1D-8E98-4265-9F5C-D4B395BF3B90}
Interface: {1e943f6b-368b-4c0e-84d5-caf0ade05aee}
Interface: {46a94436-2abf-40a1-80e3-974764ff0293}

[!] Suspicious: olnmraew.dll
Toolbar: olnmraew - {B57C06B1-B493-4579-840D-0ED09B8BDDF6}
TypeLib: {A71B6C15-A015-4B70-93A7-41A3CC70EF35}
Interface: {58d51215-fb3c-4bfc-8359-6652e4563556}
Classe: olnmraew.blmw
Classe: olnmraew.ToolBar.1

[!] Suspicious: qmafxprs.dll
SSODL: qmafxprs - {0E5ED858-533F-4267-9A47-1167E32416F9}

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{C5BF49A2-94F3-42BD-F434-3604812C897D}"="lksdfj98w3rmsekfnaui3rgfdgf"

[HKEY_CLASSES_ROOT\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C897D}\InProcServer32]
@="C:\WINDOWS\system32\jsd72hf4t.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C897D}\InProcServer32]
@="C:\WINDOWS\system32\jsd72hf4t.dll"

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="xggwfe.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Attansic L1 Gigabit Ethernet 10/100/1000Base-T Controller - Miniport d'ordonnancement de paquets
DNS Server Search Order: 212.27.40.241
DNS Server Search Order: 212.27.40.240

HKLM\SYSTEM\CCS\Services\Tcpip\..\{4615C5B4-EBDE-409E-9CA9-7D1AADA625C6}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4615C5B4-EBDE-409E-9CA9-7D1AADA625C6}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4615C5B4-EBDE-409E-9CA9-7D1AADA625C6}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 8 / 129
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Comme quoi suffit d'un clic pour causer un drame

--> un clique ! ? mouarf , beaucoup plus . Et à cela pas de défenses sur ton PC !!! C'est suicidaire !!! Mais pour ce qui est de cela , on verra une fois que l'on aura fait un max de ménage ...

la suite :

Suite de la manipe ( nettoyage ), fais exactement ce qui suit :

Impératif : Démarrer en mode sans echec .

/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

Comment aller en Mode sans échec :
1) Redémarres ton ordi .
2) Tapotes la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip" .
3) Tu tapotes jusqu' à l'apparition de l'écran avec les options de démarrage .
4) Choisis la première option : Sans Échec , et valides en tapant sur [Entrée] .
5) Choisis ton compte habituel ( et pas Administrateur ).
attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...

* Double-cliques sur SmitfraudFix.exe

* Sélectionnes 2 et presses "Entrée" dans le menu pour supprimer les fichiers responsables de l'infection.

--> Si besion :

* A la question: Voulez-vous nettoyer le registre ? répondre O (oui) et presser Entrée afin de débloquer le fond d'écran et supprimer les clés de registre de l'infection.

( Le correctif déterminera si le fichier wininet.dll est infecté.)

* A la question: "Corriger le fichier infecté ?" répondre O (oui) et presser Entrée
pour remplacer le fichier corrompu.

* Un redémarrage sera peut être nécessaire pour terminer la procédure de nettoyage ( sinon fais le manuellement )

Le rapport se trouve à la racine de C\:
(dans le fichier "rapport.txt")

Postes moi ce dernier rapport accompagné, dans la même réponse, d'un nouveau rapport
hijackthis ( fais en mode normal ) et attends les instructions ...

( ps : ton fond d'ecran aura disparu , c'est normal et attendu )
0
Réponse 9 / 129
fado97 Messages postés 111 Statut Membre
 
J'ai fait le nettoyage en mode sans echec (j'ai pas eu "Corriger le fichier infecté" cela dit) et voici le rapport:

SmitFraudFix v2.359

Rapport fait à 17:31:43,68, 13/10/2008
Executé à partir de C:\Documents and Settings\Asus\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{C5BF49A2-94F3-42BD-F434-3604812C897D}"="lksdfj98w3rmsekfnaui3rgfdgf"

[HKEY_CLASSES_ROOT\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C897D}\InProcServer32]
@="C:\WINDOWS\system32\jsd72hf4t.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C897D}\InProcServer32]
@="C:\WINDOWS\system32\jsd72hf4t.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» hosts

127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
C:\WINDOWS\vortsgbqpvo.dll deleted.
C:\WINDOWS\olnmraew.dll deleted.
C:\WINDOWS\qmafxprs.dll deleted.

»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\drsmartload?.exe supprimé
C:\WINDOWS\lfstbwvd.dll supprimé
Deleting [HKEY_CLASSES_ROOT\CLSID\{67848EE2-0BAD-49F8-8AE2-DDBB74802A74}]
C:\WINDOWS\qkeftmxn.exe supprimé
C:\WINDOWS\Tasks\At?.job supprimé
C:\WINDOWS\system32\1.ico supprimé
C:\WINDOWS\system32\2.ico supprimé
C:\Program Files\akl\ supprimé
C:\Program Files\PCHealthCenter\ supprimé
C:\Program Files\serial.zip supprimé

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix

AntiXPVSTFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» RK

»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{4615C5B4-EBDE-409E-9CA9-7D1AADA625C6}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\..\{4615C5B4-EBDE-409E-9CA9-7D1AADA625C6}: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\..\{4615C5B4-EBDE-409E-9CA9-7D1AADA625C6}: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 0.0.0.0
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=212.27.40.241 212.27.40.240

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{C5BF49A2-94F3-42BD-F434-3604812C897D}"="lksdfj98w3rmsekfnaui3rgfdgf"

[HKEY_CLASSES_ROOT\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C897D}\InProcServer32]
@="C:\WINDOWS\system32\jsd72hf4t.dll"

[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{C5BF49A2-94F3-42BD-F434-3604812C897D}\InProcServer32]
@="C:\WINDOWS\system32\jsd72hf4t.dll"

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Et voici le nouveau rapport HijackThis en mode normal:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:41: VIRUS ALERT!, on 13/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\afinding.exe
C:\WINDOWS\system32\afisicx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\mabidwe.exe
C:\WINDOWS\system32\macidwe.exe
C:\WINDOWS\system32\noytcyr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
C:\WINDOWS\system32\perfs.exe
C:\WINDOWS\system32\perfs.exe
C:\Documents and Settings\All Users\Application Data\ijqtyben\cnkzwdej.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\WINDOWS\system32\routing.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\roytctm.exe
C:\Program Files\Virtual CD v9\System\VC9Play.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\soxpeca.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\lphcvj0j0ep2v.exe
C:\WINDOWS\system32\tdxdowkc.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\System32\rs32net.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\tdydowkc.exe
C:\Program Files\RSSoft\RedSwoosh.exe
C:\Documents and Settings\Asus\Application Data\Adobe\Player.exe
C:\WINDOWS\system32\fspsbqvk.exe
C:\Program Files\Virtual CD v9\System\vc9secs.exe
C:\WINDOWS\system32\wserving.exe
C:\WINDOWS\System32\rs32net.exe
C:\WINDOWS\system32\wsldoekd.exe
C:\Program Files\Virtual CD v9\System\VC9Tray.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\svchost.exe
C:\DOCUME~1\Asus\LOCALS~1\Temp\winlogen.exe
c:\d1.exe
C:\WINDOWS\System32\rs32net.exe
C:\WINDOWS\explorer.exe
C:\DOCUME~1\Asus\LOCALS~1\Temp\csrssc.exe
c:\rmxgdx.exe
C:\WINDOWS\System32\rs32net.exe
c:\d1.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\Asus\LOCALS~1\Temp\windfr.exe
C:\DOCUME~1\Asus\LOCALS~1\Temp\sft_ver1.1454.0.exe
C:\WINDOWS\system32\cmd.exe
C:\DOCUME~1\Asus\LOCALS~1\Temp\windfr.exe
C:\Program Files\Trend Micro\HijackThis\monjack.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wmid=6010&mid=MjI6Ojg5&lid=2
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {0574d50f-c261-490d-bf39-4e91183c4efb} - C:\WINDOWS\system32\byXnoNHY.dll
O2 - BHO: (no name) - {61b36a6d-2144-4a0a-8651-f9882f5d50ff} - C:\WINDOWS\system32\jkklIbbb.dll
O2 - BHO: C:\WINDOWS\system32\jsd72hf4t.dll - {c5bf49a2-94f3-42bd-f434-3604812c897d} - C:\WINDOWS\system32\jsd72hf4t.dll
O2 - BHO: QXK Olive - {f8de4182-0328-438e-b5ec-0a5f5e57fa2e} - C:\WINDOWS\vortsgbqtpr.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O3 - Toolbar: olnmraew - {6366459B-45A6-489C-9726-429617BB05C2} - C:\WINDOWS\olnmraew.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [VC9Player] C:\Program Files\Virtual CD v9\System\VC9Play.exe
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P] Star Wars Empire at War Forces of Corruption
O4 - HKLM\..\Run: [ksjf93orkekfniw73nfdd] C:\DOCUME~1\Asus\LOCALS~1\Temp\winlogen.exe
O4 - HKLM\..\Run: [lphcvj0j0ep2v] C:\WINDOWS\system32\lphcvj0j0ep2v.exe
O4 - HKLM\..\Run: [inrhcrj0j0ep2v] C:\WINDOWS\Temp\.tt2C.tmp.exe /CR=BF41E8B2D96ED8F141145E40F597DD534F50C50E2C5D45DE20F421A46F0D55DA09408D163EC769508CD3A85536A18A1D953DA3A4C015E5DA4EE06533528A7517CADF69D786EA381430DB75811B43C15625E96EA358388F
O4 - HKLM\..\Run: [7c1cd381] rundll32.exe "C:\WINDOWS\system32\oeaysyat.dll",b
O4 - HKLM\..\Run: [rs32net] C:\WINDOWS\System32\rs32net.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Red Swoosh] C:\Program Files\RSSoft\RedSwoosh.exe /S
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\PROGRA~1\ORANGE~1\ORANGE~1\ORANGE~1.EXE" /tray
O4 - HKCU\..\Run: [user16] C:\WINDOWS\system32\winhlp.exe
O4 - HKCU\..\Run: [] C:\Documents and Settings\Asus\Application Data\Adobe\Player.exe
O4 - HKCU\..\Run: [ksjf93orkekfniw73nfdd] C:\DOCUME~1\Asus\LOCALS~1\Temp\winlogen.exe
O4 - HKCU\..\Run: [Jnskdfmf9eldfd] C:\DOCUME~1\Asus\LOCALS~1\Temp\csrssc.exe
O4 - HKCU\..\Run: [\YUR1687.exe] C:\Windows\system32\YUR1687.exe
O4 - HKCU\..\Run: [\YUR168A.exe] C:\Windows\system32\YUR168A.exe
O4 - HKCU\..\Run: [\YUR168D.exe] C:\Windows\system32\YUR168D.exe
O4 - HKCU\..\Run: [\YUR168E.exe] C:\Windows\system32\YUR168E.exe
O4 - HKCU\..\Run: [hlpsrvstr] C:\WINDOWS\system32\fspsbqvk.exe
O4 - HKCU\..\Run: [WindowsAPI32] c:\rmxgdx.exe
O4 - HKLM\..\Policies\Explorer\Run: [iUJeR2IUld] C:\Documents and Settings\All Users\Application Data\ijqtyben\cnkzwdej.exe
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 11.70.1193.0 (User 'Default user')
O4 - .DEFAULT Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (User 'Default user')
O4 - Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bw+0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: xggwfe.dll
O20 - Winlogon Notify: byXnoNHY - C:\WINDOWS\SYSTEM32\byXnoNHY.dll
O20 - Winlogon Notify: jyzmii - jyzmii.dll (file missing)
O20 - Winlogon Notify: winbqe32 - C:\WINDOWS\SYSTEM32\winbqe32.dll
O20 - Winlogon Notify: xsrbgna - C:\WINDOWS\SYSTEM32\xsrbgna32.dll
O21 - SSODL: ComEn - {476EC286-BF47-D98D-6C8B-052C2888455E} - C:\Program Files\pkjjpce\ComEn.dll
O21 - SSODL: lfstbwvd - {2B52FDEA-0061-43A0-AECE-AB04DDCE86FA} - C:\WINDOWS\lfstbwvd.dll
O21 - SSODL: qmafxprs - {7471BDD3-01A4-45B1-ABB6-B1EC29D8B0F8} - C:\WINDOWS\qmafxprs.dll
O22 - SharedTaskScheduler: lksdfj98w3rmsekfnaui3rgfdgf - {C5BF49A2-94F3-42BD-F434-3604812C897D} - C:\WINDOWS\system32\jsd72hf4t.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: AFinding Service (AFinding) - Unknown owner - C:\WINDOWS\system32\afinding.exe
O23 - Service: afisicx Service (afisicx) - Unknown owner - C:\WINDOWS\system32\afisicx.exe
O23 - Service: ICF - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: mabidwe Service (mabidwe) - Unknown owner - C:\WINDOWS\system32\mabidwe.exe
O23 - Service: macidwe Service (macidwe) - Unknown owner - C:\WINDOWS\system32\macidwe.exe
O23 - Service: noytcyr Service (noytcyr) - Unknown owner - C:\WINDOWS\system32\noytcyr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: perfmons Service (perfmons) - Unknown owner - C:\WINDOWS\system32\perfs.exe
O23 - Service: perfs Service (perfs) - Unknown owner - C:\WINDOWS\system32\perfs.exe
O23 - Service: Routing Service (Routing) - Unknown owner - C:\WINDOWS\system32\routing.exe
O23 - Service: roytctm Service (roytctm) - Unknown owner - C:\WINDOWS\system32\roytctm.exe
O23 - Service: soxpeca Service (soxpeca) - Unknown owner - C:\WINDOWS\system32\soxpeca.exe
O23 - Service: tdxdowkc Service (tdxdowkc) - Unknown owner - C:\WINDOWS\system32\tdxdowkc.exe
O23 - Service: tdydowkc Service (tdydowkc) - Unknown owner - C:\WINDOWS\system32\tdydowkc.exe
O23 - Service: Virtual CD v9 Management Service (VC9SecS) - H+H Software GmbH - C:\Program Files\Virtual CD v9\System\vc9secs.exe
O23 - Service: WServing Service (WServing) - Unknown owner - C:\WINDOWS\system32\wserving.exe
O23 - Service: wsldoekd Service (wsldoekd) - Unknown owner - C:\WINDOWS\system32\wsldoekd.exe

--
End of file - 24588 bytes

PS: pour mon fond d'écran y'a un truc de récupération Active Desktop qui est apparu a la place. Et le fond disant que mon pc est infecté apparait encore au démarage avant d'être remplacé par celui ci.
0
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Bien ... il reste encore pas mal de boulot !

Dans l'ordre :

1- Télécharges : - CCleaner
https://www.pcastuces.com/logitheque/ccleaner.htm
Ce logiciel va permettre de supprimer tous les fichiers temporaires et de corrigé ton registre .Lors de l'installation, avant de cliquer sur le bouton "installer", décoche toutes les "options supplémentaires" sauf les 2 première.
Une fois le prg instalé et lancé, Clique sur "Options", "Avancé" et décoche la case "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures"( Par la suite, laisse-le avec ses réglages par défaut. C'est tout ).

Un tuto ( aide ):
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

---> Utilisation:
! déconnectes toi et fermes toutes applications en cours !
* vas dans "nettoyeur" : fait analyse puis nettoyage
* vas dans "registre" : fait chercher les erreurs et réparer ( plusieurs fois jusqu'à ce qu'il n'y est plus d'erreur ) .

( CCleaner : soft à garder sur son PC , super utile pour de bons nettoyages ... )



2-Vas dans panneau de config/ajout et suppression de prg .
Regardes dans la liste si tu trouves un prg comme : " CID Help ", "Circle Developement" ou
"Adverts" --->si ils s'y trouvent , supprimes les .


3-Télécharges Lop S&D :
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/LopSD.exe?attachauth=ANoY7co3ntqUavpZ3q1BG-h4pc13vqDZmhcNeEPChtsyrgAykRbhE8bZzhk979EfQD4AgwtQUHCaQ7ZQwNYMo3_0kA8htAspckDJtu2K5t6J9z6dLW4fpZyH4FpFL1tVMBZ8H-KnN7afZ5vt-WxZRpnynk-a0XmV_Y0C0q6DxGEDKie1TnPT7gFoZnoCnspzBmbW6ZzxA4fNr3oEDlbelNZON-LjF8nOmQ%3D%3D&attredirects=2

Déconnetes toi et fermes toutes tes applications en cours .

Double cliques sur sur l'.exe que tu viens de télécharger pour lancer l'installe .

Une fois l'installation faite, cliques sur le raccourci pour lancer l'outil .

Là,laisses toi guider:
--->choisis l'option 1 (recherche) et valides.

(Tu ne fais pas l'option de nettoyage ( 2 ou 3) ).

Une fois le scan terminer ,le Bloc-Notes contenant le rapport va s'ouvrir.
Postes ce rapport dans ta prochaine réponse pour analyse .

Tuto : https://sites.google.com/site/eric71mespages/lop.sd.exe

0
Réponse 10 / 129
Sacabouffe Messages postés 10427 Statut Membre 1 835
 
Salut
Voilà le message qui passe pas. Et pas la peine de poster le message en double, tu t'adresses à des bénévoles, si tu t'es fait vérolé, on y est pour rien, c'est pas la peine de spammer.
http://www.commentcamarche.net/forum/affich 8866363 infection

On dirait que de nombreux trucs sont encore innaccessibles (j'ai du faire un détour pour accéder à ajout/suppression de programme parce qu'il apparait pas dans le menu démarrer).

Sinon voici le rapport:

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E6850 @ 3.00GHz )
BIOS : BIOS Date: 07/03/07 10:01:10 Ver: 08.00.12
USER : Asus ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 372 Go Free : 44 Go
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total : 372 Go Free : 14 Go
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 13/10/2008|18:17 )

--------------------\\ Listing des dossiers dans APPLIC~1

[13/10/2008|02:14:] C:\DOCUME~1\ADMINI~1\APPLIC~1\ALERT! <REP> Adobe
[13/10/2008|02:14:] C:\DOCUME~1\ADMINI~1\APPLIC~1\ALERT! <REP> Macromedia
[13/10/2008|02:19:] C:\DOCUME~1\ADMINI~1\APPLIC~1\ALERT! <REP> Microsoft
[13/10/2008|02:13:] C:\DOCUME~1\ADMINI~1\APPLIC~1\ALERT! <REP> Mozilla

[19/08/2008|10:26:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> {3ADC3395-6379-4C95-9292-30A373AC55BC}
[26/03/2008|17:54:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Adobe
[26/08/2008|17:55:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Azureus
[25/08/2008|00:41:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Babylon
[15/08/2008|00:09:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> CanonBJ
[11/10/2008|21:51:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Exetender
[12/10/2008|22:54:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> ijqtyben
[19/08/2008|00:14:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Lavasoft
[28/09/2008|00:55:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Logishrd
[29/03/2008|01:13:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Logitech
[12/05/2008|16:39:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Messenger Plus!
[05/04/2008|09:34:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Microsoft
[10/09/2008|10:55:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Microsoft Help
[02/05/2008|03:55:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Player Metaboli
[14/04/2008|14:03:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> SMSI
[19/08/2008|16:35:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Stardock
[02/04/2008|02:27:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Trymedia
[18/08/2008|22:57:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Windows Genuine Advantage
[29/03/2008|00:11:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> WLInstaller

[12/10/2008|22:53:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> 5
[12/10/2008|22:53:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Adobe
[10/10/2008|05:35:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Azureus
[25/08/2008|00:41:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Babylon
[29/08/2008|21:21:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> dvdcss
[03/06/2008|04:18:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> GarageGames
[10/04/2008|02:17:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> GetRightToGo
[03/06/2008|05:11:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> GRETECH
[26/03/2008|17:20:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Identities
[30/03/2008|05:17:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> InstallShield
[11/09/2008|07:08:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Leadertech
[29/03/2008|00:07:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Macromedia
[28/03/2008|20:58:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Media Player Classic
[28/09/2008|18:08:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Microsoft
[26/08/2008|16:25:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Mozilla
[03/04/2008|05:40:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> My Games
[06/10/2008|14:42:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Petroglyph
[08/09/2008|22:02:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Real
[05/04/2008|09:36:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> SecuROM
[10/04/2008|02:20:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Shareaza
[12/10/2008|22:53:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> sp2
[19/08/2008|16:35:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Stardock
[16/05/2008|23:25:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Sun
[13/10/2008|17:40:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> TmpRecentIcons
[21/08/2008|10:46:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> vlc
[04/04/2008|12:13:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> WinRAR

[26/03/2008|17:10:] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ALERT! <REP> Microsoft

[12/08/2008|06:16:] C:\DOCUME~1\LOCALS~1\APPLIC~1\ALERT! <REP> Adobe
[09/04/2008|06:14:] C:\DOCUME~1\LOCALS~1\APPLIC~1\ALERT! <REP> Macromedia
[24/05/2008|05:09:] C:\DOCUME~1\LOCALS~1\APPLIC~1\ALERT! <REP> Microsoft
[12/08/2008|06:11:] C:\DOCUME~1\LOCALS~1\APPLIC~1\ALERT! <REP> Real

[26/03/2008|17:11:] C:\DOCUME~1\NETWOR~1\APPLIC~1\ALERT! <REP> Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[13/10/2008 17:36: VIRUS ALERT!][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 14:00: VIRUS ALERT!][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[26/03/2008|17:54:] C:\Program Files\ALERT! <REP> Adobe
[26/03/2008|17:55:] C:\Program Files\ALERT! <REP> Ahead
[12/10/2008|23:23:] C:\Program Files\ALERT! <REP> alaplaya
[03/09/2008|13:00:] C:\Program Files\ALERT! <REP> Anno 1701
[27/03/2008|22:12:] C:\Program Files\ALERT! <REP> ASUS
[28/03/2008|15:18:] C:\Program Files\ALERT! <REP> Attansic
[01/04/2008|21:27:] C:\Program Files\ALERT! <REP> BFG
[25/04/2008|06:37:] C:\Program Files\ALERT! <REP> Black Isle
[10/08/2008|20:41:] C:\Program Files\ALERT! <REP> CCleaner
[08/09/2008|14:17:] C:\Program Files\ALERT! <REP> Codemasters
[26/03/2008|17:08:] C:\Program Files\ALERT! <REP> ComPlus Applications
[29/03/2008|02:24:] C:\Program Files\ALERT! <REP> DeepSilver
[28/08/2008|22:56:] C:\Program Files\ALERT! <REP> directx
[14/04/2008|14:01:] C:\Program Files\ALERT! <REP> Eltima Software
[12/10/2008|22:43:] C:\Program Files\ALERT! <REP> eMule
[13/10/2008|14:37:] C:\Program Files\ALERT! <REP> Enigma Software Group
[11/09/2008|07:06:] C:\Program Files\ALERT! <REP> Fichiers communs
[27/08/2008|10:22:] C:\Program Files\ALERT! <REP> Firaxis Games
[10/04/2008|02:11:] C:\Program Files\ALERT! <REP> FLV Player
[12/10/2008|23:23:] C:\Program Files\ALERT! <REP> Foxmail
[10/04/2008|12:43:] C:\Program Files\ALERT! <REP> Freecorder
[10/04/2008|02:22:] C:\Program Files\ALERT! <REP> Freecorder Toolbar
[01/04/2008|21:38:] C:\Program Files\ALERT! <REP> GameSpy Arcade
[10/04/2008|02:11:] C:\Program Files\ALERT! <REP> GlobFX Technologies
[10/04/2008|02:18:] C:\Program Files\ALERT! <REP> GRETECH
[12/10/2008|22:54:] C:\Program Files\ALERT! <REP> Inet Delivery
[12/10/2008|23:24:] C:\Program Files\ALERT! <REP> InstallShield Installation Information
[26/03/2008|21:19:] C:\Program Files\ALERT! <REP> Intel
[13/08/2008|09:01:] C:\Program Files\ALERT! <REP> Internet Explorer
[15/08/2008|00:05:] C:\Program Files\ALERT! <REP> Java
[19/08/2008|10:22:] C:\Program Files\ALERT! <REP> Kalypso
[26/03/2008|17:47:] C:\Program Files\ALERT! <REP> K-Lite Codec Pack
[28/09/2008|18:05:] C:\Program Files\ALERT! <REP> Koei
[19/08/2008|00:16:] C:\Program Files\ALERT! <REP> Lavasoft
[10/10/2008|11:15:] C:\Program Files\ALERT! <REP> Lighthouse Interactive
[18/04/2008|12:11:] C:\Program Files\ALERT! <REP> Lionhead Studios Ltd
[11/09/2008|07:06:] C:\Program Files\ALERT! <REP> Logitech
[06/10/2008|00:53:] C:\Program Files\ALERT! <REP> LucasArts
[09/04/2008|17:45:] C:\Program Files\ALERT! <REP> Media Player Classic
[01/09/2008|09:36:] C:\Program Files\ALERT! <REP> Messenger
[06/09/2008|01:23:] C:\Program Files\ALERT! <REP> Messenger Plus! Live
[30/03/2008|09:00:] C:\Program Files\ALERT! <REP> Microsoft CAPICOM 2.1.0.2
[26/03/2008|17:10:] C:\Program Files\ALERT! <REP> microsoft frontpage
[29/03/2008|06:24:] C:\Program Files\ALERT! <REP> Microsoft Office
[29/03/2008|06:24:] C:\Program Files\ALERT! <REP> Microsoft Visual Studio
[29/03/2008|06:19:] C:\Program Files\ALERT! <REP> Microsoft Visual Studio 8
[29/03/2008|06:25:] C:\Program Files\ALERT! <REP> Microsoft Works
[29/03/2008|06:22:] C:\Program Files\ALERT! <REP> Microsoft.NET
[01/09/2008|09:34:] C:\Program Files\ALERT! <REP> Movie Maker
[13/10/2008|18:11:] C:\Program Files\ALERT! <REP> Mozilla Firefox
[29/03/2008|06:24:] C:\Program Files\ALERT! <REP> MSBuild
[26/03/2008|17:07:] C:\Program Files\ALERT! <REP> MSN
[26/03/2008|17:07:] C:\Program Files\ALERT! <REP> MSN Gaming Zone
[30/03/2008|09:00:] C:\Program Files\ALERT! <REP> MSXML 4.0
[29/03/2008|02:45:] C:\Program Files\ALERT! <REP> MSXML 6.0
[01/09/2008|09:33:] C:\Program Files\ALERT! <REP> NetMeeting
[26/03/2008|17:08:] C:\Program Files\ALERT! <REP> Online Services
[04/04/2008|13:06:] C:\Program Files\ALERT! <REP> OO Software
[12/08/2008|12:05:] C:\Program Files\ALERT! <REP> OpenOffice.org 2.2
[14/09/2008|00:36:] C:\Program Files\ALERT! <REP> Orange HSS
[01/09/2008|09:45:] C:\Program Files\ALERT! <REP> Outlook Express
[12/10/2008|22:54:] C:\Program Files\ALERT! <REP> pkjjpce
[11/10/2008|21:52:] C:\Program Files\ALERT! <REP> Player Metaboli
[29/03/2008|03:10:] C:\Program Files\ALERT! <REP> PlayOnline
[13/10/2008|14:36:] C:\Program Files\ALERT! <REP> Rapid Antivirus
[09/04/2008|17:45:] C:\Program Files\ALERT! <REP> Real Alternative
[21/04/2008|15:29:] C:\Program Files\ALERT! <REP> RealArcade
[26/03/2008|21:16:] C:\Program Files\ALERT! <REP> Realtek
[03/10/2008|10:12:] C:\Program Files\ALERT! <REP> Reaxxion
[26/03/2008|17:59:] C:\Program Files\ALERT! <REP> Reference Assemblies
[28/09/2008|15:27:] C:\Program Files\ALERT! <REP> ReflexiveArcade
[10/04/2008|02:20:] C:\Program Files\ALERT! <REP> Replay Media Catcher
[26/03/2008|17:09:] C:\Program Files\ALERT! <REP> Services en ligne
[10/04/2008|02:20:] C:\Program Files\ALERT! <REP> Shareaza
[31/03/2008|12:45:] C:\Program Files\ALERT! <REP> Sierra
[14/04/2008|14:03:] C:\Program Files\ALERT! <REP> Smith Micro
[08/09/2008|07:47:] C:\Program Files\ALERT! <REP> Stardock
[05/04/2008|05:22:] C:\Program Files\ALERT! <REP> THQ
[13/10/2008|15:49:] C:\Program Files\ALERT! <REP> Trend Micro
[26/03/2008|17:20:] C:\Program Files\ALERT! <REP> Uninstall Information
[21/08/2008|10:47:] C:\Program Files\ALERT! <REP> VideoLAN
[30/03/2008|05:18:] C:\Program Files\ALERT! <REP> Virtual CD v9
[28/09/2008|15:35:] C:\Program Files\ALERT! <REP> Virtual Villagers The Secret City
[29/08/2008|10:42:] C:\Program Files\ALERT! <REP> VUGames
[26/08/2008|17:55:] C:\Program Files\ALERT! <REP> Vuze
[10/08/2008|20:42:] C:\Program Files\ALERT! <REP> Wanadoo
[01/04/2008|21:35:] C:\Program Files\ALERT! <REP> Wanadoo Edition
[23/04/2008|20:51:] C:\Program Files\ALERT! <REP> Windows Doctor
[29/03/2008|00:23:] C:\Program Files\ALERT! <REP> Windows Live
[04/09/2008|01:52:] C:\Program Files\ALERT! <REP> Windows Live Safety Center
[18/08/2008|17:36:] C:\Program Files\ALERT! <REP> Windows Media Connect 2
[01/09/2008|09:33:] C:\Program Files\ALERT! <REP> Windows Media Player
[01/09/2008|09:33:] C:\Program Files\ALERT! <REP> Windows NT
[26/03/2008|17:09:] C:\Program Files\ALERT! <REP> WindowsUpdate
[04/04/2008|12:48:] C:\Program Files\ALERT! <REP> WinRAR
[26/03/2008|17:10:] C:\Program Files\ALERT! <REP> xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[26/03/2008|17:54:] C:\Program Files\Fichiers communs\ALERT! <REP> Adobe
[26/03/2008|17:55:] C:\Program Files\Fichiers communs\ALERT! <REP> Ahead
[29/03/2008|06:24:] C:\Program Files\Fichiers communs\ALERT! <REP> DESIGNER
[28/08/2008|22:54:] C:\Program Files\Fichiers communs\ALERT! <REP> InstallShield
[16/05/2008|23:21:] C:\Program Files\Fichiers communs\ALERT! <REP> Java
[01/10/2008|08:11:] C:\Program Files\Fichiers communs\ALERT! <REP> LogiShrd
[11/09/2008|07:07:] C:\Program Files\Fichiers communs\ALERT! <REP> Logitech
[11/08/2008|09:08:] C:\Program Files\Fichiers communs\ALERT! <REP> Microsoft Shared
[26/03/2008|17:08:] C:\Program Files\Fichiers communs\ALERT! <REP> MSSoap
[26/03/2008|13:01:] C:\Program Files\Fichiers communs\ALERT! <REP> ODBC
[29/03/2008|03:10:] C:\Program Files\Fichiers communs\ALERT! <REP> PlayOnline
[26/03/2008|17:08:] C:\Program Files\Fichiers communs\ALERT! <REP> Services
[26/03/2008|13:01:] C:\Program Files\Fichiers communs\ALERT! <REP> SpeechEngines
[08/09/2008|07:47:] C:\Program Files\Fichiers communs\ALERT! <REP> Stardock
[01/09/2008|09:32:] C:\Program Files\Fichiers communs\ALERT! <REP> System
[29/03/2008|00:15:] C:\Program Files\Fichiers communs\ALERT! <REP> WindowsLiveInstaller
[19/08/2008|00:15:] C:\Program Files\Fichiers communs\ALERT! <REP> Wise Installation Wizard

--------------------\\ Process

( 67 Processes )

IEXPLORE.EXE ~ [PID:4380]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-13 18:22:29
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\WINDOWS\System32\svchost.exe:ext.exe 25088 bytes executable
scan completed successfully
hidden processes: 0
hidden files: 2

--------------------\\ Recherche d'autres infections

C:\WINDOWS\system32\bbbIlkkj.ini
C:\WINDOWS\system32\bbbIlkkj.ini2
[b]==> VUNDO <==/b

--------------------\\ Cracks & Keygens ..

C:\DOCUME~1\Asus\Bureau\Archives Programmes\OO Defrag 10 Professional Edition FR 10.0.1670 + Keygen
C:\DOCUME~1\Asus\Bureau\Archives Programmes\OO Defrag 10 Professional Edition FR 10.0.1670 + Keygen\OO Defrag 10 Keygen.exe
C:\DOCUME~1\Asus\Bureau\Archives Programmes\OO Defrag 10 Professional Edition FR 10.0.1670 + Keygen\OO Defrag 10 Professional Edition 10.0.1670.daa
C:\DOCUME~1\Asus\Bureau\Archives Programmes\OO Defrag 10 Professional Edition FR 10.0.1670 + Keygen\OODefrag10ProfessionalFra.exe
C:\DOCUME~1\Asus\Bureau\Archives Programmes\Virtual.CD.v9.2-YAG\Virtual.CD.v9.2-YAG\Crack
C:\DOCUME~1\Asus\Bureau\Archives Programmes\Virtual.CD.v9.2-YAG\Virtual.CD.v9.2-YAG\Crack\serial.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack
C:\DOCUME~1\Asus\Bureau\Jeux\Galactic Civilizations 2 - Dread Lords v.1.4 Crack by Creepin
C:\DOCUME~1\Asus\Bureau\Jeux\Galactic Civilizations 2 - Dread Lords v.1.4 Crack by Creepin.rar
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates! Crack & CD-key & Manual.zip
C:\DOCUME~1\Asus\Bureau\Jeux\Sins of a Solar Empire KEYGEN
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]
C:\DOCUME~1\Asus\Bureau\Jeux\Startopia Crack Nocd Fr.rar
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Bigfish Games - Fairy Godmother Tycoon + Crack {DanManInSane}
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Bigfish Games - Fairy Godmother Tycoon + Crack {DanManInSane}.rar
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Torrent downloaded from Demonoid.com.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Bigfish Games - Fairy Godmother Tycoon + Crack {DanManInSane}\CRACK FOLDER
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Bigfish Games - Fairy Godmother Tycoon + Crack {DanManInSane}\Fairy Godmother Tycoon Installer.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Bigfish Games - Fairy Godmother Tycoon + Crack {DanManInSane}\CRACK FOLDER\fgt_nt.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Bigfish Games - Fairy Godmother Tycoon + Crack {DanManInSane}\CRACK FOLDER\How To Use The Crack.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\a.dat
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\bass.dll
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\database.pak
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\dbghelp.dll
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fgt.bin
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fgt.ico
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fgt_nt.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\Flash.ocx
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fmod.dll
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\images
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\Options.xml
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\pogo.ico
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\readme.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\sc0.dat
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\Uninstall.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\biz_music_01.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\biz_music_02.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\biz_music_03.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\biz_music_04.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\biz_music_05.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\biz_music_06.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\biz_music_07.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\biz_music_08.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\bubble_appear2.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\buttonClick.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\buttonTick.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\day_music_01.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\day_music_02.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\day_music_03.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\day_music_04.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\day_music_05.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\day_music_06.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\day_music_07.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\day_music_08.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\endDayBad_01.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\endDayBad_02.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\endDayGood_01.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\endDayGood_02.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\eventBad_01.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\eventGood_01.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\flourish_intro.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\goon_troll_lift.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\goon_troll_shake.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\menu_music_01.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\menu_music_02.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\menu_music_03.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\page_turn.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\sfx_crierBell.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\sfx_crierYell1.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\sfx_crierYell2.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\sfx_gorilla1.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\sfx_gorilla2.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\sfx_gremlins1.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\sfx_gremlins2.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\sfx_prince1.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\sfx_prince2.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\sfx_prince3.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\sfx_siren.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\sfx_witch.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\spell_ad_blast.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\spell_conversus.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\spell_elephant.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\spell_freeze_goon.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\spell_ink.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\subTabClick.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\successful_sale3.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\tabClick.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\upgrade_purchase.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\winGame.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio\winLevel.ogg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\biz_music_01.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\biz_music_02.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\biz_music_03.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\biz_music_04.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\biz_music_05.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\biz_music_06.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\biz_music_07.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\biz_music_08.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\day_music_01.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\day_music_02.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\day_music_03.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\day_music_04.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\day_music_05.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\day_music_06.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\day_music_07.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\day_music_08.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\endDayBad_01.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\endDayBad_02.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\endDayGood_01.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\endDayGood_02.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\eventBad_01.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\eventGood_01.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\flourish_intro.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\menu_music_01.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\menu_music_02.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\menu_music_03.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\winGame.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio\winLevel.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\015MissionBriefings.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\01MainMenu.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\02BuyingPhase.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\03Finances.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\04Customers.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\05Competition.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\06Graphs.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\07NewsandWeather.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\08Purchasing.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\09RecipeBook.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\10Pricing.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\115Freelancers.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\11Warehouse.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\12LoanShark.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\13Mole.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\14Research.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\15SampleKey.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\16SellingPhase.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\17WaitingTooLong.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\18GoonThoughts.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\19Conversation.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\20TokenBag.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\21ForkedFable.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\fg-tycoon-logo.jpg
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data\help.html
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\Albertus12Blue.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\AlbertusMTStd16.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\AlbertusMTStd18_brown.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\AlbertusMTStd18_green.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\Arial10Bold.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\BookmanOldStyle10.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\BookmanOldStyle11.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\BookmanOldStyle12.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\BookmanOldStyle13.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\BookmanOldStyle9.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\ChaparralDisplay14.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\ChaparralDisplay14Bold.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\ContinuumBold12.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\fgtdata11.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\fgtdata12.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\fgtdata14.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\fgtdata7.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\InventoryNumerals.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\Name18.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\Name22.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts\villageNames.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\images\EA-Pogo.swf
C:\DOCUME~1\Asus\Bureau\Jeux\Galactic Civilizations 2 - Dread Lords v.1.4 Crack by Creepin\GalCiv2.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Galactic Civilizations 2 - Dread Lords v.1.4 Crack by Creepin\Readme.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack
C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack\HGMA.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack\Nouveau dossier
C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack\Nouveau dossier\HGMA.EXE
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Crack & CD-key & Manual
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Disque 1 sur 2.iso
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Disque 2 sur 2.iso
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier'S Pirates! Nocd Crack
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid_Meiers_Pirates_Version_1.0.2.0_Update
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\ReadMe.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\Firaxis0.FPK
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_bartroberts.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_blackbeard.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_dutch001.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_dutwilliam.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_english001.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_engliz.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_evil_spaniard01.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_evil_spaniard02.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_evil_spaniard03.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_firaxis.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_frejoan.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_french001.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_henrymorgan.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_hippie1.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_hippie2.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_hippie3.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_hippie4.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_hippie5.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_hippie6.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_ind.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_ind3.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_jackrackham.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_jeanlafitte.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_l'ollonnais.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_mis.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_rocbrasiliano.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_spaisabelle.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_spanish001.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_stedebonnet.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_surrender.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_ubervillain.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\flag_williamkidd.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\Galleons.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\LeavePort-000.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\LeavePort-001.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\LeavePort-002.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\LeavePort-003.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\ship_sail_emblem_lrg_firaxis.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\ship_sail_emblem_lrg_hippieblackbeard.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\ship_sail_emblem_lrg_hippielolonnais.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\ship_sail_emblem_lrg_hippiemorgan.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\ship_sail_emblem_lrg_hippieuber.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\ship_sail_emblem_lrg_isabelle.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\ship_sail_emblem_lrg_joan.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\ship_sail_emblem_lrg_liz.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\ship_sail_emblem_lrg_william.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\ship_sail_emblem_lrg__hippielafitte.dds
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\TownGovMansion-004.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\TownMain-004.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\TownMerchant-004.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\TownShipwright-004.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom\TownTavern-004.wav
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Crack & CD-key & Manual\Lisez-moi.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Crack & CD-key & Manual\Nouveau dossier
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Crack & CD-key & Manual\Pirates!.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Crack & CD-key & Manual\Sid Meier's Pirates CD Key.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Crack & CD-key & Manual\Sid.Meier's.Pirates.Manual.UK.Complete.pdf
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Crack & CD-key & Manual\Nouveau dossier\Pirates!.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier'S Pirates! Nocd Crack\Nouveau dossier
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier'S Pirates! Nocd Crack\Pirates!.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier'S Pirates! Nocd Crack\Pirates!.nfo
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier'S Pirates! Nocd Crack\Nouveau dossier\Pirates!.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid_Meiers_Pirates_Version_1.0.2.0_Update\Sid_Meiers_Pirates_Version_1.0.2.0_Update.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Sins of a Solar Empire KEYGEN\readme.nfo
C:\DOCUME~1\Asus\Bureau\Jeux\Sins of a Solar Empire KEYGEN\Sins of a Solar Empire PC Keygen.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\GameData
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\LaunchEAW.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Serial.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\GameData\PerceptionFunctionG.dll
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\GameData\sweaw.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier\LaunchEAW.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier\PerceptionFunctionG.dll
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier\sweaw.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_1.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_2.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_3.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_4.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_5.exe
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\2_Starcraft-BroodWar Cd-Key.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\STARCRAFT - EXPANSION SET - BroodWar [Fr].ISO
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\STARCRAFT [Fr].ISO
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\starcraft_CDKey.txt
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\[Crack] Starcraft Broodwar 1.10 (NoCD, BattleNet, with official update).zip
C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working
C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\EvilGeniusExeStub-Release.exe
C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\mo-evil.nfo
C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\Nouveau dossier
C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\Nouveau dossier\EvilGeniusExeStub-Release.exe
C:\DOCUME~1\Asus\Bureau\Nono\Collection images gays\Yaoi\Crimson Spell - Ayano Yamane [nakama]\extra\insert-nakama_on_crack.jpg
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack\Romance of Three Kingdoms XI Crack
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack\Romance of Three Kingdoms XI Crack\Instructions.txt
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack\Romance of Three Kingdoms XI Crack\RTKXI.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\Crack
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\VirtualVillagersTheSecretCitySetup.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\Crack\How To.txt
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\Crack\Virtual Villagers - The Secret City.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack
C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack\Nouveau dossier
C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack\RTKXI.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack\Nouveau dossier\RTKXI.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\bornbloodpromo-ch 1.40
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\key 2.txt
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-rs 1.0
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\bornbloodpromo-ch 1.40\Born Of Blood Promo.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\bornbloodpromo-ch 1.40\Born Of Blood Trainer.txt
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install\GamersHell.url
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install\GH3D.txt
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install\sotsbob-1.3.6-1.4.0-en-patch-install.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install\GamersHell.url
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install\GH3D.txt
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install\sotsbob-1.4.1-en-patch-install.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-rs 1.0\sotsbob-rs.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-rs 1.0\sotsbob-rs.nfo
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\key.txt
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\Leeme.txt
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SecuROM_Loader_v7.26
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\sots-1.0.12-1.2.2-cddvd-patch-install.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\sots-1.1.0-1.2.2-cddvd-patch-install.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\sots-1.1.1-1.2.1-cddvd-patch.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.2.2.ENG.VITALITY.NOCD
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SecuROM_Loader_v7.26\pro-redoload.nfo
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SecuROM_Loader_v7.26\procyon.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD\Crack
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD\reloaded.nfo
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD\Crack\Sword of the Stars.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.2.2.ENG.VITALITY.NOCD\Sword of the Stars.exe
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.2.2.ENG.VITALITY.NOCD\vitality.nfo
C:\DOCUME~1\Asus\Bureau\Telechargements\Universe.At.War.Earth.Assault-RELOADED\Crack
C:\DOCUME~1\Asus\Bureau\Telechargements\Universe.At.War.Earth.Assault-RELOADED\Crack\LaunchUAW.exe

[F:17][D:1]-> C:\DOCUME~1\Asus\LOCALS~1\Temp
[F:8][D:0]-> C:\DOCUME~1\Asus\Cookies
[F:69][D:4]-> C:\DOCUME~1\Asus\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 13/10/2008|18:26 - Option : [1]

--------------------\\ Fin du rapport a 18:26:34

Bonne continuation ;-)
0
Réponse 11 / 129
fado97 Messages postés 111 Statut Membre
 
ah désolé ça s'affichait pas chez moi je pensais que ça marchait plus.
0
Réponse 12 / 129
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
bon ... faut pas s'étonner ! TOUS ces cracks présents dans ce dernier rapport son INFECTES !!!

Il faut les supprimer de suite :

1- Télécharges OTMoveIt3 (de Old_Timer) sur ton Bureau.

http://oldtimer.geekstogo.com/OTMoveIt3.exe

! Déconnectes toi et fermes toute tes applications en cours !

Double cliques sur "OTMoveIt3.exe" pour ouvrir le prg .
Puis copies ce qui se trouve en citation ci-dessous, 

:Processes
explorer.exe

:Services

:Reg

:Files
C:\DOCUME~1\Asus\Bureau\Archives Programmes\OO Defrag 10 Professional Edition FR 10.0.1670 + Keygen 
C:\DOCUME~1\Asus\Bureau\Archives Programmes\OO Defrag 10 Professional Edition FR 10.0.1670 + Keygen\OO Defrag 10 Keygen.exe 
C:\DOCUME~1\Asus\Bureau\Archives Programmes\OO Defrag 10 Professional Edition FR 10.0.1670 + Keygen\OO Defrag 10 Professional Edition 10.0.1670.daa 
C:\DOCUME~1\Asus\Bureau\Archives Programmes\OO Defrag 10 Professional Edition FR 10.0.1670 + Keygen\OODefrag10ProfessionalFra.exe 
C:\DOCUME~1\Asus\Bureau\Archives Programmes\Virtual.CD.v9.2-YAG\Virtual.CD.v9.2-YAG\Crack 
C:\DOCUME~1\Asus\Bureau\Archives Programmes\Virtual.CD.v9.2-YAG\Virtual.CD.v9.2-YAG\Crack\serial.txt 
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack 
C:\DOCUME~1\Asus\Bureau\Jeux\Galactic Civilizations 2 - Dread Lords v.1.4 Crack by Creepin 
C:\DOCUME~1\Asus\Bureau\Jeux\Galactic Civilizations 2 - Dread Lords v.1.4 Crack by Creepin.rar 
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack 
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates! Crack & CD-key & Manual.zip 
C:\DOCUME~1\Asus\Bureau\Jeux\Sins of a Solar Empire KEYGEN 
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr] 
C:\DOCUME~1\Asus\Bureau\Jeux\Startopia Crack Nocd Fr.rar 
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Bigfish Games - Fairy Godmother Tycoon + Crack {DanManInSane} 
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Bigfish Games - Fairy Godmother Tycoon + Crack {DanManInSane}.rar 
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack
C:\DOCUME~1\Asus\Bureau\Jeux\Galactic Civilizations 2 - Dread Lords v.1.4 Crack by Creepin\GalCiv2.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\Galactic Civilizations 2 - Dread Lords v.1.4 Crack by Creepin\Readme.txt 
C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack 
C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack\HGMA.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack\Nouveau dossier 
C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack\Nouveau dossier\HGMA.EXE 
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack 
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Crack & CD-key & Manual 
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Disque 1 sur 2.iso 
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Disque 2 sur 2.iso 
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier'S Pirates! Nocd Crack 
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid_Meiers_Pirates_Version_1.0.2.0_Update 
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom 
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\ReadMe.txt 
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack
C:\DOCUME~1\Asus\Bureau\Jeux\Sins of a Solar Empire KEYGEN\readme.nfo 
C:\DOCUME~1\Asus\Bureau\Jeux\Sins of a Solar Empire KEYGEN\Sins of a Solar Empire PC Keygen.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\GameData 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\LaunchEAW.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Serial.txt 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\GameData\PerceptionFunctionG.dll 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\GameData\sweaw.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier\LaunchEAW.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier\PerceptionFunctionG.dll 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier\sweaw.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_1.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_2.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_3.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_4.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_5.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\2_Starcraft-BroodWar Cd-Key.txt 
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\STARCRAFT - EXPANSION SET - BroodWar [Fr].ISO 
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\STARCRAFT [Fr].ISO 
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\starcraft_CDKey.txt 
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\[Crack] Starcraft Broodwar 1.10 (NoCD, BattleNet, with official update).zip 
C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working 
C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\EvilGeniusExeStub-Release.exe 
C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\mo-evil.nfo 
C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\Nouveau dossier 
C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\Nouveau dossier\EvilGeniusExeStub-Release.exe 
C:\DOCUME~1\Asus\Bureau\Nono\Collection images gays\Yaoi\Crimson Spell - Ayano Yamane [nakama]\extra\insert-nakama_on_crack.jpg 
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack 
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack 
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack\Romance of Three Kingdoms XI Crack 
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack\Romance of Three Kingdoms XI Crack\Instructions.txt 
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack\Romance of Three Kingdoms XI Crack\RTKXI.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\Crack 
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\VirtualVillagersTheSecretCitySetup.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\Crack\How To.txt 
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\Crack\Virtual Villagers - The Secret City.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack 
C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack\Nouveau dossier 
C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack\RTKXI.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack\Nouveau dossier\RTKXI.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\bornbloodpromo-ch 1.40 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\key 2.txt 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-rs 1.0 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\bornbloodpromo-ch 1.40\Born Of Blood Promo.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\bornbloodpromo-ch 1.40\Born Of Blood Trainer.txt 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install\GamersHell.url 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install\GH3D.txt 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install\sotsbob-1.3.6-1.4.0-en-patch-install.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install\GamersHell.url 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install\GH3D.txt 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install\sotsbob-1.4.1-en-patch-install.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-rs 1.0\sotsbob-rs.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-rs 1.0\sotsbob-rs.nfo 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\key.txt 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\Leeme.txt 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SecuROM_Loader_v7.26 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\sots-1.0.12-1.2.2-cddvd-patch-install.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\sots-1.1.0-1.2.2-cddvd-patch-install.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\sots-1.1.1-1.2.1-cddvd-patch.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.2.2.ENG.VITALITY.NOCD 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SecuROM_Loader_v7.26\pro-redoload.nfo 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SecuROM_Loader_v7.26\procyon.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD\Crack 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD\reloaded.nfo 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD\Crack\Sword of the Stars.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.2.2.ENG.VITALITY.NOCD\Sword of the Stars.exe 
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.2.2.ENG.VITALITY.NOCD\vitality.nfo 
C:\DOCUME~1\Asus\Bureau\Telechargements\Universe.At.War.Earth.Assault-RELOADED\Crack 
C:\DOCUME~1\Asus\Bureau\Telechargements\Universe.At.War.Earth.Assault-RELOADED\Crack\LaunchUAW.exe 

:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]


et colles le dans le cadre de gauche de OTMoveIt2 :
Paste Instructions for items to be moved.
(ne touche à rien d'autre !)

-> cliques sur MoveIt! pour lancer la suppression.
-> laisses travailler l'outil ...

( Note : ton bureau va disparaitre puis réapparaitre, c'est normal .)

-> une fois finis , un petite fenêtre s'ouvre : cliques sur " Yes " .

Ton PC va redémarrer de lui même ...

-->Postes le contenu du rapport qui se trouve dans le dossier "C:\_OTMoveIt\MovedFiles"
( " xxxx2008_xxxxxx.log " )

2- refais un coup de CCleaner ( registre compris ) .

3- relances Lop S&D et refais l'option 1 : postes moi le nouveau rapport obtenu et attends la suite ...

0
Réponse 13 / 129
fado97 Messages postés 111 Statut Membre
 
Voici le rapport de OTMovit2:

========== PROCESSES ==========
Process explorer.exe killed successfully.
========== SERVICES/DRIVERS ==========
========== REGISTRY ==========
========== FILES ==========
C:\DOCUME~1\Asus\Bureau\Archives Programmes\OO Defrag 10 Professional Edition FR 10.0.1670 + Keygen moved successfully.
File/Folder C:\DOCUME~1\Asus\Bureau\Archives Programmes\OO Defrag 10 Professional Edition FR 10.0.1670 + Keygen\OO Defrag 10 Keygen.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Archives Programmes\OO Defrag 10 Professional Edition FR 10.0.1670 + Keygen\OO Defrag 10 Professional Edition 10.0.1670.daa not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Archives Programmes\OO Defrag 10 Professional Edition FR 10.0.1670 + Keygen\OODefrag10ProfessionalFra.exe not found.
C:\DOCUME~1\Asus\Bureau\Archives Programmes\Virtual.CD.v9.2-YAG\Virtual.CD.v9.2-YAG\Crack moved successfully.
File/Folder C:\DOCUME~1\Asus\Bureau\Archives Programmes\Virtual.CD.v9.2-YAG\Virtual.CD.v9.2-YAG\Crack\serial.txt not found.
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\images moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\fonts moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\data moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached\audio moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\cached moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon\audio moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Fairy Godmother Tycoon moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Bigfish Games - Fairy Godmother Tycoon + Crack {DanManInSane}\CRACK FOLDER moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Bigfish Games - Fairy Godmother Tycoon + Crack {DanManInSane} moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Galactic Civilizations 2 - Dread Lords v.1.4 Crack by Creepin moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Galactic Civilizations 2 - Dread Lords v.1.4 Crack by Creepin.rar moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid_Meiers_Pirates_Version_1.0.2.0_Update moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier'S Pirates! Nocd Crack\Nouveau dossier moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier'S Pirates! Nocd Crack moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Crack & CD-key & Manual\Nouveau dossier moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Crack & CD-key & Manual moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates! Crack & CD-key & Manual.zip moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Sins of a Solar Empire KEYGEN moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr] moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Startopia Crack Nocd Fr.rar moved successfully.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Bigfish Games - Fairy Godmother Tycoon + Crack {DanManInSane} not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack\Bigfish Games - Fairy Godmother Tycoon + Crack {DanManInSane}.rar not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Bigfish Games - Fairy Godmot...on__Crack not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Galactic Civilizations 2 - Dread Lords v.1.4 Crack by Creepin\GalCiv2.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Galactic Civilizations 2 - Dread Lords v.1.4 Crack by Creepin\Readme.txt not found.
C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack\Nouveau dossier moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack moved successfully.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack\HGMA.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack\Nouveau dossier not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Haegemonia The Solon Heritage\Crack\Nouveau dossier\HGMA.EXE not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Crack & CD-key & Manual not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Disque 1 sur 2.iso not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier's Pirates! Disque 2 sur 2.iso not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid Meier'S Pirates! Nocd Crack not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\Sid_Meiers_Pirates_Version_1.0.2.0_Update not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\Custom not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack\PiratesThemePack\ReadMe.txt not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Sid Meier's Pirates 2cd Pc Fr+Crack not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Sins of a Solar Empire KEYGEN\readme.nfo not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Sins of a Solar Empire KEYGEN\Sins of a Solar Empire PC Keygen.exe not found.
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\GameData moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack moved successfully.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\GameData not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\LaunchEAW.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Serial.txt not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\GameData\PerceptionFunctionG.dll not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\GameData\sweaw.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier\LaunchEAW.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier\PerceptionFunctionG.dll not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Nouveau dossier\sweaw.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_1.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_2.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_3.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_4.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Star Wars empire at war\Star Wars - Empire At War\Crack\Updates\eawupdate1_5.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\2_Starcraft-BroodWar Cd-Key.txt not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\STARCRAFT - EXPANSION SET - BroodWar [Fr].ISO not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\STARCRAFT [Fr].ISO not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\starcraft_CDKey.txt not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\Starcraft + Broodwar expansion (ISO)+ Patch + CrackNoCd +Serial + Crack Battlenet [Fr]\[Crack] Starcraft Broodwar 1.10 (NoCD, BattleNet, with official update).zip not found.
C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\Nouveau dossier moved successfully.
C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working moved successfully.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\EvilGeniusExeStub-Release.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\mo-evil.nfo not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\Nouveau dossier not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Jeux\[PC - GAME] Evil Genius\Evil Genius nocd crack - working\Nouveau dossier\EvilGeniusExeStub-Release.exe not found.
C:\DOCUME~1\Asus\Bureau\Nono\Collection images gays\Yaoi\Crimson Spell - Ayano Yamane [nakama]\extra\insert-nakama_on_crack.jpg moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack\Romance of Three Kingdoms XI Crack moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\Crack moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack moved successfully.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack\Romance of Three Kingdoms XI Crack not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack\Romance of Three Kingdoms XI Crack\Instructions.txt not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Romance of Three Kingdoms XI Crack\Romance of Three Kingdoms XI Crack\RTKXI.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\Crack not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\VirtualVillagersTheSecretCitySetup.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\Crack\How To.txt not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\allpeers\Torrents\Virtual villagers 3 + Crack\Crack\Virtual Villagers - The Secret City.exe not found.
C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack\Nouveau dossier moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack moved successfully.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack\Nouveau dossier not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack\RTKXI.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Romance.Of.The.Three.Kingdoms.XI-RELOADED\Crack\Nouveau dossier\RTKXI.exe not found.
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-rs 1.0 moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\bornbloodpromo-ch 1.40 moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates moved successfully.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\bornbloodpromo-ch 1.40 not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\key 2.txt not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-rs 1.0 not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\bornbloodpromo-ch 1.40\Born Of Blood Promo.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\bornbloodpromo-ch 1.40\Born Of Blood Trainer.txt not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install\GamersHell.url not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install\GH3D.txt not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.3.6-1.4.0-en-patch-install\sotsbob-1.3.6-1.4.0-en-patch-install.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install\GamersHell.url not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install\GH3D.txt not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-1.4.1-en-patch-install\sotsbob-1.4.1-en-patch-install.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-rs 1.0\sotsbob-rs.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\BOB\born of blood crack + updates\sotsbob-rs 1.0\sotsbob-rs.nfo not found.
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.2.2.ENG.VITALITY.NOCD moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD\Crack moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SecuROM_Loader_v7.26 moved successfully.
C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates moved successfully.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\key.txt not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\Leeme.txt not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SecuROM_Loader_v7.26 not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\sots-1.0.12-1.2.2-cddvd-patch-install.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\sots-1.1.0-1.2.2-cddvd-patch-install.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\sots-1.1.1-1.2.1-cddvd-patch.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.2.2.ENG.VITALITY.NOCD not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SecuROM_Loader_v7.26\pro-redoload.nfo not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SecuROM_Loader_v7.26\procyon.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD\Crack not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD\reloaded.nfo not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.0.ENG.RELOADED.NOCD\Crack\Sword of the Stars.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.2.2.ENG.VITALITY.NOCD\Sword of the Stars.exe not found.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Sword Of The Stars + Born Of Blood\SOTS\crack + updates\SWORD.OF.THE.STARS.V1.2.2.ENG.VITALITY.NOCD\vitality.nfo not found.
C:\DOCUME~1\Asus\Bureau\Telechargements\Universe.At.War.Earth.Assault-RELOADED\Crack moved successfully.
File/Folder C:\DOCUME~1\Asus\Bureau\Telechargements\Universe.At.War.Earth.Assault-RELOADED\Crack\LaunchUAW.exe not found.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Asus\LOCALS~1\Temp\.tt9.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Asus\LOCALS~1\Temp\csrssc.exe scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Asus\LOCALS~1\Temp\etilqs_VWfHIlftwPBtab21cTgw scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Asus\LOCALS~1\Temp\IadHide5.dll scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Asus\LOCALS~1\Temp\myconfig.php scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Asus\LOCALS~1\Temp\sft_ver1.1454.0.exe scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Asus\LOCALS~1\Temp\winlogen.exe scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Asus\LOCALS~1\Temp\~DF1D84.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\logishrd\LVPrcInj01.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\History\History.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Fichiers Internet temporaires\Content.IE5\index.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Cookies\index.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta110851.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta118278.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta118287.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta43344.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta43662.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta53979.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta57705.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta58218.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta58832.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta64450.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta68372.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta79122.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta83260.dll scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\mta86046.dll scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
File delete failed. C:\Documents and Settings\Asus\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9hvq2du.default\Cache\_CACHE_001_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Asus\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9hvq2du.default\Cache\_CACHE_002_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Asus\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9hvq2du.default\Cache\_CACHE_003_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Asus\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9hvq2du.default\Cache\_CACHE_MAP_ scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Asus\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9hvq2du.default\urlclassifier3.sqlite scheduled to be deleted on reboot.
File delete failed. C:\Documents and Settings\Asus\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9hvq2du.default\XUL.mfl scheduled to be deleted on reboot.
FireFox cache emptied.
Temp folders emptied.
Explorer started successfully

OTMoveIt3 by OldTimer - Version 1.0.5.0 log created on 10132008_193123

Files moved on Reboot...
C:\DOCUME~1\Asus\LOCALS~1\Temp\.tt9.tmp moved successfully.
C:\DOCUME~1\Asus\LOCALS~1\Temp\csrssc.exe moved successfully.
File C:\DOCUME~1\Asus\LOCALS~1\Temp\etilqs_VWfHIlftwPBtab21cTgw not found!
DllUnregisterServer procedure not found in C:\DOCUME~1\Asus\LOCALS~1\Temp\IadHide5.dll
C:\DOCUME~1\Asus\LOCALS~1\Temp\IadHide5.dll NOT unregistered.
C:\DOCUME~1\Asus\LOCALS~1\Temp\IadHide5.dll moved successfully.
C:\DOCUME~1\Asus\LOCALS~1\Temp\myconfig.php moved successfully.
C:\DOCUME~1\Asus\LOCALS~1\Temp\sft_ver1.1454.0.exe moved successfully.
C:\DOCUME~1\Asus\LOCALS~1\Temp\winlogen.exe moved successfully.
C:\DOCUME~1\Asus\LOCALS~1\Temp\~DF1D84.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
DllUnregisterServer procedure not found in C:\WINDOWS\temp\logishrd\LVPrcInj01.dll
C:\WINDOWS\temp\logishrd\LVPrcInj01.dll NOT unregistered.
File move failed. C:\WINDOWS\temp\logishrd\LVPrcInj01.dll scheduled to be moved on reboot.
C:\WINDOWS\temp\History\History.IE5\index.dat moved successfully.
C:\WINDOWS\temp\Fichiers Internet temporaires\Content.IE5\index.dat moved successfully.
C:\WINDOWS\temp\Cookies\index.dat moved successfully.
C:\WINDOWS\temp\mta110851.dll unregistered successfully.
C:\WINDOWS\temp\mta110851.dll moved successfully.
C:\WINDOWS\temp\mta118278.dll unregistered successfully.
C:\WINDOWS\temp\mta118278.dll moved successfully.
C:\WINDOWS\temp\mta118287.dll unregistered successfully.
C:\WINDOWS\temp\mta118287.dll moved successfully.
C:\WINDOWS\temp\mta43344.dll unregistered successfully.
C:\WINDOWS\temp\mta43344.dll moved successfully.
File C:\WINDOWS\temp\mta43662.dll not found!
File C:\WINDOWS\temp\mta53979.dll not found!
File C:\WINDOWS\temp\mta57705.dll not found!
File C:\WINDOWS\temp\mta58218.dll not found!
File C:\WINDOWS\temp\mta58832.dll not found!
C:\WINDOWS\temp\mta64450.dll unregistered successfully.
C:\WINDOWS\temp\mta64450.dll moved successfully.
File C:\WINDOWS\temp\mta68372.dll not found!
File C:\WINDOWS\temp\mta79122.dll not found!
File C:\WINDOWS\temp\mta83260.dll not found!
C:\WINDOWS\temp\mta86046.dll unregistered successfully.
C:\WINDOWS\temp\mta86046.dll moved successfully.
C:\Documents and Settings\Asus\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9hvq2du.default\Cache\_CACHE_001_ moved successfully.
C:\Documents and Settings\Asus\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9hvq2du.default\Cache\_CACHE_002_ moved successfully.
C:\Documents and Settings\Asus\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9hvq2du.default\Cache\_CACHE_003_ moved successfully.
C:\Documents and Settings\Asus\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9hvq2du.default\Cache\_CACHE_MAP_ moved successfully.
C:\Documents and Settings\Asus\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9hvq2du.default\urlclassifier3.sqlite moved successfully.
C:\Documents and Settings\Asus\Local Settings\Application Data\Mozilla\Firefox\Profiles\n9hvq2du.default\XUL.mfl moved successfully.
0
Réponse 14 / 129
fado97 Messages postés 111 Statut Membre
 
Et celui de Lop S&D:

--------------------\\ Lop S&D 4.2.4-5 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Duo CPU E6850 @ 3.00GHz )
BIOS : BIOS Date: 07/03/07 10:01:10 Ver: 08.00.12
USER : Asus ( Administrator )
BOOT : Normal boot
C:\ (Local Disk) - NTFS - Total : 372 Go Free : 44 Go
D:\ (CD or DVD)
E:\ (Local Disk) - NTFS - Total : 372 Go Free : 14 Go
F:\ (CD or DVD)

"C:\Lop SD" ( MAJ : 02-10-2008|23:42 )
Option : [1] ( 13/10/2008|19:40 )

--------------------\\ Listing des dossiers dans APPLIC~1

[13/10/2008|02:14:] C:\DOCUME~1\ADMINI~1\APPLIC~1\ALERT! <REP> Adobe
[13/10/2008|02:14:] C:\DOCUME~1\ADMINI~1\APPLIC~1\ALERT! <REP> Macromedia
[13/10/2008|02:19:] C:\DOCUME~1\ADMINI~1\APPLIC~1\ALERT! <REP> Microsoft
[13/10/2008|02:13:] C:\DOCUME~1\ADMINI~1\APPLIC~1\ALERT! <REP> Mozilla

[19/08/2008|10:26:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> {3ADC3395-6379-4C95-9292-30A373AC55BC}
[26/03/2008|17:54:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Adobe
[26/08/2008|17:55:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Azureus
[25/08/2008|00:41:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Babylon
[15/08/2008|00:09:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> CanonBJ
[11/10/2008|21:51:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Exetender
[12/10/2008|22:54:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> ijqtyben
[19/08/2008|00:14:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Lavasoft
[28/09/2008|00:55:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Logishrd
[29/03/2008|01:13:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Logitech
[12/05/2008|16:39:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Messenger Plus!
[05/04/2008|09:34:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Microsoft
[10/09/2008|10:55:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Microsoft Help
[02/05/2008|03:55:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Player Metaboli
[14/04/2008|14:03:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> SMSI
[19/08/2008|16:35:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Stardock
[02/04/2008|02:27:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Trymedia
[18/08/2008|22:57:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> Windows Genuine Advantage
[29/03/2008|00:11:] C:\DOCUME~1\ALLUSE~1\APPLIC~1\ALERT! <REP> WLInstaller

[12/10/2008|22:53:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> 5
[12/10/2008|22:53:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Adobe
[10/10/2008|05:35:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Azureus
[25/08/2008|00:41:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Babylon
[29/08/2008|21:21:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> dvdcss
[03/06/2008|04:18:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> GarageGames
[10/04/2008|02:17:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> GetRightToGo
[03/06/2008|05:11:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> GRETECH
[26/03/2008|17:20:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Identities
[30/03/2008|05:17:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> InstallShield
[11/09/2008|07:08:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Leadertech
[29/03/2008|00:07:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Macromedia
[28/03/2008|20:58:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Media Player Classic
[28/09/2008|18:08:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Microsoft
[26/08/2008|16:25:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Mozilla
[03/04/2008|05:40:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> My Games
[06/10/2008|14:42:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Petroglyph
[08/09/2008|22:02:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Real
[05/04/2008|09:36:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> SecuROM
[10/04/2008|02:20:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Shareaza
[12/10/2008|22:53:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> sp2
[19/08/2008|16:35:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Stardock
[16/05/2008|23:25:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> Sun
[13/10/2008|17:40:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> TmpRecentIcons
[21/08/2008|10:46:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> vlc
[04/04/2008|12:13:] C:\DOCUME~1\Asus\APPLIC~1\ALERT! <REP> WinRAR

[26/03/2008|17:10:] C:\DOCUME~1\DEFAUL~1\APPLIC~1\ALERT! <REP> Microsoft

[12/08/2008|06:16:] C:\DOCUME~1\LOCALS~1\APPLIC~1\ALERT! <REP> Adobe
[09/04/2008|06:14:] C:\DOCUME~1\LOCALS~1\APPLIC~1\ALERT! <REP> Macromedia
[24/05/2008|05:09:] C:\DOCUME~1\LOCALS~1\APPLIC~1\ALERT! <REP> Microsoft
[12/08/2008|06:11:] C:\DOCUME~1\LOCALS~1\APPLIC~1\ALERT! <REP> Real

[26/03/2008|17:11:] C:\DOCUME~1\NETWOR~1\APPLIC~1\ALERT! <REP> Microsoft

--------------------\\ Tâches planifiées dans C:\WINDOWS\tasks

[13/10/2008 19:34: VIRUS ALERT!][--ah-----] C:\WINDOWS\tasks\SA.DAT
[24/04/2003 14:00: VIRUS ALERT!][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listing des dossiers dans C:\Program Files

[26/03/2008|17:54:] C:\Program Files\ALERT! <REP> Adobe
[26/03/2008|17:55:] C:\Program Files\ALERT! <REP> Ahead
[12/10/2008|23:23:] C:\Program Files\ALERT! <REP> alaplaya
[03/09/2008|13:00:] C:\Program Files\ALERT! <REP> Anno 1701
[27/03/2008|22:12:] C:\Program Files\ALERT! <REP> ASUS
[28/03/2008|15:18:] C:\Program Files\ALERT! <REP> Attansic
[01/04/2008|21:27:] C:\Program Files\ALERT! <REP> BFG
[25/04/2008|06:37:] C:\Program Files\ALERT! <REP> Black Isle
[10/08/2008|20:41:] C:\Program Files\ALERT! <REP> CCleaner
[08/09/2008|14:17:] C:\Program Files\ALERT! <REP> Codemasters
[26/03/2008|17:08:] C:\Program Files\ALERT! <REP> ComPlus Applications
[29/03/2008|02:24:] C:\Program Files\ALERT! <REP> DeepSilver
[28/08/2008|22:56:] C:\Program Files\ALERT! <REP> directx
[14/04/2008|14:01:] C:\Program Files\ALERT! <REP> Eltima Software
[12/10/2008|22:43:] C:\Program Files\ALERT! <REP> eMule
[13/10/2008|14:37:] C:\Program Files\ALERT! <REP> Enigma Software Group
[11/09/2008|07:06:] C:\Program Files\ALERT! <REP> Fichiers communs
[27/08/2008|10:22:] C:\Program Files\ALERT! <REP> Firaxis Games
[10/04/2008|02:11:] C:\Program Files\ALERT! <REP> FLV Player
[12/10/2008|23:23:] C:\Program Files\ALERT! <REP> Foxmail
[10/04/2008|12:43:] C:\Program Files\ALERT! <REP> Freecorder
[10/04/2008|02:22:] C:\Program Files\ALERT! <REP> Freecorder Toolbar
[01/04/2008|21:38:] C:\Program Files\ALERT! <REP> GameSpy Arcade
[10/04/2008|02:11:] C:\Program Files\ALERT! <REP> GlobFX Technologies
[10/04/2008|02:18:] C:\Program Files\ALERT! <REP> GRETECH
[12/10/2008|22:54:] C:\Program Files\ALERT! <REP> Inet Delivery
[12/10/2008|23:24:] C:\Program Files\ALERT! <REP> InstallShield Installation Information
[26/03/2008|21:19:] C:\Program Files\ALERT! <REP> Intel
[13/08/2008|09:01:] C:\Program Files\ALERT! <REP> Internet Explorer
[15/08/2008|00:05:] C:\Program Files\ALERT! <REP> Java
[19/08/2008|10:22:] C:\Program Files\ALERT! <REP> Kalypso
[26/03/2008|17:47:] C:\Program Files\ALERT! <REP> K-Lite Codec Pack
[28/09/2008|18:05:] C:\Program Files\ALERT! <REP> Koei
[19/08/2008|00:16:] C:\Program Files\ALERT! <REP> Lavasoft
[10/10/2008|11:15:] C:\Program Files\ALERT! <REP> Lighthouse Interactive
[18/04/2008|12:11:] C:\Program Files\ALERT! <REP> Lionhead Studios Ltd
[11/09/2008|07:06:] C:\Program Files\ALERT! <REP> Logitech
[06/10/2008|00:53:] C:\Program Files\ALERT! <REP> LucasArts
[09/04/2008|17:45:] C:\Program Files\ALERT! <REP> Media Player Classic
[01/09/2008|09:36:] C:\Program Files\ALERT! <REP> Messenger
[06/09/2008|01:23:] C:\Program Files\ALERT! <REP> Messenger Plus! Live
[30/03/2008|09:00:] C:\Program Files\ALERT! <REP> Microsoft CAPICOM 2.1.0.2
[26/03/2008|17:10:] C:\Program Files\ALERT! <REP> microsoft frontpage
[29/03/2008|06:24:] C:\Program Files\ALERT! <REP> Microsoft Office
[29/03/2008|06:24:] C:\Program Files\ALERT! <REP> Microsoft Visual Studio
[29/03/2008|06:19:] C:\Program Files\ALERT! <REP> Microsoft Visual Studio 8
[29/03/2008|06:25:] C:\Program Files\ALERT! <REP> Microsoft Works
[29/03/2008|06:22:] C:\Program Files\ALERT! <REP> Microsoft.NET
[01/09/2008|09:34:] C:\Program Files\ALERT! <REP> Movie Maker
[13/10/2008|19:36:] C:\Program Files\ALERT! <REP> Mozilla Firefox
[29/03/2008|06:24:] C:\Program Files\ALERT! <REP> MSBuild
[26/03/2008|17:07:] C:\Program Files\ALERT! <REP> MSN
[26/03/2008|17:07:] C:\Program Files\ALERT! <REP> MSN Gaming Zone
[30/03/2008|09:00:] C:\Program Files\ALERT! <REP> MSXML 4.0
[29/03/2008|02:45:] C:\Program Files\ALERT! <REP> MSXML 6.0
[01/09/2008|09:33:] C:\Program Files\ALERT! <REP> NetMeeting
[26/03/2008|17:08:] C:\Program Files\ALERT! <REP> Online Services
[04/04/2008|13:06:] C:\Program Files\ALERT! <REP> OO Software
[12/08/2008|12:05:] C:\Program Files\ALERT! <REP> OpenOffice.org 2.2
[14/09/2008|00:36:] C:\Program Files\ALERT! <REP> Orange HSS
[01/09/2008|09:45:] C:\Program Files\ALERT! <REP> Outlook Express
[12/10/2008|22:54:] C:\Program Files\ALERT! <REP> pkjjpce
[11/10/2008|21:52:] C:\Program Files\ALERT! <REP> Player Metaboli
[29/03/2008|03:10:] C:\Program Files\ALERT! <REP> PlayOnline
[13/10/2008|14:36:] C:\Program Files\ALERT! <REP> Rapid Antivirus
[09/04/2008|17:45:] C:\Program Files\ALERT! <REP> Real Alternative
[21/04/2008|15:29:] C:\Program Files\ALERT! <REP> RealArcade
[26/03/2008|21:16:] C:\Program Files\ALERT! <REP> Realtek
[03/10/2008|10:12:] C:\Program Files\ALERT! <REP> Reaxxion
[26/03/2008|17:59:] C:\Program Files\ALERT! <REP> Reference Assemblies
[28/09/2008|15:27:] C:\Program Files\ALERT! <REP> ReflexiveArcade
[10/04/2008|02:20:] C:\Program Files\ALERT! <REP> Replay Media Catcher
[26/03/2008|17:09:] C:\Program Files\ALERT! <REP> Services en ligne
[10/04/2008|02:20:] C:\Program Files\ALERT! <REP> Shareaza
[31/03/2008|12:45:] C:\Program Files\ALERT! <REP> Sierra
[14/04/2008|14:03:] C:\Program Files\ALERT! <REP> Smith Micro
[08/09/2008|07:47:] C:\Program Files\ALERT! <REP> Stardock
[05/04/2008|05:22:] C:\Program Files\ALERT! <REP> THQ
[13/10/2008|15:49:] C:\Program Files\ALERT! <REP> Trend Micro
[26/03/2008|17:20:] C:\Program Files\ALERT! <REP> Uninstall Information
[21/08/2008|10:47:] C:\Program Files\ALERT! <REP> VideoLAN
[30/03/2008|05:18:] C:\Program Files\ALERT! <REP> Virtual CD v9
[28/09/2008|15:35:] C:\Program Files\ALERT! <REP> Virtual Villagers The Secret City
[29/08/2008|10:42:] C:\Program Files\ALERT! <REP> VUGames
[26/08/2008|17:55:] C:\Program Files\ALERT! <REP> Vuze
[10/08/2008|20:42:] C:\Program Files\ALERT! <REP> Wanadoo
[01/04/2008|21:35:] C:\Program Files\ALERT! <REP> Wanadoo Edition
[23/04/2008|20:51:] C:\Program Files\ALERT! <REP> Windows Doctor
[29/03/2008|00:23:] C:\Program Files\ALERT! <REP> Windows Live
[04/09/2008|01:52:] C:\Program Files\ALERT! <REP> Windows Live Safety Center
[18/08/2008|17:36:] C:\Program Files\ALERT! <REP> Windows Media Connect 2
[01/09/2008|09:33:] C:\Program Files\ALERT! <REP> Windows Media Player
[01/09/2008|09:33:] C:\Program Files\ALERT! <REP> Windows NT
[26/03/2008|17:09:] C:\Program Files\ALERT! <REP> WindowsUpdate
[04/04/2008|12:48:] C:\Program Files\ALERT! <REP> WinRAR
[26/03/2008|17:10:] C:\Program Files\ALERT! <REP> xerox

--------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs

[26/03/2008|17:54:] C:\Program Files\Fichiers communs\ALERT! <REP> Adobe
[26/03/2008|17:55:] C:\Program Files\Fichiers communs\ALERT! <REP> Ahead
[29/03/2008|06:24:] C:\Program Files\Fichiers communs\ALERT! <REP> DESIGNER
[28/08/2008|22:54:] C:\Program Files\Fichiers communs\ALERT! <REP> InstallShield
[16/05/2008|23:21:] C:\Program Files\Fichiers communs\ALERT! <REP> Java
[01/10/2008|08:11:] C:\Program Files\Fichiers communs\ALERT! <REP> LogiShrd
[11/09/2008|07:07:] C:\Program Files\Fichiers communs\ALERT! <REP> Logitech
[11/08/2008|09:08:] C:\Program Files\Fichiers communs\ALERT! <REP> Microsoft Shared
[26/03/2008|17:08:] C:\Program Files\Fichiers communs\ALERT! <REP> MSSoap
[26/03/2008|13:01:] C:\Program Files\Fichiers communs\ALERT! <REP> ODBC
[29/03/2008|03:10:] C:\Program Files\Fichiers communs\ALERT! <REP> PlayOnline
[26/03/2008|17:08:] C:\Program Files\Fichiers communs\ALERT! <REP> Services
[26/03/2008|13:01:] C:\Program Files\Fichiers communs\ALERT! <REP> SpeechEngines
[08/09/2008|07:47:] C:\Program Files\Fichiers communs\ALERT! <REP> Stardock
[01/09/2008|09:32:] C:\Program Files\Fichiers communs\ALERT! <REP> System
[29/03/2008|00:15:] C:\Program Files\Fichiers communs\ALERT! <REP> WindowsLiveInstaller
[19/08/2008|00:15:] C:\Program Files\Fichiers communs\ALERT! <REP> Wise Installation Wizard

--------------------\\ Process

( 72 Processes )

IEXPLORE.EXE ~ [PID:4536]

--------------------\\ Recherche avec S_Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Recherche de Fichiers / Dossiers Lop

Aucun fichier / dossier Lop trouvé !

--------------------\\ Verification du Registre

..... OK !

--------------------\\ Verification du fichier Hosts

Fichier Hosts PROPRE

--------------------\\ Recherche de fichiers avec Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-13 19:45:09
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
C:\WINDOWS\System32\svchost.exe:ext.exe 25088 bytes executable
scan completed successfully
hidden processes: 0
hidden files: 2

--------------------\\ Recherche d'autres infections

C:\WINDOWS\system32\bbbIlkkj.ini
C:\WINDOWS\system32\bbbIlkkj.ini2
[b]==> VUNDO <==/b

Trojan ! .. C:\WINDOWS\system32\drivers\tdssserv.sys
Trojan ! .. C:\WINDOWS\system32\tdssservers.dat
Trojan ! .. C:\WINDOWS\system32\tdssserf.dll
Trojan ! .. C:\WINDOWS\system32\tdssmain.dll
Trojan ! .. C:\WINDOWS\system32\tdssinit.dll
Trojan ! .. C:\WINDOWS\system32\tdssadw.dll
Trojan ! .. C:\WINDOWS\system32\tdsslog.dll
Trojan ! .. C:\WINDOWS\system32\tdssl.dll

--------------------\\ Suspect ..

C:\WINDOWS\system32\tdssadw.dll
C:\WINDOWS\system32\TDSSerrors.log
C:\WINDOWS\system32\tdssinit.dll
C:\WINDOWS\system32\TDSSl.dll
C:\WINDOWS\system32\tdsslog.dll
C:\WINDOWS\system32\tdssmain.dll
C:\WINDOWS\system32\tdssserf.dll
C:\WINDOWS\system32\tdssservers.dat

[F:20][D:0]-> C:\DOCUME~1\Asus\LOCALS~1\Temp
[F:14][D:0]-> C:\DOCUME~1\Asus\Cookies
[F:69][D:4]-> C:\DOCUME~1\Asus\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - 13/10/2008|18:26 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - 13/10/2008|19:49 - Option : [1]

--------------------\\ Fin du rapport a 19:49:01
0
Réponse 15 / 129
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Bien ....

voilà la suite :

1- refais un coup de ccleaner ( registre compris ) .

2- -Télécharges SDFix sur ton bureau :
ici http://downloads.andymanchesta.com/RemovalTools/SDFix.exe.
ou ici http://sdfix.net/SDFix.exe

--> Double-cliques sur SDFix.exe et choisis "Install" .

( tuto ici : https://www.malekal.com/slenfbot-still-an-other-irc-bot/ )

Puis une fois l'installe faite ,

Impératif : Démarrer en mode sans echec .

/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

Comment aller en Mode sans échec :
1) Redémarres ton ordi .
2) Tapotes la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip" .
3) Tu tapotes jusqu' à l'apparition de l'écran avec les options de démarrage .
4) Choisis la première option : Sans Échec , et valides en tapant sur [Entrée] .
5) Choisis ton compte habituel ( et pas Administrateur ).
attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...

Ouvres le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double cliques sur RunThis.bat pour lancer le script.
--->Tapes Y pour lancer le script ...
Le Fix supprime les services du virus et nettoie le registre, de ce fait un redémarrage est nécessaire , donc :
presses une touche pour redémarrer quand il te le sera demandé .

Le PC va mettre du temps avant de démarrer ( c'est normale ), après le chargement du Bureau presses une touche lorsque "Finished" s'affiche .

Le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier C:\SDFix sous le nom "Report.txt".
Postes ce dernier dans ta prochaine réponse accompagné d'un nouveau rapport Hijakcthis pour analyse ...
0
Réponse 16 / 129
fado97 Messages postés 111 Statut Membre
 
Voici le rapport SDFix (a savoir que depuis que je l'ai exécuté je reçois un écran bleu a chaque fois que je tente un démarrage normal et le pc redémarre automatiquement donc j'ai du finir en mode sans échec):

[b]SDFix: Version 1.235 [/b]
Run by Asus on 13/10/2008 at 20:54

Microsoft Windows XP [version 5.1.2600]
Running From: C:\SDFix

[b]Checking Services [/b]:

Rootkit Found :
C:\WINDOWS\system32\drivers\WINBW11.sys - Rootkit Pandex/Cutwail - Runtime.sys
C:\WINDOWS\system32\drivers\WINKP55.sys - Rootkit Pandex/Cutwail - Runtime.sys
C:\WINDOWS\system32\drivers\WINWE22.sys - Rootkit Pandex/Cutwail - Runtime.sys
C:\WINDOWS\system32\drivers\WINWS44.sys - Rootkit Pandex/Cutwail - Runtime.sys
C:\WINDOWS\system32\drivers\ATI2DSXX.sys - Rootkit Pandex/Cutwail - Protect.sys

[b]Name [/b]:
afinding
ICF
macidwe
perfs
restore
routing
tdxdowkc
wserving
WINBW11
WINKP55
WINWE22
WINWS44
ATI2DSXX

[b]Path [/b]:
C:\WINDOWS\system32\afinding.exe
C:\WINDOWS\system32\svchost.exe:ext.exe
C:\WINDOWS\system32\macidwe.exe
C:\WINDOWS\system32\perfs.exe
\??\C:\WINDOWS\system32\drivers\restore.sys
C:\WINDOWS\system32\routing.exe
C:\WINDOWS\system32\tdxdowkc.exe
C:\WINDOWS\system32\wserving.exe
\??\C:\WINDOWS\System32\drivers\Winbw11.sys
\??\C:\WINDOWS\System32\drivers\Winkp55.sys
\??\C:\WINDOWS\System32\drivers\Winwe22.sys
\??\C:\WINDOWS\System32\drivers\Winws44.sys
System32\Drivers\ati2dsxx.sys

afinding - Deleted
ICF - Deleted
macidwe - Deleted
perfs - Deleted
restore - Deleted
routing - Deleted
tdxdowkc - Deleted
wserving - Deleted
WINBW11 - Deleted
WINKP55 - Deleted
WINWE22 - Deleted
WINWS44 - Deleted
ATI2DSXX - Deleted

Restoring Default Security Values
Restoring Default Hosts File
Restoring Default HomePage Value
Restoring Default Desktop Components Value
Restoring Default Desktop Wallpaper
Restoring Default ScreenSaver value
Restoring Windows Product ID To Remove Fake Virus Alert
Restoring Time Format To Remove Fake Virus Alert

Rebooting

Service ATI2DSXX - Deleted

[b]Checking Files [/b]:

Trojan Files Found:

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat - Contains Links to Malware Sites! - Deleted
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat - Contains Links to Malware Sites! - Deleted
C:\WINDOWS\system32\lphcvj0j0ep2v.exe - Deleted
C:\WINDOWS\system32\byXnoNHY.dll - Deleted
C:\WINDOWS\system32\XSRBGNA.dll - Deleted
C:\WINDOWS\system32\XSRBGN~1.dll - Deleted
C:\WINDOWS\system32\WINBQE32.dll - Deleted
C:\WINDOWS\system32\phcvj0j0ep2v.bmp - Deleted
C:\WINDOWS\system32\blphcvj0j0ep2v.scr - Deleted
C:\WINDOWS\EALF.EXE - Deleted
C:\WINDOWS\EEMK.EXE - Deleted
C:\208226~1 - Deleted
C:\Documents and Settings\Asus\Application Data\Adobe\Player.exe - Deleted
C:\Documents and Settings\Asus\Application Data\Adobe\Player.exe.bak - Deleted
C:\Documents and Settings\Asus\Bureau\Malware Defender.url - Deleted
C:\Documents and Settings\Asus\Favoris\Malware Defender.url - Deleted
C:\Documents and Settings\Asus\Bureau\Protect Your Privacy.url - Deleted
C:\Documents and Settings\Asus\Favoris\Protect Your Privacy.url - Deleted
C:\Documents and Settings\Asus\Bureau\System Error Fixer.url - Deleted
C:\Documents and Settings\Asus\Favoris\System Error Fixer.url - Deleted
C:\WINDOWS\mslagent\2_mslagent.dll - Deleted
C:\WINDOWS\mslagent\mslagent.exe - Deleted
C:\WINDOWS\mslagent\uninstall.exe - Deleted
C:\Program Files\Inet Delivery\inetdl.exe - Deleted
C:\Program Files\Inet Delivery\intdel.exe - Deleted
C:\Program Files\Rapid Antivirus\Uninstall.exe - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\.tt1B.tmp - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\.tt1D.tmp - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\.tt21.tmp - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\.tt22.tmp - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\.ttD.tmp - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\.ttE.tmp - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\.tt1B.tmp.vbs - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\.tt21.tmp.vbs - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\.ttD.tmp.vbs - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\pwrmgr.exe.bat - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\smchk.exe.bat - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\windfr.exe.bat - Deleted
C:\d.exe - Deleted
C:\WINDOWS\a.bat - Deleted
C:\WINDOWS\vortsgbqpvo.dll - Deleted
C:\WINDOWS\vortsgbqtpr.dll - Deleted
C:\WINDOWS\zip1.tmp - Deleted
C:\WINDOWS\zip2.tmp - Deleted
C:\WINDOWS\zip3.tmp - Deleted
C:\WINDOWS\zipped.tmp - Deleted
C:\Program Files\wunauclt.zip - Deleted
C:\Program Files\wunauclt.tbe - Deleted
C:\Documents and Settings\Asus\Application Data\sp2\qaccess.dll - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\57329.exe - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\Csrssc.exe - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\pwrmgr.exe - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\removalfile.bat - Deleted
C:\DOCUME~1\Asus\LOCALS~1\Temp\winlogen.exe - Deleted
C:\d1.exe - Deleted
C:\d2.exe - Deleted
C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013\win32.exe - Deleted
C:\x - Deleted
C:\WINDOWS\a.bat - Deleted
C:\WINDOWS\base64.tmp - Deleted
C:\WINDOWS\bdn.com - Deleted
C:\WINDOWS\FVProtect.exe - Deleted
C:\WINDOWS\iTunesMusic.exe - Deleted
C:\WINDOWS\lfstbwvd.dll - Deleted
C:\WINDOWS\msacm32.drv - Deleted
C:\WINDOWS\mssecu.exe - Deleted
C:\WINDOWS\olnmraew.dll - Deleted
C:\WINDOWS\qkeftmxn.exe - Deleted
C:\WINDOWS\qmafxprs.dll - Deleted
C:\WINDOWS\rasqervy.dll - Deleted
C:\WINDOWS\sdfinacs.dll - Deleted
C:\WINDOWS\sdfixwcs.dll - Deleted
C:\WINDOWS\system32\AFinding.exe - Deleted
C:\WINDOWS\system32\akttzn.exe - Deleted
C:\WINDOWS\system32\anticipator.dll - Deleted
C:\WINDOWS\system32\atsxyzd.sys - Deleted
C:\WINDOWS\system32\awtoolb.dll - Deleted
C:\WINDOWS\system32\bdn.com - Deleted
C:\WINDOWS\system32\bsva-egihsg52.exe - Deleted
C:\WINDOWS\system32\comsa32.sys - Deleted
C:\WINDOWS\system32\dpcproxy.exe - Deleted
C:\WINDOWS\system32\edtxfst.sys - Deleted
C:\WINDOWS\system32\h@tkeysh@@k.dll - Deleted
C:\WINDOWS\system32\hoproxy.dll - Deleted
C:\WINDOWS\system32\hxiwlgpm.dat - Deleted
C:\WINDOWS\system32\hxiwlgpm.exe - Deleted
C:\WINDOWS\system32\macidwe.exe - Deleted
C:\WINDOWS\system32\msgp.exe - Deleted
C:\WINDOWS\system32\msnbho.dll - Deleted
C:\WINDOWS\system32\mssecu.exe - Deleted
C:\WINDOWS\system32\msvchost.exe - Deleted
C:\WINDOWS\system32\mtr2.exe - Deleted
C:\WINDOWS\system32\mwin32.exe - Deleted
C:\WINDOWS\system32\netode.exe - Deleted
C:\WINDOWS\system32\newsd32.exe - Deleted
C:\WINDOWS\system32\perfs.exe - Deleted
C:\WINDOWS\system32\ps1.exe - Deleted
C:\WINDOWS\system32\psof1.exe - Deleted
C:\WINDOWS\system32\psoft1.exe - Deleted
C:\WINDOWS\system32\regc64.dll - Deleted
C:\WINDOWS\system32\regm64.dll - Deleted
C:\WINDOWS\system32\routing.exe - Deleted
C:\WINDOWS\system32\rs32net.exe - Deleted
C:\WINDOWS\system32\Rundl1.exe - Deleted
C:\WINDOWS\system32\smp\msrc.exe - Deleted
C:\WINDOWS\system32\sncntr.exe - Deleted
C:\WINDOWS\system32\ssurf022.dll - Deleted
C:\WINDOWS\system32\ssvchost.com - Deleted
C:\WINDOWS\system32\ssvchost.exe - Deleted
C:\WINDOWS\system32\sysreq.exe - Deleted
C:\WINDOWS\system32\taack.dat - Deleted
C:\WINDOWS\system32\taack.exe - Deleted
C:\WINDOWS\system32\tdxdowkc.exe - Deleted
C:\WINDOWS\system32\temp#01.exe - Deleted
C:\WINDOWS\system32\thun.dll - Deleted
C:\WINDOWS\system32\thun32.dll - Deleted
C:\WINDOWS\system32\VBIEWER.OCX - Deleted
C:\WINDOWS\system32\vbsys2.dll - Deleted
C:\WINDOWS\system32\vcatchpi.dll - Deleted
C:\WINDOWS\system32\WinCtrl32.dll - Deleted
C:\WINDOWS\system32\winlogonpc.exe - Deleted
C:\WINDOWS\system32\winsystem.exe - Deleted
C:\WINDOWS\system32\WINWGPX.EXE - Deleted
C:\WINDOWS\system32\WServing.exe - Deleted
C:\WINDOWS\userconfig9x.dll - Deleted
C:\WINDOWS\winsystem.exe - Deleted
C:\WINDOWS\wuasirvy.dll - Deleted
C:\WINDOWS\system32\drivers\restore.sys - Deleted
C:\WINDOWS\system32\drivers\tdssserv.sys - Deleted
C:\WINDOWS\system32\tdssadw.dll - Deleted
C:\WINDOWS\system32\TDSSerrors.log - Deleted
C:\WINDOWS\system32\tdssinit.dll - Deleted
C:\WINDOWS\system32\tdssl.dll - Deleted
C:\WINDOWS\system32\tdsslog.dll - Deleted
C:\WINDOWS\system32\tdssmain.dll - Deleted
C:\WINDOWS\system32\tdssserf.dll - Deleted
C:\WINDOWS\system32\tdssservers.dat - Deleted
C:\WINDOWS\system32\drivers\WINBW11.sys - Deleted
C:\WINDOWS\system32\drivers\WINKP55.sys - Deleted
C:\WINDOWS\system32\drivers\WINWE22.sys - Deleted
C:\WINDOWS\system32\drivers\WINWS44.sys - Deleted
C:\WINDOWS\system32\drivers\ATI2DSXX.sys - Deleted

Folder C:\Documents and Settings\Asus\Application Data\sp2 - Removed
Folder C:\Program Files\Inet Delivery - Removed
Folder C:\Program Files\Rapid Antivirus - Removed
Folder C:\RECYCLER\S-1-5-21-1482476501-1644491937-682003330-1013 - Removed
Folder C:\WINDOWS\mslagent - Removed
Folder C:\WINDOWS\system32\smp - Removed

Removing Temp Files

[b]ADS Check [/b]:

C:\WINDOWS\system32\svchost.exe
: ADS Found!
svchost.exe: deleted 25088 bytes in 1 streams.

Checking for remaining Streams

C:\WINDOWS\system32\svchost.exe
No streams found.

[b]Final Check [/b]:

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-13 21:09:44
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties]
"DeviceType"=dword:00000002
"DeviceCharacteristics"=dword:00000100
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties]
"DeviceType"=dword:00000007
"DeviceCharacteristics"=dword:00000100
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties]
"DeviceType"=dword:00000004
"DeviceCharacteristics"=dword:00000100
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties]
"DeviceType"=dword:00000004
"DeviceCharacteristics"=dword:00000100
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties]
"DeviceType"=dword:00000004
"DeviceCharacteristics"=dword:00000100
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties]
"DeviceType"=dword:00000007
"DeviceCharacteristics"=dword:00000100
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MRxDAV\EncryptedDirectories]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdrv9000]
"ServiceBinary"="C:\WINDOWS\system32\drivers\VDRV9000.SYS"
"Group"="SCSI Miniport"
"ImagePath"=str(2):"system32\DRIVERS\vdrv9000.sys"
"ErrorControl"=dword:00000001
"Start"=dword:00000001
"Type"=dword:00000001
"Tag"=dword:00000022

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdrv9000\Enum]
"Count"=dword:00000001
"NextInstance"=dword:00000001
"INITSTARTFAILED"=dword:00000001
"0"="Root\SCSIADAPTER\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdrv9000\parameters]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vdrv9000\security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\vdrv9000]
"ServiceBinary"="C:\WINDOWS\system32\drivers\VDRV9000.SYS"
"Group"="SCSI Miniport"
"ImagePath"=str(2):"system32\DRIVERS\vdrv9000.sys"
"ErrorControl"=dword:00000001
"Start"=dword:00000001
"Type"=dword:00000001
"Tag"=dword:00000022

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\vdrv9000\Enum]
"Count"=dword:00000001
"NextInstance"=dword:00000001
"INITSTARTFAILED"=dword:00000001
"0"="Root\SCSIADAPTER\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\vdrv9000\parameters]

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\vdrv9000\security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,..
[HKEY_LOCAL_MACHINE\SYSTEM\controlset005\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}\Properties]
"DeviceType"=dword:00000002
"DeviceCharacteristics"=dword:00000100
[HKEY_LOCAL_MACHINE\SYSTEM\controlset005\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}\Properties]
"DeviceType"=dword:00000007
"DeviceCharacteristics"=dword:00000100
[HKEY_LOCAL_MACHINE\SYSTEM\controlset005\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}\Properties]
"DeviceType"=dword:00000004
"DeviceCharacteristics"=dword:00000100
[HKEY_LOCAL_MACHINE\SYSTEM\controlset005\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}\Properties]
"DeviceType"=dword:00000004
"DeviceCharacteristics"=dword:00000100
[HKEY_LOCAL_MACHINE\SYSTEM\controlset005\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}\Properties]
"DeviceType"=dword:00000004
"DeviceCharacteristics"=dword:00000100
[HKEY_LOCAL_MACHINE\SYSTEM\controlset005\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}\Properties]
"DeviceType"=dword:00000007
"DeviceCharacteristics"=dword:00000100
[HKEY_LOCAL_MACHINE\SYSTEM\controlset005\Services\MRxDAV\EncryptedDirectories]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\controlset005\Services\vdrv9000]
"ServiceBinary"="C:\WINDOWS\system32\drivers\VDRV9000.SYS"
"Group"="SCSI Miniport"
"ImagePath"=str(2):"system32\DRIVERS\vdrv9000.sys"
"ErrorControl"=dword:00000001
"Start"=dword:00000001
"Type"=dword:00000001
"Tag"=dword:00000022

[HKEY_LOCAL_MACHINE\SYSTEM\controlset005\Services\vdrv9000\Enum]
"Count"=dword:00000001
"NextInstance"=dword:00000001
"INITSTARTFAILED"=dword:00000001
"0"="Root\SCSIADAPTER\0000"

[HKEY_LOCAL_MACHINE\SYSTEM\controlset005\Services\vdrv9000\parameters]

[HKEY_LOCAL_MACHINE\SYSTEM\controlset005\Services\vdrv9000\security]
"Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
"OODEFRAG10.00.00.01WORKSTATION"="71720399AF8F3D74E2A1B381F8FDC4DBBB3629CA502D9460B0A74AD952815407C24FE81FFD85CCBC41F321F69C3873C312E10B1E72F53C2550173DA54366CA3CBAFBFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A2D97226D213B555C038D530D6EB3452A9C6AECB7A5D1407D5CACA36CC65A71839F069116B0E4952E7AC3A05EF8D2A147A63705D6EBF5DA611BF7D650534F2AD4A2E1EDF07B06162226DAE85F2C9C7D883274A96B7087661C3A74682549E4D6BD994F0933B3268077940A8380C31196BEA84BE4F1DB538133EB33190D082BCE34C9627F84281AE6D087ACBD2BCE2DCAF9E506EC5813C6D7963D9FA7762433ACE99EA3CC0AB927AE6FA33EF70D78345B19FA32C9B1F0E55792B549502C846AE0ACD0C5EFED8DD046793C7A18C853CF69D06DB02D781A7A31921A2A46094F77C9309BA6FAB81DDF888A5D71E89C13A0EC57B992D640B857E83E28405A52CC5F61080F90624309179079BC6DB2DDAAC16A0BE431B90EE2A0287250341C849A2E647FB10ED28447E9A44733D7F1FF5C91447A181738E371A3C17AE669CA678068725D609A4DC6FAB6544BDA866EE0B497B7889C00DF3C0DE30C9D93C8B7C1EE809B983B25CC93AA458311F369F0D65E7B715F2B1F5BB3A87D4DA98D7B7EE6DCA8E3804A1FC5CFCF86256D2DD6FCEA567A5A36A4CEC44AAA416A96B507F0671AF327972AC20E268BCE9A5A3D34C6D3D8A194E124667CF69CB5237EA7DF3AB089CFD78F96E1494FE85C73474186186F69AD562A09F0D8425975CAC427F5A31E21CF3565A47DB871772483A3A680F9B6CE418D261973CECDCA4FBD231B6AC48073D8556E9582EB9DAA02D157DC9E8130E3A0D3431B304F76515EB1A09CA18084F929CDF0F89740B4A35AB465D03363420ED55C082BDA9F7E70E5A9534257EEDE8B39500C687CEBEB7566C7009A1732D395A0957DCC224A3E13A6CFA2B7474D755BABEE4A1BF0FFEC9310CDE4776CD8FC5DB3278599323932347B525FDAAC409EA455DE4C3E5BA57FBF31CFD7013AA520751CCCB274504C8D0E5451451FD6C2AD2772AF464718DB89C53A0DD72D2224C8EA0CC998631DC23E34B176AD9689D450C76CEB3D09DF5F64D069534CD4F7DBC44B218D0CF74F4EA2933206EE527BC4AE6EE6D5F6968164A06C8E3D899693E44E5740702ECEFCA4941D8C58B523E630D0A0D19DCA295C5D0125BEFC97CC59767015569645C490DCDA080E45193725F446F85DA3384AD8D088F800DA7B54D6F917B4B00D1AFE9A16A106DC971B0CE338C630F2D0F2B7AAC56F0800438952A630F8BCD82C78C7E2175AC6A3AC2452013630AE2013F468A1683FC26136281CDC111BD5A98E7AFF656A767C4ECC07F7AE82D5740B9399A32EF3D4F42"

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

[b]Remaining Services [/b]:

ATI2DSXX

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"="C:\\Program Files\\Mozilla Firefox\\firefox.exe:*:Enabled:Firefox"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"="C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\\Program Files\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\pol.exe"="C:\\Program Files\\PlayOnline\\SquareEnix\\PlayOnlineViewer\\pol.exe:*:Enabled:PlayOnline Viewer"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe"="C:\\Program Files\\Firaxis Games\\Sid Meier's Civilization 4\\Civilization4.exe:*:Enabled:Sid Meier's Civilization 4"
"C:\\Program Files\\Wanadoo Edition\\Digital Reality\\Haegemonia\\_HGM.TMP"="C:\\Program Files\\Wanadoo Edition\\Digital Reality\\Haegemonia\\_HGM.TMP:*:Enabled:Haegemonia"
"C:\\Program Files\\Wanadoo Edition\\Digital Reality\\Haegemonia - The Solon Heritage\\HGMA.EXE"="C:\\Program Files\\Wanadoo Edition\\Digital Reality\\Haegemonia - The Solon Heritage\\HGMA.EXE:*:Enabled:Haegemonia TSH"
"C:\\Program Files\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe"="C:\\Program Files\\THQ\\Gas Powered Games\\GPGNet\\GPG.Multiplayer.Client.exe:*:Enabled:GPGNet - Supreme Commander"
"C:\\Program Files\\Lionhead Studios Ltd\\Black & White\\runblack.exe"="C:\\Program Files\\Lionhead Studios Ltd\\Black & White\\runblack.exe:*:Enabled:lh"
"C:\\Program Files\\Kalypso\\Sins of a Solar Empire\\Sins of a Solar Empire.exe"="C:\\Program Files\\Kalypso\\Sins of a Solar Empire\\Sins of a Solar Empire.exe:*:Enabled:Sins of a Solar Empire"
"C:\\Program Files\\Foxmail\\FoxHot.exe"="C:\\Program Files\\Foxmail\\FoxHot.exe:*:Enabled:Foxmail-Hotmail Proxy Application"
"C:\\Program Files\\Vuze\\Azureus.exe"="C:\\Program Files\\Vuze\\Azureus.exe:*:Enabled:Azureus"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\\Program Files\\Anno 1701\\Anno1701.exe"="C:\\Program Files\\Anno 1701\\Anno1701.exe:*:Enabled:Anno 1701"
"C:\\Program Files\\LucasArts\\Star Wars Empire at War Forces of Corruption\\swfoc.exe"="C:\\Program Files\\LucasArts\\Star Wars Empire at War Forces of Corruption\\swfoc.exe:*:Enabled:Star Wars(R): Empire at War(TM): Forces of Corruption(TM)"
"C:\\Program Files\\LucasArts\\Star Wars Empire at War\\GameData\\sweaw.exe"="C:\\Program Files\\LucasArts\\Star Wars Empire at War\\GameData\\sweaw.exe:*:Enabled:Star Wars: Empire at War"
"C:\\Program Files\\alaplaya\\S4League\\S4Client.exe"="C:\\Program Files\\alaplaya\\S4League\\S4Client.exe:*:Enabled:Project S4 Client.exe"
"C:\\rmxgdx.exe"="C:\\rmxgdx.exe:*:Disabled:rmxgdx"
"C:\\WINDOWS\\Explorer.EXE"="C:\\WINDOWS\\Explorer.EXE:*:Enabled:enable"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"="C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[b]Remaining Files [/b]:

File Backups: - C:\SDFix\backups\backups.zip

[b]Files with Hidden Attributes [/b]:

Tue 20 May 2008 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Mon 13 Oct 2008 22,017 ...H. --- "C:\Documents and Settings\Administrateur\Local Settings\Temp\csrssc.exe"
Mon 18 Aug 2008 0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Thu 9 Nov 2006 20,480 A..H. --- "C:\Program Files\alaplaya\S4League\HShield\9abb02c.dll"
Thu 9 Nov 2006 20,480 A..H. --- "C:\Program Files\alaplaya\S4League\HShield\c0a79ac.dll"
Sat 29 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\523d056929e13eacf8392044f602e53e\BIT62.tmp"
Sat 29 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\afa5528a2269b5106016bdbc1ea3037f\BIT61.tmp"
Sat 29 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\cc102203f99c8c6ebf1523556f8411b6\BIT55.tmp"
Sat 29 Mar 2008 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\f1d01f188c8132c12d35c3222b7723a4\BIT60.tmp"
Tue 20 May 2008 4,348 ...H. --- "C:\Documents and Settings\Asus\Mes documents\Ma musique\Sauvegarde de la licence\drmv1key.bak"
Tue 20 May 2008 20 A..H. --- "C:\Documents and Settings\Asus\Mes documents\Ma musique\Sauvegarde de la licence\drmv1lic.bak"
Sat 29 Mar 2008 312 A.SH. --- "C:\Documents and Settings\Asus\Mes documents\Ma musique\Sauvegarde de la licence\drmv2key.bak"
Mon 11 Apr 2005 24,576 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0001.tmp"
Sun 10 Apr 2005 23,040 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0002.tmp"
Mon 11 Apr 2005 32,256 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0003.tmp"
Mon 11 Apr 2005 24,576 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0004.tmp"
Fri 8 Apr 2005 33,280 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0005.tmp"
Mon 11 Apr 2005 30,720 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0006.tmp"
Mon 11 Apr 2005 26,112 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0273.tmp"
Mon 11 Apr 2005 27,648 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0317.tmp"
Mon 11 Apr 2005 27,648 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0522.tmp"
Mon 11 Apr 2005 24,576 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0564.tmp"
Mon 11 Apr 2005 28,160 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0572.tmp"
Mon 11 Apr 2005 26,112 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0660.tmp"
Mon 11 Apr 2005 30,720 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL0668.tmp"
Mon 11 Apr 2005 30,208 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL1134.tmp"
Mon 11 Apr 2005 29,696 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL1502.tmp"
Mon 11 Apr 2005 28,160 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL1773.tmp"
Mon 11 Apr 2005 26,624 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL2196.tmp"
Mon 11 Apr 2005 29,696 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL2241.tmp"
Mon 11 Apr 2005 30,208 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL2531.tmp"
Mon 11 Apr 2005 32,256 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL2736.tmp"
Mon 11 Apr 2005 31,744 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL3286.tmp"
Mon 11 Apr 2005 28,160 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL3575.tmp"
Mon 11 Apr 2005 31,744 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL3666.tmp"
Mon 11 Apr 2005 28,672 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL3729.tmp"
Mon 11 Apr 2005 27,136 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL3951.tmp"
Mon 11 Apr 2005 28,672 A..H. --- "C:\Documents and Settings\Asus\Bureau\Images\Dossier PERSO\suikoden\suikoden 4\~WRL4021.tmp"
Mon 13 Oct 2008 22,017 A..H. --- "C:\_OTMoveIt\MovedFiles\10132008_193123\DOCUME~1\Asus\LOCALS~1\Temp\csrssc.exe"

[b]Finished![/b]
0
Réponse 17 / 129
fado97 Messages postés 111 Statut Membre
 
Et le rapport Hijackthis (fait en mode sans echec vu que je peux pas démarrer normalement):

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:23:40, on 13/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Safe mode with network support

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\savedump.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\DOCUME~1\Asus\LOCALS~1\Temp\csrssc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\monjack.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {10DEEE26-BED3-49B7-BAC8-F84E96815C5B} - C:\WINDOWS\system32\jkklIbbb.dll
O2 - BHO: C:\WINDOWS\system32\jsd72hf4t.dll - {C5BF49A2-94F3-42BD-F434-3604812C897D} - C:\WINDOWS\system32\jsd72hf4t.dll
O3 - Toolbar: Freecorder Toolbar - {1392b8d2-5c05-419f-a8f6-b9f15a596612} - C:\Program Files\Freecorder\tbFre1.dll
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\RaidTool\xInsIDE.exe
O4 - HKLM\..\Run: [36X Raid Configurer] C:\WINDOWS\system32\xRaidSetup.exe boot
O4 - HKLM\..\Run: [VC9Player] C:\Program Files\Virtual CD v9\System\VC9Play.exe
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [I downloaded pirated Software from P2P] Star Wars Empire at War Forces of Corruption
O4 - HKLM\..\Run: [7c1cd381] rundll32.exe "C:\WINDOWS\system32\oeaysyat.dll",b
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Orange Desktop Search] "C:\PROGRA~1\ORANGE~1\ORANGE~1\ORANGE~1.EXE" /tray
O4 - HKCU\..\Run: [user16] C:\WINDOWS\system32\winhlp.exe
O4 - HKCU\..\Run: [hlpsrvstr] C:\WINDOWS\system32\fspsbqvk.exe
O4 - HKCU\..\Run: [WindowsAPI32] C:\rmxgdx.exe
O4 - HKCU\..\Run: [Jnskdfmf9eldfd] C:\DOCUME~1\Asus\LOCALS~1\Temp\csrssc.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 11.70.1193.0 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [WUAppSetup] C:\Program Files\Fichiers communs\logishrd\WUApp32.exe -v 0x046d -p 0x092e -f video -m logitech -d 11.70.1193.0 (User 'Default user')
O4 - S-1-5-18 Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe (User 'Default user')
O4 - Startup: Rapid Antivirus.lnk = C:\Program Files\Rapid Antivirus\Rapid Antivirus.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://www.secuser.com
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: bw+0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {373FDD2F-ED35-4815-8689-1DE1704E2012} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: xggwfe.dll
O20 - Winlogon Notify: jyzmii - jyzmii.dll (file missing)
O20 - Winlogon Notify: xsrbgna - xsrbgna.dll (file missing)
O21 - SSODL: ComEn - {476EC286-BF47-D98D-6C8B-052C2888455E} - C:\Program Files\pkjjpce\ComEn.dll
O22 - SharedTaskScheduler: lksdfj98w3rmsekfnaui3rgfdgf - {C5BF49A2-94F3-42BD-F434-3604812C897D} - C:\WINDOWS\system32\jsd72hf4t.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: afisicx Service (afisicx) - Unknown owner - C:\WINDOWS\system32\afisicx.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: mabidwe Service (mabidwe) - Unknown owner - C:\WINDOWS\system32\mabidwe.exe
O23 - Service: noytcyr Service (noytcyr) - Unknown owner - C:\WINDOWS\system32\noytcyr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: perfmons Service (perfmons) - Unknown owner - C:\WINDOWS\system32\perfs.exe (file missing)
O23 - Service: roytctm Service (roytctm) - Unknown owner - C:\WINDOWS\system32\roytctm.exe
O23 - Service: soxpeca Service (soxpeca) - Unknown owner - C:\WINDOWS\system32\soxpeca.exe
O23 - Service: tdydowkc Service (tdydowkc) - Unknown owner - C:\WINDOWS\system32\tdydowkc.exe
O23 - Service: Virtual CD v9 Management Service (VC9SecS) - H+H Software GmbH - C:\Program Files\Virtual CD v9\System\vc9secs.exe
O23 - Service: wsldoekd Service (wsldoekd) - Unknown owner - C:\WINDOWS\system32\wsldoekd.exe
0
Réponse 18 / 129
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
bien ...

Fais ceci pour retrouvé ton bureau en mode normal :

presses Ctrl + Alt + Suppr , Onglet "Fichier"-> "Nouvelle tâche":
tapes explorer.exe et valides .

1- Refais un scan hijackthis en mode NORMAL et postes moi le rapport obtenu stp

Une fois ce rapport posté , fais la suite :

2- refais un coup de CCleaner (registre compris ) .

3- Télécharges MalwareByte's :
ici ftp://ftp.commentcamarche.com/download/mbam-setup.exe
ou ici : http://www.malwarebytes.org/mbam.php

Installes le ( choisis bien "francais" ; ne modifies pas les paramètres d'installe ) et mets le à jour .

(NB : S'il te manque "COMCTL32.OCX" lors de l'installe, alors télécharges le ici : https://www.malekal.com/tutorial-aboutbuster/ )

Potasses le tuto pour te familiariser avec le prg : https://forum.pcastuces.com/sujet.asp?f=31&s=3
( cela dis, il est très simple d'utilisation ).

Impératif : Démarrer en mode sans echec .

/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\

Comment aller en Mode sans échec :
1) Redémarres ton ordi .
2) Tapotes la touche F8 immédiatement, (F5 sur certains PC) juste après le "Bip" .
3) Tu tapotes jusqu' à l'apparition de l'écran avec les options de démarrage .
4) Choisis la première option : Sans Échec , et valides en tapant sur [Entrée] .
5) Choisis ton compte habituel ( et pas Administrateur ).
attention : pas de connexion possible en mode sans échec , donc copies ou imprimes bien la manipe pour éviter les erreurs ...

Lances Malwarebyte's .

Fais un scan dit "complet" ( sélectionnes bien tous tes disks avant le scan ! ) et supprimes tout ce qu'il peut trouver, c'est à dire :
-->Laisses le scan se terminer,puis à la fin tu cliques sur "résultat" .
-->Vérifies que tous les objets infectés soient validés, puis cliques sur " suppression " .

Redémarres ton PC ( mode normal ).

Postes le rapport sauvegardé après la suppression des objets infectés (dans l'onglet "rapport/log"de Malwarebytes, le dernier en date) accompagné d'un nouvel hijackthis ( fait en mode normal ) ...
0
Réponse 19 / 129
fado97 Messages postés 111 Statut Membre
 
Comme je l'ai dit plus haut je peux rien faire en mode normal vu que juste après l'écran avec le logo de Windows et la petite barre de chargement j'ai de suite un écran bleu d'erreur et le pc redémarre automatiquement, ça fait 3 fois que j'essaie déjà.
0
Réponse 20 / 129
sKe69 Messages postés 21955 Statut Contributeur sécurité 463
 
Ok ... tu me diras , c'est pas étonnant vu l'empleur de ces multiples infections ....

Passes à Malwarebytes alors ... et une fois fais postes moi les rapports demandé et ré-essayes le mode normal ...
0

Discussions similaires

Paris multiple : explications de 2/3, 3/4, 2/4, 2/5, etc.
florent.c -
Aide -

85 réponses
Pari multiple 2/5 explications
alicia 29 -
cha -

14 réponses
[ParionsSport] Paris multiple, une arnaque ?
yassoo26 -
Sekli -

9 réponses
Tableau excel paris sportif multiple
drean7 -
drean7 -

10 réponses
Paris Sportifs Combinés
Alex06 -
Functiona -

4 réponses