N'est pas une application pour win32 valide

Résolu/Fermé
psg59 -  
sKe69 Messages postés 21955 Statut Contributeur sécurité -
Bonjour,
voici le message que m'affiche mes logiciel ou autre "n'est pas une application pour win32 valide "

que faire pour remédier a ce probleme
Configuration: Windows XP
Firefox 3.0.3

75 réponses

  • 1
  • 2
  • 3
  • 4
  1. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    Salut,

    Infection par un bagle :

    1-IMPORTANT :
    je rappelle que bagle est amené par un crack et qu'il se relance dès que tu te sers de celui ci; même si tu ne sers pas, il peut se relancer de lui même au démarrage de ton PC . En claire :
    Essayes surtout de te rappeler si récemment tu n' as pas clicker sur un "patch" ou un "keygen" pour installer un logiciel, un jeu cracké ou avoir une version complète d'un soft , et qu'il ne se soit rien passé de particulier ... C'est la que les bagles s'infiltrent ! Si tu retrouves ce crack en particulier ,scratch tout ( le crack, le soft ou encore les zip concernés). Si tu ne te rappelles plus trop , je te conseille fortement de supprimer tous les cracks qui sont sur ton PC ... ;)

    2- Télécharges FindyKill de Chiquitine29 :

    http://sd-1.archive-host.com/membres/up/116615172019703188/FindyKill.exe

    ->Enregistres le sur ton bureau et pas ailleurs !

    !! Déconnectes toi et fermes toute applications en cours !!

    ( Si ton anti-virus s'affolle au moment de l'enregistrement ou de l'utilisation de l'outil , ignore l'alerte ...)

    -> Cliques sur "FindyKill.exe" pour lancer l'installe de l'outil . Ne touche surtout pas aux paramètres d'installation.

    Notes importantes :
    * si tu as le prg Elibagla sur ton PC , supprimes le ( risque de conflit entre les deux outils ) .

    --> Double cliques sur le raccourci " FindyKill " qui est sur ton bureau .

    -->choisis l'option 1 ( recherche ) . Puis laisses travailler l'outil sans rien toucher ...

    Une fois terminé, postes le rapport FindyKill.txt qui est généré ...

    ( Note : le rapport est sauvegardé à la racine du disque -> C:\FindyKill.txt )

    PS : "Process.exe", une composante de l'outil, est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool.
    Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus.
    Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
    0
  2. psg59
     
    ----------------- FindyKill V4.095 ------------------

    * User : ..........
    * Emplacement : C:\Program Files\FindyKill
    * Outils Mis a jours le 24/10/08 par Chiquitine29
    * Recherche effectuée à 19:24:19 le 24/10/2008
    * Windows XP - Internet Explorer 7.0.5730.13

    ((((((((((((((((( *** Recherche *** ))))))))))))))))))

    --------------- [ Processus actifs ] ----------------

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
    C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\drivers\winfilse.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe

    --------------- [ Processus infectieux stoppés ] ----------------

    "C:\WINDOWS\system32\drivers\winfilse.exe" (332)

    --------------- [ Fichiers/Dossiers infectieux ] ----------------

    »»»» Presence des fichiers dans C:

    »»»» Presence des fichiers dans C:\WINDOWS

    »»»» Presence des fichiers dans C:\WINDOWS\Prefetch

    Present ! - C:\WINDOWS\prefetch\109296.EXE-2CA11A13.pf
    Present ! - C:\WINDOWS\prefetch\116062.EXE-2D9B3D66.pf
    Present ! - C:\WINDOWS\prefetch\139125.EXE-122DB261.pf
    Present ! - C:\WINDOWS\prefetch\143546.EXE-08416948.pf
    Present ! - C:\WINDOWS\prefetch\147375.EXE-093E196A.pf
    Present ! - C:\WINDOWS\prefetch\163968.EXE-2FEFF694.pf
    Present ! - C:\WINDOWS\prefetch\168468.EXE-2611E9F4.pf
    Present ! - C:\WINDOWS\prefetch\174218.EXE-04B05EB3.pf
    Present ! - C:\WINDOWS\prefetch\2927546.EXE-0D8BC5EB.pf
    Present ! - C:\WINDOWS\prefetch\2933093.EXE-2EF28F40.pf
    Present ! - C:\WINDOWS\prefetch\2981015.EXE-018F75A5.pf
    Present ! - C:\WINDOWS\prefetch\2984265.EXE-37FD3E4F.pf
    Present ! - C:\WINDOWS\prefetch\2987734.EXE-32B901C6.pf
    Present ! - C:\WINDOWS\prefetch\92375.EXE-2051E35E.pf
    Present ! - C:\WINDOWS\prefetch\94828.EXE-1CF2D94A.pf
    Present ! - C:\WINDOWS\prefetch\FLEC006.EXE-088387C5.pf
    Present ! - C:\WINDOWS\prefetch\MDELK.EXE-1D176F91.pf
    Present ! - C:\WINDOWS\prefetch\WINTEMS.EXE-2A563F9B.pf

    »»»» Presence des fichiers dans C:\WINDOWS\system32

    Présent ! [24/10/2008 18:30] - C:\WINDOWS\system32\mdelk.exe
    Présent ! [24/10/2008 18:09] - C:\WINDOWS\system32\wintems.exe
    Présent ! [24/10/2008 18:30] - C:\WINDOWS\system32\ban_list.txt

    »»»» Presence des fichiers dans C:\WINDOWS\system32\drivers

    Présent ! [24/10/2008 18:29] - C:\WINDOWS\system32\drivers\srosa.sys
    Présent ! [20/10/2008 17:54] - C:\WINDOWS\system32\drivers\winfilse.exe
    Présent ! [24/10/2008 18:34] - "C:\WINDOWS\system32\drivers\downld"
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\100078.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\101625.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\102921.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\102968.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\103546.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\103906.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\104703.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\107125.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\108921.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\109296.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\109312.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\111671.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\114593.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\115609.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\116062.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\117015.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\117296.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\118703.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\120093.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\121234.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\124312.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\125125.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\125734.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\126562.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\129203.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\129453.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\130546.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\133765.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\134906.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\136281.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\137125.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\137906.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\138828.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\139125.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\139390.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\141015.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\141390.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\143546.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\144609.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\144656.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\145781.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\147140.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\147375.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\147562.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\14773906.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\14784359.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\14785343.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\14791796.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\14812250.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\14829531.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\14831609.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\14833187.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\14972187.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\14978437.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\150140.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\150421.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\150843.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\151265.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\151500.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\152484.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\154187.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\159250.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\159343.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\163968.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\167500.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\168468.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\168687.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\171453.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\173968.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\174218.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\175359.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\176703.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\181593.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\182796.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\184234.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\184875.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\184906.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\185859.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\187343.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\188203.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\189984.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\190000.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\192562.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\193000.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\194765.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\195156.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\195531.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\196234.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\196343.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\196437.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\196609.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\197875.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\199843.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\206375.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\207140.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\207703.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\208609.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\208640.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\210781.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\215234.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\218156.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\218468.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\220140.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\223046.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\224140.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\224593.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\229734.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\231140.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\233546.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\240140.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\2927546.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\2933093.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\29417718.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\29420890.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\29432421.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\29433468.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\29441390.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\29450406.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\29469546.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\29489296.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\29491781.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\29493312.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\29639875.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\29648093.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\2965046.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\2966531.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\2981015.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\2984265.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\2987734.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\3007171.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\301093.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\301406.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\3025531.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\3033046.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\306671.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\307156.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\323937.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\329937.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\333140.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\335609.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\341406.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\341968.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\342468.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\347343.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\348328.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\354734.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\367046.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\372015.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\376781.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\378781.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\383875.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\394218.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\423484.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\432140.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\68828.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\70703.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\80328.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\82921.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\83718.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\86468.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\86609.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\87421.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\91781.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\92375.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\92687.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\93562.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\94828.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\95890.exe
    Présent ! [24/10/2008 18:34] C:\WINDOWS\system32\drivers\downld\97328.exe

    »»»» Presence des fichiers dans C:\Documents and Settings\LUCIEZ\Application Data

    Présent ! [24/10/2008 06:27] - "C:\Documents and Settings\LUCIEZ\Application Data\m\flec006.exe"
    Présent ! [24/10/2008 17:16] - "C:\Documents and Settings\LUCIEZ\Application Data\m\list.oct"
    Présent ! [24/10/2008 17:17] - "C:\Documents and Settings\LUCIEZ\Application Data\m\data.oct"
    Présent ! [24/10/2008 17:17] - "C:\Documents and Settings\LUCIEZ\Application Data\m\srvlist.oct"
    Présent ! [24/10/2008 18:31] - "C:\Documents and Settings\LUCIEZ\Application Data\m\shared"
    Présent ! [22/10/2008 20:40] - "C:\Documents and Settings\LUCIEZ\Application Data\m"

    »»»» Presence des fichiers dans C:\DOCUME~1\LUCIEZ\LOCALS~1\Temp

    --------------- [ Registre / Startup ] ----------------

    ! REG.EXE VERSION 3.0

    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
    WOOWATCH REG_SZ C:\PROGRA~1\Wanadoo\Watch.exe
    WOOTASKBARICON REG_SZ C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    SunJavaUpdateSched REG_SZ "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    NWEReboot REG_SZ
    NeroFilterCheck REG_SZ C:\WINDOWS\system32\NeroCheck.exe
    InCD REG_SZ C:\Program Files\Ahead\InCD\InCD.exe
    Flash Media REG_SZ
    avgnt REG_SZ "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    avast! REG_SZ C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    Lexmark 1200 Series REG_SZ "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"

    ! REG.EXE VERSION 3.0

    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    ctfmon.exe REG_SZ C:\WINDOWS\system32\ctfmon.exe

    --------------- [ Registre / Clés infectieuses ] ----------------

    Présent ! - HKEY_USERS\S-1-5-21-299502267-2052111302-725345543-1004\Software\Local AppWizard-Generated Applications\nideiect
    Présent ! - HKEY_USERS\S-1-5-21-299502267-2052111302-725345543-1004\Software\Local AppWizard-Generated Applications\winfilse
    Présent ! - HKEY_USERS\S-1-5-21-299502267-2052111302-725345543-1004\Software\bisoft
    Présent ! - HKEY_USERS\S-1-5-21-299502267-2052111302-725345543-1004\Software\DateTime4
    Présent ! - HKEY_USERS\S-1-5-21-299502267-2052111302-725345543-1004\Software\FFC
    Présent ! - HKEY_USERS\S-1-5-21-299502267-2052111302-725345543-1004\Software\FirtR
    Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\nideiect
    Présent ! - HKEY_CURRENT_USER\Software\Local AppWizard-Generated Applications\winfilse
    Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\srosa
    Présent ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
    Présent ! - HKEY_CURRENT_USER\Software\bisoft
    Présent ! - HKEY_CURRENT_USER\Software\DateTime4
    Présent ! - HKEY_CURRENT_USER\Software\FirtR

    --------------- [ Etat / Services ] ----------------

    Clé manquante : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden

    -> Affichage des fichiers cachés non fonctionnel !!

    Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot

    -> Mode sans echec non fonctionnel !!

    Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal

    -> Mode sans echec non fonctionnel !!

    Clé manquante : HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network

    -> Mode sans echec non fonctionnel !!

    +- Services : [ Auto=2 Demande=3 Désactivé=4 ]

    /!\ Ndisuio - Type de démarrage = 4

    EapHost - Type de démarrage = 2

    /!\ Ip6Fw - Type de démarrage = 4

    /!\ SharedAccess - Type de démarrage = 4

    /!\ wuauserv - Type de démarrage = 4

    /!\ wscsvc - Type de démarrage = 4

    --------------- [ Recherche dans supports amovibles] ----------------

    +- Informations :

    C: - Lecteur fixe

    +- presence des fichiers :

    --------------- [ Registre / Moutpoint2 ] ----------------

    Present ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0316d98f-091c-11db-8736-4d6564696130}\Shell\AutoRun\command
    Present ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0316d98f-091c-11db-8736-4d6564696130}\Shell\explore\Command
    Present ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0316d98f-091c-11db-8736-4d6564696130}\Shell\open\Command
    Present ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{409594a2-0ce1-11db-8742-4d6564696130}\Shell\AutoRun\command
    Present ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{409594a2-0ce1-11db-8742-4d6564696130}\Shell\explore\Command
    Present ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{409594a2-0ce1-11db-8742-4d6564696130}\Shell\open\Command

    ------------------- ! Fin du rapport ! --------------------
    0
  3. psg59
     
    ----------------- FindyKill V4.095 ------------------

    * User : ............
    * Emplacement : C:\Program Files\FindyKill
    * Outils Mis a jours le 24/10/08 par Chiquitine29
    * Suppression effectuée à 19:50:40 le 24/10/2008
    * Windows XP - Internet Explorer 7.0.5730.13

    ((((((((((((((( *** Suppression *** ))))))))))))))))))

    --------------- [ Processus actifs ] ----------------

    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\savedump.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\logonui.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\userinit.exe
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\ati2sgag.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

    --------------- [ Fichiers/Dossiers infectieux ] ----------------

    »»»» Suppression des fichiers dans C:

    »»»» Suppression des fichiers dans C:\WINDOWS

    »»»» Suppression des fichiers dans C:\WINDOWS\Prefetch

    Supprimé ! - C:\WINDOWS\Prefetch\ALERTM~1.EXE-1C0AE839.pf
    Supprimé ! - C:\WINDOWS\Prefetch\116062.EXE-2D9B3D66.pf
    Supprimé ! - C:\WINDOWS\Prefetch\REGSVR32.EXE-25EEFE2F.pf
    Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-1BC55A4F.pf
    Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-20A8C272.pf
    Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-37EEC05D.pf
    Supprimé ! - C:\WINDOWS\Prefetch\RUNDLL32.EXE-451FC2C0.pf
    Supprimé ! - C:\WINDOWS\Prefetch\2933093.EXE-2EF28F40.pf
    Supprimé ! - C:\WINDOWS\Prefetch\2987734.EXE-32B901C6.pf
    Supprimé ! - C:\WINDOWS\Prefetch\139125.EXE-122DB261.pf
    Supprimé ! - C:\WINDOWS\Prefetch\147375.EXE-093E196A.pf
    Supprimé ! - C:\WINDOWS\Prefetch\2981015.EXE-018F75A5.pf
    Supprimé ! - C:\WINDOWS\Prefetch\2984265.EXE-37FD3E4F.pf
    Supprimé ! - C:\WINDOWS\Prefetch\92375.EXE-2051E35E.pf
    Supprimé ! - C:\WINDOWS\Prefetch\109296.EXE-2CA11A13.pf
    Supprimé ! - C:\WINDOWS\Prefetch\143546.EXE-08416948.pf
    Supprimé ! - C:\WINDOWS\Prefetch\2927546.EXE-0D8BC5EB.pf
    Supprimé ! - C:\WINDOWS\Prefetch\FLEC006.EXE-088387C5.pf
    Supprimé ! - C:\WINDOWS\Prefetch\163968.EXE-2FEFF694.pf
    Supprimé ! - C:\WINDOWS\Prefetch\168468.EXE-2611E9F4.pf
    Supprimé ! - C:\WINDOWS\Prefetch\174218.EXE-04B05EB3.pf
    Supprimé ! - C:\WINDOWS\Prefetch\94828.EXE-1CF2D94A.pf
    Supprimé ! - C:\WINDOWS\Prefetch\UNINS000.EXE-15535578.pf
    Supprimé ! - C:\WINDOWS\Prefetch\WINTEMS.EXE-2A563F9B.pf
    Supprimé ! - C:\WINDOWS\Prefetch\MDELK.EXE-1D176F91.pf

    »»»» Suppression des fichiers dans C:\WINDOWS\system32

    Supprimé ! - C:\WINDOWS\system32\mdelk.exe
    Supprimé ! - C:\WINDOWS\system32\wintems.exe
    Supprimé ! - C:\WINDOWS\system32\ban_list.txt

    »»»» Suppression des fichiers dans C:\WINDOWS\system32\drivers

    Supprimé ! - C:\WINDOWS\system32\drivers\srosa.sys
    Supprimé ! - C:\WINDOWS\system32\drivers\winfilse.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\100078.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\101625.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\102921.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\102968.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\103546.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\103906.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\104703.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\107125.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\108921.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\109296.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\109312.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\111671.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\114593.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\115609.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\116062.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\117015.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\117296.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\118703.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\120093.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\121234.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\124312.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\125125.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\125734.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\126562.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\129203.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\129453.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\130546.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\133765.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\134906.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\136281.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\137125.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\137906.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\138828.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\139125.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\139390.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\141015.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\141390.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\143546.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\144609.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\144656.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\145781.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\147140.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\147375.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\147562.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\14773906.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\14784359.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\14785343.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\14791796.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\14812250.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\14829531.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\14831609.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\14833187.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\14972187.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\14978437.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\150140.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\150421.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\150843.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\151265.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\151500.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\152484.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\154187.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\159250.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\159343.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\163968.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\167500.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\168468.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\168687.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\171453.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\173968.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\174218.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\175359.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\176703.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\181593.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\182796.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\184234.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\184875.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\184906.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\185859.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\187343.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\188203.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\189984.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\190000.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\192562.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\193000.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\194765.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\195156.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\195531.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\196234.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\196343.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\196437.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\196609.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\197875.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\199843.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\206375.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\207140.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\207703.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\208609.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\208640.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\210781.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\215234.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\218156.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\218468.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\220140.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\223046.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\224140.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\224593.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\229734.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\231140.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\233546.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\240140.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\2927546.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\2933093.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\29417718.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\29420890.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\29432421.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\29433468.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\29441390.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\29450406.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\29469546.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\29489296.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\29491781.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\29493312.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\29639875.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\29648093.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\2965046.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\2966531.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\2981015.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\2984265.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\2987734.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\3007171.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\301093.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\301406.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\3025531.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\3033046.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\306671.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\307156.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\323937.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\329937.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\333140.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\335609.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\341406.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\341968.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\342468.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\347343.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\348328.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\354734.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\3615296.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\3627734.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\3628593.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\3644156.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\3647531.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\367046.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\372015.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\3751062.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\3752781.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\376781.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\378781.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\383875.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\3894453.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\3902968.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\394218.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\423484.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\432140.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\68828.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\70703.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\80328.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\82921.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\83718.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\86468.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\86609.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\87421.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\91781.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\92375.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\92687.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\93562.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\94828.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\95890.exe
    Supprimé ! - C:\WINDOWS\system32\drivers\downld\97328.exe
    Supprimé ! - "C:\WINDOWS\system32\drivers\downld"

    »»»» Suppression des fichiers dans C:\Documents and Settings\LUCIEZ\Application Data

    Supprimé ! - "C:\Documents and Settings\LUCIEZ\Application Data\m\flec006.exe"
    Supprimé ! - "C:\Documents and Settings\LUCIEZ\Application Data\m\list.oct"
    Supprimé ! - "C:\Documents and Settings\LUCIEZ\Application Data\m\data.oct"
    Supprimé ! - "C:\Documents and Settings\LUCIEZ\Application Data\m\srvlist.oct"
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\A2QB_1.4.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Active_Keys_2.3.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Adept XML to MDB Conversion Wizard 1.0.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Adsense Site Builder 1.2 (With Crack).zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\AES_Pro_5.5_[With_Crack].zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Allmydata 1.7.10.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\AMT_Trains_1.0.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\AV Site checker 2.1.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Batch_Renamer_2.1.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Battleship 1.2.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\CAD Importer DLL 5.2.5.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Captain FTP Widget 0.9.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Chroma 1.1.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\College_Sports_Ticker_1.0.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\CompanionLink Professional 2.0 KeyGen.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Complete Anonymous Web Surfing 5.2.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\CTWidget_1.0_RC1.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Custom Screensaver Selection 4 2.0.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Dapyx MP3 Explorer 1.60.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Data Doctor Recovery FAT+NTFS 3.0.1.5.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Desktop Drive Monitor 1.0.1.15.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Dimin_Image_Viewer_n5_5.2.2.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Drop-Box_1.0_[Serial].zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Fantasy Sounds Add-on For MorphVOX 1.2.czip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Fantasy Sounds Add-on For MorphVOX 1.2.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\FileReplicationPro 1.0 [With Crack].zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Framy_grey_frame_1.0.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Gallerinator 1.5b.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\GhostImage 1.3.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Gordago_Forex_Optimizer_TT_2.6.2522_(KeyGen).zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Granot_Installer_1.0.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Half-Life_2_Substance_mod_v0.32_to_v0.35_patch.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\HVDOSBox_-_Terminal_Fonts_for_Windows_1.02_Cracked.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Icechip Keeper 1.1a.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Insider__Tabloid_Magazine_1.0.3.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\InstantVNC 1.36.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\iPod_Files_Restore_3.0.1.5.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\J2Native_2.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\KaKa ExeLock 1.2.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Kaspersky.Anti-Virus.Personal.Pro.5.0.Key.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Kaspersky.internet.security.v6.0.1.411.fr.key.activation.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\LinearMath_(Motorola)_1.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Moyea SWF to VideoConverter Pro 1.1.1.511.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\No Fuss Screenshot 1.6.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\NoteTab_Light_4.95.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Overload_1.34.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Pdftk_1.41.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Personal_Finance_1.2.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Poster Forge 1.01.08.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\RadioRipper_1.1c.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\RmPrn_1.0.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\SAM_-_Skype_Answering_Machine_2.0_2.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Stellar_Phoenix_Macintosh_2.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Table Tool 1.06.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\The Lock XP 5.07.0130.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Trial_Tarantula_1.01.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\TweakFS_String_Search_&_Replace_1.2.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Universal Mortgage and Loan 3.60.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\UpTime_Screen_Saver_1.00_(Serial).zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Vivaldi_Plus_4.1_[Serial].zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\VV_Install_Maker_1.2.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\WebMonit 1.5.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Windows Inspector 6.2.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\WinIPConfig_1.zip
    Supprimé ! - C:\Documents and Settings\LUCIEZ\Application Data\m\shared\Yahoo_Hockey_Pool_0.3.zip
    Supprimé ! - "C:\Documents and Settings\LUCIEZ\Application Data\m\shared"
    Supprimé ! - "C:\Documents and Settings\LUCIEZ\Application Data\m"

    »»»» Suppression des fichiers dans C:\DOCUME~1\LUCIEZ\LOCALS~1\Temp

    --------------- [ Registre / Clés infectieuses ] ----------------

    Supprimé ! - HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SROSA
    Supprimé ! - HKEY_USERS\S-1-5-21-299502267-2052111302-725345543-1004\Software\Local AppWizard-Generated Applications\nideiect
    Supprimé ! - HKEY_USERS\S-1-5-21-299502267-2052111302-725345543-1004\Software\Local AppWizard-Generated Applications\winfilse

    -> Certaines clés ont été supprimées au premier reboot ...

    --------------- [ Etat / Redémarage des services ] ----------------

    +- Mode sans echec restauré !

    +- Affichage des fichiers cachés réparé !

    +- Services : [ Auto=2 Demande=3 Désactivé=4 ]

    Ndisuio - Type de démarrage = 3

    EapHost - Type de démarrage = 2

    Ip6Fw - Type de démarrage = 2

    SharedAccess - Type de démarrage = 2

    wuauserv - Type de démarrage = 2

    wscsvc - Type de démarrage = 2

    --------------- [ Nettoyage des supports amovibles ] ----------------

    +- Informations :

    C: - Lecteur fixe

    F: - Lecteur amovible

    G: - Lecteur amovible

    +- Suppression des fichiers :

    Supprimé ! - F:\autorun.inf
    Supprimé ! - F:\nideiect.com
    Supprimé ! - F:\adobeR.exe
    Supprimé ! - G:\autorun.inf
    Supprimé ! - G:\nideiect.com

    --------------- [ Registre / Moutpoint2 ] ----------------

    Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0316d98f-091c-11db-8736-4d6564696130}\Shell\AutoRun\command
    Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0316d98f-091c-11db-8736-4d6564696130}\Shell\explore\Command
    Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0316d98f-091c-11db-8736-4d6564696130}\Shell\open\Command
    Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{409594a2-0ce1-11db-8742-4d6564696130}\Shell\AutoRun\command
    Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{409594a2-0ce1-11db-8742-4d6564696130}\Shell\explore\Command
    Supprimé ! - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{409594a2-0ce1-11db-8742-4d6564696130}\Shell\open\Command

    --------------- [ Recherche Cracks / Keygen ] ----------------

    C:\Documents and Settings\LUCIEZ\Mes documents\eMule Downloads\TOWeb_1.5.5\install_crack.exe
    C:\Documents and Settings\LUCIEZ\Mes documents\Romain\Nouveau dossier\L'entraineur 2008 (Le Vrai Crack Inclu).iso
    C:\Documents and Settings\LUCIEZ\Recent\L'entraineur 2008 (Le Vrai Crack Inclu).lnk
    C:\Documents and Settings\LUCIEZ\Recent\Lfp Manager 2008 Pc Game Multilang Fr-Ita-Esp-Pol-Deu-Eng-Nl Crack & Serial Inclus Verif Steph Ok.lnk
    C:\Documents and Settings\LUCIEZ\Recent\Proteus Pro V5.20.06 - Complet ( ares + isis) - Avec Crack - En Fran‡ais.lnk

    ---------------- ! Fin du rapport ! ------------------
    0
  4. psg59
     
    C:\Documents and Settings\LUCIEZ\Mes documents\eMule Downloads\TOWeb_1.5.5\install_crack.exe moved successfully.
    C:\Documents and Settings\LUCIEZ\Mes documents\Romain\Nouveau dossier\L'entraineur 2008 (Le Vrai Crack Inclu).iso moved successfully.
    C:\Documents and Settings\LUCIEZ\Recent\L'entraineur 2008 (Le Vrai Crack Inclu).lnk moved successfully.
    C:\Documents and Settings\LUCIEZ\Recent\Lfp Manager 2008 Pc Game Multilang Fr-Ita-Esp-Pol-Deu-Eng-Nl Crack & Serial Inclus Verif Steph Ok.lnk moved successfully.
    C:\Documents and Settings\LUCIEZ\Recent\Proteus Pro V5.20.06 - Complet ( ares + isis) - Avec Crack - En Français.lnk moved successfully.

    OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 10242008_200734
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. psg59
     
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:40:28, on 24/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\explorer.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,???????????????,
    O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
    O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll (file missing)
    O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - (no file)
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Rechercher avec Voila - file://C:\Program Files\WANADOO_TOOLBAR\Cache\SelectedContextSearch.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\LUCIEZ\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O21 - SSODL: vdsrQeieBr - {34A45CE0-9E0E-F64A-C2CD-EFC063E83142} - (no file)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (file missing)
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Spouleur d'impression (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe (file missing)
    O24 - Desktop Component 0: (no name) - C:\Program Files\Windows NT\dicort.html
    0
  7. psg59
     
    Malwarebyte's .

    Malwarebytes' Anti-Malware 1.30
    Version de la base de données: 1306
    Windows 5.1.2600 Service Pack 3

    24/10/2008 22:43:47
    mbam-log-2008-10-24 (22-43-39).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 90605
    Temps écoulé: 56 minute(s), 22 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 2
    Fichier(s) infecté(s): 5

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rhcpdej0e9ar (Rogue.AntivirusXP2008) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> No action taken.

    Dossier(s) infecté(s):
    C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> No action taken.
    C:\Documents and Settings\All Users\Application Data\Frag great bend logo (Trojan.Agent) -> No action taken.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\TDSSerrors.log (Trojan.TDSS) -> No action taken.
    C:\WINDOWS\system32\TDSSevri.dll (Rootkit.Agent) -> No action taken.
    C:\WINDOWS\system32\TDSShpue.dll (Rootkit.Agent) -> No action taken.
    C:\WINDOWS\system32\TDSSjjsm.dll (Rootkit.Agent) -> No action taken.
    C:\WINDOWS\system32\TDSSrrns.dll (Rootkit.Agent) -> No action taken.
    0
  8. psg59
     
    hijackthis:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:51:58, on 24/10/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16735)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\cisvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\FTRTSVC.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Ahead\InCD\InCD.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Wanadoo\GestionnaireInternet.exe
    C:\Program Files\Wanadoo\ComComp.exe
    C:\PROGRA~1\Wanadoo\Toaster.exe
    C:\PROGRA~1\Wanadoo\Inactivity.exe
    C:\PROGRA~1\Wanadoo\PollingModule.exe
    C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
    R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
    F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,???????????????,
    O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
    O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\Program Files\Shareaza\Plugins\RazaWebHook.dll (file missing)
    O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: (no name) - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - (no file)
    O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - (no file)
    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Lexmark 1200 Series] "C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe"
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
    O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: Download with &Shareaza - res://C:\Program Files\Shareaza\Plugins\RazaWebHook.dll/3000
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O8 - Extra context menu item: Rechercher avec Voila - file://C:\Program Files\WANADOO_TOOLBAR\Cache\SelectedContextSearch.htm
    O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe (file missing)
    O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\LUCIEZ\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
    O21 - SSODL: vdsrQeieBr - {34A45CE0-9E0E-F64A-C2CD-EFC063E83142} - (no file)
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe (file missing)
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Unknown owner - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
    O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Console\NSCSRVCE.EXE
    O23 - Service: ProtexisLicensing - Unknown owner - C:\WINDOWS\system32\PSIService.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Spouleur d'impression (Spooler) - Unknown owner - C:\WINDOWS\system32\spoolsv.exe (file missing)
    O24 - Desktop Component 0: (no name) - C:\Program Files\Windows NT\dicort.html
    0
  9. psg59
     
    derniere rapport en date

    Malwarebytes' Anti-Malware 1.25
    Version de la base de données: 1062
    Windows 5.1.2600 Service Pack 3

    19:07:44 20/10/2008
    mbam-log-10-20-2008 (19-07-44).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 87527
    Temps écoulé: 26 minute(s), 31 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 2
    Valeur(s) du Registre infectée(s): 1
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 2
    Fichier(s) infecté(s): 212

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\tdssdata (Trojan.Agent) -> Quarantined and deleted successfully.
    HKEY_LOCAL_MACHINE\SOFTWARE\tdss (Trojan.Agent) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\mule_st_key (Trojan.Agent) -> Delete on reboot.

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\LUCIEZ\Application Data\m (Trojan.Agent) -> Delete on reboot.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\drivers\downld\100140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\100718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\101453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\102328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\103390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\105093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\106312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\107078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\107765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\107859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\109500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\109718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\111046.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\111890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\112671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\113265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\113281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\113296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\113656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\113968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\114343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\114593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\114843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\114953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\115437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\115625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\115921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\116078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\116406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\116609.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\118546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\118625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\120093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\120296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\120562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\120859.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\120953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\121031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\121187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\121375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\121750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\121921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\122171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\122265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\122515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\122953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\123250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\124000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\124296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\124796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\125296.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\125421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\125593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\126187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\126578.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\127406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\127546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\127984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\128250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\128375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\128484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\128562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\129312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\129796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\130281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\131093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\131390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\131890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\131906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\132234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\132468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\133000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\133781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\134468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\134703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\135000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\135140.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\135359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\136984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\137875.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\138156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\138312.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\138890.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\139750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\139781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\139843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\140531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\140562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\140625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\141062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\143015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\143109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\143250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\143328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\145500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\145515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\146531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\146796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\148187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\149265.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\152000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\153125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\155187.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\159421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\159546.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\161968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\162031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\162359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\163750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\164796.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\165406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\166703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\167515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\168937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\172031.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\172062.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\176156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\176203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\179250.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\179671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\179906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\181093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\181750.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\182953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\183000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\183359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\184171.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\185156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\186203.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\188234.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\190906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\191343.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\191437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\193390.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\193656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\193687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\195156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\197828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\198015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\200671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\201093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\201906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\204421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\205015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\207937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\209531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\210281.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\216078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\219671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\219921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\220500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\231218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\234109.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\239921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\267000.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\268156.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\302515.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\305968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\307421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\308218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\309765.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\309984.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\310781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\312125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\312500.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\314562.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\314843.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\317093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\317484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\317937.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\318218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\318953.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\322375.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\322656.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\323484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\324718.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\325781.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\325906.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\330484.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\331625.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\332406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\334703.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\336468.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\342593.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\343218.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\343921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\345531.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\353421.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\390125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\432921.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\476671.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\82687.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\84328.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\86437.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\89453.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\90828.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\91406.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\96015.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\96359.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\97078.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\97093.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\97968.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\drivers\downld\99125.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\LUCIEZ\Application Data\m\data.oct (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\LUCIEZ\Application Data\m\list.oct (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\Documents and Settings\LUCIEZ\Application Data\m\srvlist.oct (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\TDSSl.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\tdssinit.dll (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\tdssservers.dat (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\mdelk.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
    C:\WINDOWS\system32\wintems.exe (Trojan.Spammer) -> Quarantined and deleted successfully.
    C:\Documents and Settings\LUCIEZ\Application Data\m\flec006.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    0
  10. psg59
     
    Malwarebytes' Anti-Malware 1.30
    Version de la base de données: 1306
    Windows 5.1.2600 Service Pack 3

    24/10/2008 22:43:47
    mbam-log-2008-10-24 (22-43-39).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 90605
    Temps écoulé: 56 minute(s), 22 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 0
    Valeur(s) du Registre infectée(s): 3
    Elément(s) de données du Registre infecté(s): 1
    Dossier(s) infecté(s): 2
    Fichier(s) infecté(s): 5

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Valeur(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b2} (Adware.Shopping.Report) -> No action taken.
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Extensions\CmdMapping\{c5428486-50a0-4a02-9d20-520b59a9f9b3} (Adware.Shopping.Report) -> No action taken.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\rhcpdej0e9ar (Rogue.AntivirusXP2008) -> No action taken.

    Elément(s) de données du Registre infecté(s):
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SecurityProviders (Broken.SecurityProviders) -> Bad: (msapsspc.dll schannel.dll digest.dll msnsspc.dll) Good: (msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll) -> No action taken.

    Dossier(s) infecté(s):
    C:\WINDOWS\system32\drivers\downld (Trojan.Agent) -> No action taken.
    C:\Documents and Settings\All Users\Application Data\Frag great bend logo (Trojan.Agent) -> No action taken.

    Fichier(s) infecté(s):
    C:\WINDOWS\system32\TDSSerrors.log (Trojan.TDSS) -> No action taken.
    C:\WINDOWS\system32\TDSSevri.dll (Rootkit.Agent) -> No action taken.
    C:\WINDOWS\system32\TDSShpue.dll (Rootkit.Agent) -> No action taken.
    C:\WINDOWS\system32\TDSSjjsm.dll (Rootkit.Agent) -> No action taken.
    C:\WINDOWS\system32\TDSSrrns.dll (Rootkit.Agent) -> No action taken.
    0
  11. psg59
     
    oui 3 machain

    le scan de combo je le posterai 2main

    bonne nuit
    0
  12. psg59
     
    1ere parti (je les mi en 2 parti car sinon je 'arriver pas a le mettre entièrement)

    ComboFix 08-10-24.02 - LUCIEZ 2008-10-24 23:26:18.1 - NTFSx86
    Microsoft Windows XP Édition familiale 5.1.2600.3.1252.1.1036.18.50 [GMT 2:00]
    Lancé depuis: C:\Documents and Settings\LUCIEZ\Bureau\ComboFix.exe

    [COLOR=RED][B]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/B][/COLOR]
    .

    (((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
    .

    C:\PROGRA~1\Wanadoo\Watch.exe
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\cup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\customer_cup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\heart.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_down.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\menu_up.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\plates.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\ticket.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\accessories\tray.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\music\mainmenumusic.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_bring_check_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_food_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_deliver_order_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_diner.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_dish_dropoff_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_food_ready_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_gain_heart_1.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_get_drinks_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_party_arrive_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pencil_write_2.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_pickup_food_1_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_rollover_1.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\audio\sfx\sfx_seat_people_snd.ogg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\choosedifficulty.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\credits.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_lose.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\flo_win.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help1.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\help2.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\highscores.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelintro_mask.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\levelover_mask.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\mainmenu.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\popup_mask.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradegrid.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upgradetitle.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\backgrounds\upsell.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowleft_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\arrowright_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\back_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalk.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backchalkup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\backtomenu_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancel.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\cancelup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\career_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\close.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\closeup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\continueover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\credits_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\download_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\easy_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\endlessshift_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\hard_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\help_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\highscores_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_blue.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\instructions_yellow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplay.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\letsplayover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\medium_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfo.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\moreinfoup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\off_on.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\on_on.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pause.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\pauseover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quit.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgame.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitgameover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\quitover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegame.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\resumegameover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submit.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\submitup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagain.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\tryagainover.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_over.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\upgrade_up.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobal.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewglobalup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscore.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewhighscoreon.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocal.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\buttons\viewlocalup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\comics\webcomic.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\career.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\customer.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\endless.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\global.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\config\powerups.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\cook.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cook\stove.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\arrow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\click2.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\grab.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\cursor\open.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\blue\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\green\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\purple\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\red\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\old_male\yellow\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\blue\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\green\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\purple\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\red\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\anim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\customers\young_female\yellow\sit_legs.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\idle.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\lower.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\flo\upper.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\arial.mvec
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\fonts\komikaaxis.mvec
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\chair.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt2top.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dirt4top.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\dishcart.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_off.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on1.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\drinkstation_on2.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\furniture\ticketstation.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdown.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowdownon.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowleft.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowlefton.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowright.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowrighton.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\arrowupon.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\p1icon.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\textedit.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\hiscore\title.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_a.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_b.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_1_c.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_a.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_b.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_c.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_2_d.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_a.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_b.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_c.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\endless_1_3_d.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fifth_level_diner.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\first_level_diner.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\fourth_level_diner.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\layouts\second_level_diner.txt
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\playfirst_logo.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\background.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food1.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food2.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\food\food3.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\frames\upgrade_0001.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\2top.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\tables\4top.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\diner\upgrades.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\restaurants\tableshadow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\choosedifficulty.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooseplayer.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\chooserestaurant.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\credits.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\game.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\gothighscore.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\help2.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscore.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoreinfo.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\hiscoresubmit.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelintro.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\levelover.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\loading.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainloop.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\mainmenu.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\ok.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\pause.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\style.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\tutorialintro.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upgrade.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\upsell.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\webcomic.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\scripts\yesno.lua
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\gamelabsplash.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\splash\playfirst_logo.jpg
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\strings.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\angersmoke.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\chairflags.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\check.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\checkmark.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\clock.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closed.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\closingtime.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\coinflip.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\dollar.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\coffee.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\tables.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\doodles\wallpaper.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expert.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\expertscore.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\foodpoof.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\fork_timer.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\goalcompleted.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\heartgrow.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\jar.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\level_career.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\score.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\sound.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staroff.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\staron.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumber.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tablenumberup.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\traynumber.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorial_character.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialarrow.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\tutorialbox.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgradeanim.xml
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\drinks.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\maitred.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\oven.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\select.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\shoes.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\stereo.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\assets\ui\upgrades\table.png
    C:\WINDOWS\Downloaded Program Files\DinerDash.1.0.0.58\dinerdash.exe
    C:\WINDOWS\fnts~1
    C:\WINDOWS\pack.epk
    C:\WINDOWS\system32\drivers\downld
    C:\WINDOWS\system32\ppatch~1
    C:\WINDOWS\system32\TDSSerrors.log
    C:\WINDOWS\system32\TDSSevri.dll
    C:\WINDOWS\system32\TDSShpue.dll
    C:\WINDOWS\system32\TDSSjjsm.dll
    C:\WINDOWS\system32\TDSSrrns.dll
    0
  13. psg59
     
    2eme parti

    .
    ((((((((((((((((((((((((((((((((((((((( Pilotes/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .

    -------\Legacy_BOONTY_GAMES
    -------\Legacy_SYSREST.SYS
    -------\Legacy_TDSSSERV
    -------\Service_Boonty Games
    -------\Service_sysrest.sys
    -------\Service_tdssserv

    ((((((((((((((((((((((((((((( Fichiers créés du 2008-09-24 au 2008-10-24 ))))))))))))))))))))))))))))))))))))
    .

    2008-10-24 21:33 . 2008-10-24 21:35 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
    2008-10-24 21:33 . 2008-10-22 16:10 38,496 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
    2008-10-24 21:33 . 2008-10-22 16:10 15,504 --a------ C:\WINDOWS\system32\drivers\mbam.sys
    2008-10-24 20:40 . 2008-10-24 20:40 <REP> d-------- C:\Program Files\Trend Micro
    2008-10-24 20:07 . 2008-10-24 20:07 <REP> d-------- C:\_OTMoveIt
    2008-10-24 19:57 . 2008-10-15 18:35 337,408 -----c--- C:\WINDOWS\system32\dllcache\netapi32.dll
    2008-10-24 17:27 . 2008-10-24 17:27 4,608 --ahs---- C:\WINDOWS\Thumbs.db
    2008-10-22 17:38 . 2008-10-24 23:09 <REP> d-------- C:\Program Files\FindyKill
    2008-10-22 17:09 . 2008-10-22 17:09 <REP> d-------- C:\!KillBox
    2008-10-20 18:27 . 2008-10-12 19:27 1,253,900 --a------ C:\WINDOWS\_detmp.1
    2008-10-15 06:50 . 2008-08-14 15:23 2,191,232 -----c--- C:\WINDOWS\system32\dllcache\ntoskrnl.exe
    2008-10-15 06:50 . 2008-08-14 15:23 2,147,328 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlmp.exe
    2008-10-15 06:50 . 2008-08-14 15:23 2,068,096 -----c--- C:\WINDOWS\system32\dllcache\ntkrnlpa.exe
    2008-10-15 06:50 . 2008-08-14 15:23 2,025,984 -----c--- C:\WINDOWS\system32\dllcache\ntkrpamp.exe
    2008-10-15 06:50 . 2008-09-15 17:26 1,846,528 -----c--- C:\WINDOWS\system32\dllcache\win32k.sys
    2008-10-15 06:49 . 2008-09-08 12:41 333,824 -----c--- C:\WINDOWS\system32\dllcache\srv.sys
    2008-10-07 16:36 . 2008-10-07 16:36 <REP> d-------- C:\Documents and Settings\All Users\Application Data\lic
    2008-10-07 16:32 . 2008-10-07 16:32 0 --a------ C:\WINDOWS\SRCEDIT.INI
    2008-09-25 17:12 . 2008-10-04 16:41 20 --a------ C:\WINDOWS\CROCCLIP.INI

    .
    (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-10-24 21:32 --------- d-----w C:\Program Files\Wanadoo
    2008-10-20 16:54 --------- d-----w C:\Program Files\Macromedia
    2008-10-20 16:53 --------- d-----w C:\Program Files\Fichiers communs\Macromedia
    2008-10-20 16:40 --------- d--h--w C:\Program Files\InstallShield Installation Information
    2008-10-19 15:45 --------- d-----w C:\Program Files\GameSpy Arcade
    2008-10-15 15:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-10-03 15:49 --------- d-----w C:\Program Files\GameShadow
    2008-10-03 15:47 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-10-03 15:42 --------- d-----w C:\Program Files\PC Camera
    2008-09-21 12:37 --------- d-----w C:\Program Files\Lexmark 1200 Series
    2008-09-20 17:57 61,440 ----a-w C:\WINDOWS\system32\drivers\lhobhju.sys
    2008-09-19 16:58 --------- d-----w C:\Documents and Settings\LUCIEZ\Application Data\Corel
    2008-09-17 17:29 --------- d-----w C:\Program Files\eMule
    2008-09-17 17:27 --------- d-----w C:\Documents and Settings\LUCIEZ\Application Data\eMule
    2008-09-13 11:34 --------- d-----w C:\Documents and Settings\LUCIEZ\Application Data\Shareaza
    2008-09-10 09:51 --------- d-----w C:\Program Files\CCleaner
    2008-09-08 10:41 333,824 ----a-w C:\WINDOWS\system32\drivers\srv.sys
    2008-08-25 16:13 61,440 ----a-w C:\WINDOWS\system32\drivers\igtcdv.sys
    2008-08-25 10:23 0 ----a-w C:\WINDOWS\system32\drivers\a70c762c.sys
    2004-08-19 23:09 60,416 -csha-w C:\WINDOWS\BricoPacks\SysFiles\80_msimn.exe
    .

    ((((((((((((((((((((((((((((((((( Points de chargement Reg ))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 15360]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 32768]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 155648]
    "InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2004-09-07 1400944]
    "Lexmark 1200 Series"="C:\Program Files\Lexmark 1200 Series\lxczbmgr.exe" [2006-03-16 57344]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2008-04-14 15360]

    C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
    Adobe Gamma Loader.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2008-10-12 110592]

    [HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\[u]0/u]
    Source= C:\Program Files\Windows NT\dicort.html
    FriendlyName=

    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avldr]
    2007-02-15 21:02 50736 C:\WINDOWS\system32\avldr.dll

    [HKEY_LOCAL_MACHINE\software\microsoft\security center]
    "AntiVirusOverride"=dword:00000001
    "FirewallOverride"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\eMule\\emule.exe"=
    "C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
    "C:\\WINDOWS\\system32\\LEXPPS.EXE"=
    "<NO NAME>"=
    "C:\\WINDOWS\\system32\\dplaysvr.exe"=
    "C:\\Program Files\\GameSpy Arcade\\Aphex.exe"=
    "%windir%\\Network Diagnostic\\xpnetdiag.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    S1 a70c762c;a70c762c;C:\WINDOWS\system32\drivers\a70c762c.sys [2008-08-25 0]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{2e1785c3-33df-11dd-9c9a-00112f735914}]
    \Shell\AutoRun\command - F:\autorun.exe
    .
    Contenu du dossier 'Tâches planifiées'

    2008-10-11 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
    - C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
    .
    - - - - ORPHELINS SUPPRIMES - - - -

    HKLM-Run-WOOWATCH - C:\PROGRA~1\Wanadoo\Watch.exe
    HKLM-Run-avgnt - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    HKLM-Run-NWEReboot - (no file)
    SSODL-vdsrQeieBr-{34A45CE0-9E0E-F64A-C2CD-EFC063E83142} - (no file)

    .
    ------- Examen supplémentaire -------
    .
    FireFox -: Profile - C:\Documents and Settings\LUCIEZ\Application Data\Mozilla\Firefox\Profiles\ozscex31.default\
    FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
    FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.orange.fr/bin/frame.cgi?u=http%3A//sports.orange.fr/
    FF -: plugin - C:\Documents and Settings\All Users\Application Data\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npagent.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
    FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll
    .

    **************************************************************************

    catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-10-24 23:32:27
    Windows 5.1.2600 Service Pack 3 NTFS

    Recherche de processus cachés ...

    Recherche d'éléments en démarrage automatique cachés ...

    Recherche de fichiers cachés ...

    Scan terminé avec succès
    Fichiers cachés: 0

    **************************************************************************
    .
    --------------------- DLLs chargées dans les processus actifs ---------------------

    PROCESSUS: C:\WINDOWS\system32\winlogon.exe
    -> C:\WINDOWS\system32\Ati2evxx.dll
    .
    ------------------------ Autres processus actifs ------------------------
    .
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\WINDOWS\system32\drivers\CDAC11BA.EXE
    C:\WINDOWS\system32\FTRTSVC.exe
    C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
    C:\WINDOWS\system32\PSIService.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
    C:\Program Files\Lexmark 1200 Series\lxczbmon.exe
    .
    **************************************************************************
    .
    Heure de fin: 2008-10-24 23:36:37 - La machine a redémarré [LUCIEZ]
    ComboFix-quarantined-files.txt 2008-10-24 21:36:32

    Avant-CF: 152,415,141,888 octets libres
    Après-CF: 152,406,130,688 octets libres

    453 --- E O F --- 2008-10-24 17:58:20
    0
  14. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    Salut,

    du ménage de fais .... ^^

    dis moi comment va le PC maintenant ... du mieux ?

    Essayes de lancer AntiVir et dis si le PC te dis toujours "n'est pas une application pour win32 valide"

    ensuite on continue :

    1- Rends toi sur ce site :

    https://www.virustotal.com/gui/

    Copies ce qui suit et colles le dans l'espace pour la recherche :
    C:\Program Files\Mozilla Firefox\plugins\npagent.dll

    Cliques sur Send File ( = " Envoyer le fichier " ).

    Un rapport va s'élaborer ligne à ligne.

    Attends bien la fin ... Il doit comprendre la taille du fichier envoyé.

    Sauvegarde le rapport avec le bloc-note.

    Copies le dans ta prochaine réponse ...

    ( Si VirusTotal indique que le fichier a déjà été analysé, clique sur le bouton Ré-analyse le fichier maintenant )

    Fais de même pour :
    C:\Program Files\Mozilla Firefox\plugins\npmozax.dll
    C:\Program Files\Mozilla Firefox\plugins\npzylomgamesplayer.dll


    postes moi donc ces 3 rapports ( surtout le début avec le listing des AV , et en précisant bien au début de chacuns à quel fichier ils correspondent ) ...

    Une fois ceci posté , enchaines avec la suite :

    2- Télécharges UsbFix de Chiquitine29 sur ton bureau :

    http://sd-1.archive-host.com/membres/up/116615172019703188/UsbFix.exe

    ! Déconnectes toi d'internet et fermes toutes applications en cours !

    --> Double-cliques sur l' .exe pour lancer l'installation de l'outil ( ne touche pas aux paramètres d'installe ) .

    Branches toutes tes unités externes à ton PC (clé USB, DD externe, flash disk, lecteur MP3, etc...) succeptibles d'avoir été infectés ( mais sans les ouvrir ! ) .

    --> Double-cliques sur le raccourci "UsbFix" qui est sur ton bureau pour lancer l'outil et laisses le travailler .

    --> Le pc va redémarrer .

    --> Une fois de retour à ton bureau , le rapport "UsbFix.txt" s'affiche .
    Fais un copier/coller de son contenu dans ta prochaine réponse pour analyse et attends la suite ....

    ( Note : le rapport UsbFix.txt est sauvegardé a la racine du disque dur > C:\UsbFix.txt )

    PS : Si le Bureau ne réapparait pas, presses Ctrl + Alt + Suppr , Onglet "Fichier"-> "Nouvelle tâche":
    tapes explorer.exe et valides .

    3- refais un scan hijackthis , postes le nouveau rapport obtenu et attends la suite ...

    0
  15. psg59
     
    oui la tout va mieu plus aucun message de win32 plus aucun probleme

    esque je fait ce que tu a marquer ?
    0
    1. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
       
      esque je fait ce que tu a marquer ?

      -> bien sûr ;)

      tu as encore d'autres infections que l'on va supprimer ... ^^
      0
  16. psg59
     
    1 nom

    information additionnelle
    File size: 437760 bytes
    MD5...: 7c3dcf52db9b8a584973cc1ff5bcf329
    SHA1..: 7828cc22af8d54a59109288321c2a1a8ad394873
    SHA256: a236e45b72e3ac2c05885dc15c868a634286d269eb14ca97aa2a60a68112ba8a
    SHA512: 13292eaf4b794be05ddda538fcec570d5f8fc7928088cb1687aabc0615c7f47e
    a376bd2727f6ccede1559cd7a3073be42768685786136b8cbe95e58bde670203
    PEiD..: -
    TrID..: File type identification
    Win32 Executable Delphi generic (50.1%)
    Win32 Executable Generic (29.1%)
    Win16/32 Executable Delphi generic (7.0%)
    Generic Win/DOS Executable (6.8%)
    DOS Executable Generic (6.8%)
    PEInfo: PE Structure information

    ( base data )
    entrypointaddress.: 0x45d8d4
    timedatestamp.....: 0x2a425e19 (Fri Jun 19 22:22:17 1992)
    machinetype.......: 0x14c (I386)

    ( 7 sections )
    name viradd virsiz rawdsiz ntrpy md5
    CODE 0x1000 0x5c900 0x5ca00 6.45 805df99df56038494de2be9eaeb7f410
    DATA 0x5e000 0x2088 0x2200 5.28 b9648950ca1a61460a1edf523c24e00d
    BSS 0x61000 0x14dd 0x0 0.00 d41d8cd98f00b204e9800998ecf8427e
    .idata 0x63000 0x200e 0x2200 4.78 6bc9f3f91755a745734dd2671c10e7e0
    .edata 0x66000 0x97 0x200 1.78 209114ec06a18556cc7b557d238f1117
    .reloc 0x67000 0x52c4 0x5400 6.71 44ac2c3fec0f5f5a2599abd2ac8139a2
    .rsrc 0x6d000 0x449c 0x4600 3.72 037d8d93d899d184a07f55099fc33674

    ( 14 imports )
    > kernel32.dll: DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpyA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetModuleFileNameA, GetLocaleInfoA, GetLastError, GetCommandLineA, FreeLibrary, ExitProcess, WriteFile, SetFilePointer, SetEndOfFile, RtlUnwind, ReadFile, RaiseException, GetStdHandle, GetFileSize, GetFileType, CreateFileA, CloseHandle
    > user32.dll: GetKeyboardType, LoadStringA, MessageBoxA
    > advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegCloseKey
    > oleaut32.dll: SafeArrayGetElement, SafeArrayGetUBound, VariantChangeTypeEx, VariantCopyInd, VariantClear, SysStringLen, SysFreeString, SysReAllocStringLen, SysAllocStringLen
    > kernel32.dll: TlsSetValue, TlsGetValue, TlsFree, TlsAlloc, LocalFree, LocalAlloc, GetModuleFileNameA
    > advapi32.dll: RegQueryValueExA, RegOpenKeyExA, RegEnumValueA, RegEnumKeyA, RegCloseKey, OpenThreadToken, OpenProcessToken, GetTokenInformation, FreeSid, EqualSid, AllocateAndInitializeSid
    > kernel32.dll: lstrlenW, lstrlenA, WriteFile, WaitForSingleObject, VirtualQuery, VirtualFree, VirtualAlloc, Sleep, SizeofResource, SetThreadPriority, SetThreadLocale, SetPriorityClass, SetLastError, SetFilePointer, SetEvent, SetErrorMode, SetEndOfFile, ReadFile, MultiByteToWideChar, MulDiv, LockResource, LoadResource, LoadLibraryA, LeaveCriticalSection, IsBadReadPtr, InitializeCriticalSection, GlobalUnlock, GlobalReAlloc, GlobalMemoryStatus, GlobalHandle, GlobalLock, GlobalFree, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetWindowsDirectoryA, GetVersionExA, GetVersion, GetThreadPriority, GetThreadLocale, GetTempPathA, GetSystemInfo, GetSystemDirectoryA, GetProcAddress, GetPriorityClass, GetModuleHandleA, GetModuleFileNameA, GetLogicalDrives, GetLocaleInfoA, GetLocalTime, GetLastError, GetExitCodeThread, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentThread, GetCurrentProcessId, GetCurrentProcess, GetComputerNameA, GetCPInfo, FreeResource, FreeLibrary, FormatMessageA, FindResourceA, FindNextFileA, FindFirstFileA, FindClose, FileTimeToSystemTime, FileTimeToLocalFileTime, FileTimeToDosDateTime, EnterCriticalSection, DeviceIoControl, DeleteCriticalSection, CreateThread, CreateFileA, CreateEventA, CopyFileA, CompareStringA, CloseHandle
    > version.dll: VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA
    > gdi32.dll: UnrealizeObject, TextOutA, StretchBlt, SetWindowOrgEx, SetWinMetaFileBits, SetViewportOrgEx, SetTextColor, SetStretchBltMode, SetROP2, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, SaveDC, RestoreDC, Rectangle, RectVisible, RealizePalette, PlayEnhMetaFile, PatBlt, MoveToEx, MaskBlt, LineTo, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetTextMetricsA, GetTextExtentPointA, GetSystemPaletteEntries, GetStockObject, GetPixel, GetPaletteEntries, GetObjectA, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetCurrentPositionEx, GetBrushOrgEx, GetBitmapBits, ExcludeClipRect, EnumFontsA, EnumFontFamiliesExA, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreateRectRgn, CreatePenIndirect, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, BitBlt
    > user32.dll: WindowFromPoint, WinHelpA, UpdateWindow, UnregisterClassA, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, SystemParametersInfoA, ShowWindow, ShowOwnedPopups, ShowCursor, SetWindowRgn, SetWindowsHookExA, SetWindowTextA, SetWindowPos, SetWindowPlacement, SetWindowLongA, SetTimer, SetScrollPos, SetScrollInfo, SetRect, SetPropA, SetMenu, SetForegroundWindow, SetFocus, SetCursor, SetCapture, SetActiveWindow, SendMessageA, ScrollWindow, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterClassA, PtInRect, PostQuitMessage, PostMessageA, PeekMessageA, OffsetRect, OemToCharA, MoveWindow, MessageBoxA, MapVirtualKeyA, LoadStringA, LoadIconA, LoadCursorA, KillTimer, IsZoomed, IsWindowVisible, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageA, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, GetWindowTextA, GetWindowRgn, GetWindowRect, GetWindowPlacement, GetWindowLongA, GetWindowDC, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColor, GetSubMenu, GetScrollPos, GetPropA, GetParent, GetWindow, GetMenuStringA, GetMenuState, GetMenuItemCount, GetMenu, GetLastActivePopup, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardData, GetClientRect, GetClassInfoA, GetCapture, GetActiveWindow, FrameRect, FillRect, EqualRect, EnumWindows, EnumThreadWindows, EndPaint, EnableWindow, EnableMenuItem, DrawTextA, DrawMenuBar, DrawIcon, DrawEdge, DispatchMessageA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DeleteMenu, DefWindowProcA, DefMDIChildProcA, DefFrameProcA, CreateWindowExA, CreatePopupMenu, CreateMenu, CreateIcon, ClientToScreen, CheckMenuItem, CallWindowProcA, CallNextHookEx, BeginPaint, CharLowerBuffA, CharLowerA, CharUpperBuffA, AdjustWindowRectEx, ActivateKeyboardLayout
    > comctl32.dll: ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_SetDragCursorImage, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Create
    > wsock32.dll: getprotobyname
    > kernel32.dll: GetThreadLocale
    > shell32.dll: SHGetSpecialFolderLocation, SHGetPathFromIDListA

    ( 4 exports )
    DetectHardware, NP_GetEntryPoints, NP_Initialize, NP_Shutdown
    0
  17. psg59
     
    2eme

    Information additionnelle
    File size: 114688 bytes
    MD5...: bb2fd4632cbf410c584bab0be026b733
    SHA1..: da1433810446595bb38fdbc3a664ffb09e81d06c
    SHA256: 1056248d3674adbc9e33e81f836a578b0e830c054da5a35723fe7072976c3ba6
    SHA512: 541b333b24e5943ba7d8d5ca052b450138d51b915760dfa512e7403144738994
    995358ea0bc4304f7aa75e28b6a4a6cd04f608729d100bd6c5dce40f68d4a631
    PEiD..: Armadillo v1.xx - v2.xx
    TrID..: File type identification
    Win32 Executable Generic (42.3%)
    Win32 Dynamic Link Library (generic) (37.6%)
    Generic Win/DOS Executable (9.9%)
    DOS Executable Generic (9.9%)
    Autodesk FLIC Image File (extensions: flc, fli, cel) (0.0%)
    PEInfo: PE Structure information

    ( base data )
    entrypointaddress.: 0x1000efef
    timedatestamp.....: 0x4394bfa5 (Mon Dec 05 22:31:01 2005)
    machinetype.......: 0x14c (I386)

    ( 5 sections )
    name viradd virsiz rawdsiz ntrpy md5
    .text 0x1000 0xf76c 0x10000 6.27 64eeb70b49957270940931a242345cb0
    .rdata 0x11000 0x5b9e 0x6000 4.95 78fcd9240e87ad7eb577a0b05ed3f27d
    .data 0x17000 0xa6c 0x1000 3.30 c6605533ded111322d48110ff58dd584
    .rsrc 0x18000 0x508 0x1000 1.31 a9f4dad23c03df801408f75ea58dc5c2
    .reloc 0x19000 0x270e 0x3000 5.52 9f0f1a67033bda5c88b42bac82ec5a92

    ( 12 imports )
    > xpcom_core.dll: _AppendUTF16toUTF8@@YAXPBGAAVnsACString_internal@@@Z, NS_Alloc_P, _NS_NewByteArrayInputStream@@YAIPAPAVnsIByteArrayInputStream@@PADK@Z, NS_Free_P, _Assign@nsSubstring@@QAEXPBGI@Z, _assign_from_gs_cid_with_error@nsCOMPtr_base@@QAEXABVnsGetServiceByCIDWithError@@ABUnsID@@@Z, _AppendUTF16toUTF8@@YAXABVnsAString_internal@@AAVnsACString_internal@@@Z, __0nsGetInterface@@QAE@PAVnsISupports@@PAI@Z, __0nsCreateInstanceByContractID@@QAE@PBDPAVnsISupports@@PAI@Z, _assign_from_helper@nsCOMPtr_base@@QAEXABVnsCOMPtr_helper@@ABUnsID@@@Z, _sCanonicalVTable@nsObsoleteAString@@2PBXB, _sEmptyBuffer@_$nsCharTraits@D@@2PBDB, _Adopt@nsCSubstring@@QAEXPADI@Z, _AssignWithConversion@nsString@@QAEXABVnsACString_internal@@@Z, __1nsAString_internal@@QAE@XZ, _sEmptyBuffer@_$nsCharTraits@G@@2PBGB, _Adopt@nsSubstring@@QAEXPAGI@Z, _AssignWithConversion@nsString@@QAEXPBDH@Z, _CopyUTF8toUTF16@@YAXABVnsACString_internal@@AAVnsAString_internal@@@Z, _sCanonicalVTable@nsObsoleteACString@@2PBXB, _assign_from_qi@nsCOMPtr_base@@QAEXVnsQueryInterface@@ABUnsID@@@Z, _Equals@nsSubstring@@QBEHABV1@@Z, _ToNewUnicode@@YAPAGABVnsAString_internal@@@Z, ___7nsGetInterface@@6B@, _CallGetService@@YAIPBDABUnsID@@PAPAX@Z, _GetWeakReference@nsSupportsWeakReference@@UAGIPAPAVnsIWeakReference@@@Z, __1nsSupportsWeakReference@@IAE@XZ, ___7nsSupportsWeakReference@@6B@, _assign_from_qi_with_error@nsCOMPtr_base@@QAEXABVnsQueryInterfaceWithError@@ABUnsID@@@Z, __1nsACString_internal@@QAE@XZ, _assign_from_gs_contractid_with_error@nsCOMPtr_base@@QAEXABVnsGetServiceByContractIDWithError@@ABUnsID@@@Z, _assign_from_gs_contractid@nsCOMPtr_base@@QAEXVnsGetServiceByContractID@@ABUnsID@@@Z, _assign_with_AddRef@nsCOMPtr_base@@QAEXPAVnsISupports@@@Z, __1nsCOMPtr_base@@QAE@XZ
    > plc4.dll: PL_strcmp
    > js3250.dll: JS_GetGlobalObject, JS_CompileScriptForPrincipals, JS_DropPrincipals
    > KERNEL32.dll: LocalFree, DebugBreak, WideCharToMultiByte, lstrcpyA, lstrlenW, EnterCriticalSection, LeaveCriticalSection, LoadLibraryA, GetProcAddress, FreeLibrary, DeleteCriticalSection, HeapDestroy, InitializeCriticalSection, DisableThreadLibraryCalls, CreateEventA, CloseHandle, lstrlenA, MultiByteToWideChar, InterlockedDecrement, InterlockedIncrement
    > USER32.dll: TranslateMessage, GetMessageA, MsgWaitForMultipleObjects, PeekMessageA, SetWindowLongA, GetWindowLongA, GetClientRect, LoadStringA, GetSysColor, FillRect, GetWindowDC, ReleaseDC, InvalidateRect, IntersectRect, GetDC, InvalidateRgn, DispatchMessageA
    > GDI32.dll: SetViewportOrgEx, SelectObject, CreateCompatibleBitmap, DeleteDC, BitBlt, CreateRectRgnIndirect, DPtoLP, LPtoDP, SetMapMode, SelectClipRgn, CreateSolidBrush, CreateCompatibleDC, CombineRgn, DeleteObject
    > ADVAPI32.dll: RegOpenKeyExA, RegQueryValueExA, RegCloseKey
    > ole32.dll: ProgIDFromCLSID, CLSIDFromString, CoCreateInstance, StringFromCLSID, CreateBindCtx, CoTaskMemFree
    > OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -
    > urlmon.dll: CoGetClassObjectFromURL, CreateURLMoniker, RegisterBindStatusCallback, RevokeBindStatusCallback, CreateAsyncBindCtx
    > MSVCRT.dll: _ftol, wcsrchr, swscanf, memset, __CxxFrameHandler, free, __2@YAPAXI@Z, strncpy, _snprintf, strlen, wcscmp, strcmp, realloc, malloc, memcpy, memcmp, wcsncpy, wcslen, _purecall, _wcsicmp, _CxxThrowException, _except_handler3, _terminate@@YAXXZ, _initterm, _adjust_fdiv, __dllonexit, _onexit, _wcsnicmp, __1type_info@@UAE@XZ, sprintf, _strdup, _strnicmp, _stricmp, _wcsdup
    > plds4.dll: PL_HashTableRemove, PL_NewHashTable, PL_HashTableLookup, PL_HashTableDestroy, PL_HashTableAdd

    ( 3 exports )
    NP_GetEntryPoints, NP_Initialize, NP_Shutdown
    0
  18. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    Stop ! .... c'est l'autre partie du rapport qui m'intéresse ! ^^

    celle avec le listing des Antivirus .....

    repostes moi tout cela stp ....
    0
  19. psg59
     
    ok excuse moi

    1er

    Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 2008.10.24.3 2008.10.24 -
    AntiVir 7.9.0.9 2008.10.24 -
    Authentium 5.1.0.4 2008.10.24 -
    Avast 4.8.1248.0 2008.10.25 -
    AVG 8.0.0.161 2008.10.25 -
    BitDefender 7.2 2008.10.25 -
    CAT-QuickHeal 9.50 2008.10.24 -
    ClamAV 0.93.1 2008.10.25 -
    DrWeb 4.44.0.09170 2008.10.25 -
    eSafe 7.0.17.0 2008.10.23 -
    eTrust-Vet 31.6.6168 2008.10.25 -
    Ewido 4.0 2008.10.25 -
    F-Prot 4.4.4.56 2008.10.24 -
    F-Secure 8.0.14332.0 2008.10.25 -
    Fortinet 3.113.0.0 2008.10.25 -
    GData 19 2008.10.25 -
    Ikarus T3.1.1.44.0 2008.10.25 -
    K7AntiVirus 7.10.506 2008.10.24 -
    Kaspersky 7.0.0.125 2008.10.25 -
    McAfee 5415 2008.10.25 -
    Microsoft 1.4005 2008.10.25 -
    NOD32 3555 2008.10.25 -
    Norman 5.80.02 2008.10.24 -
    Panda 9.0.0.4 2008.10.25 -
    PCTools 4.4.2.0 2008.10.24 -
    Prevx1 V2 2008.10.25 -
    Rising 21.00.52.00 2008.10.25 -
    SecureWeb-Gateway 6.7.6 2008.10.24 -
    Sophos 4.35.0 2008.10.25 -
    Sunbelt 3.1.1753.1 2008.10.25 -
    Symantec 10 2008.10.25 -
    TheHacker 6.3.1.0.126 2008.10.25 -
    TrendMicro 8.700.0.1004 2008.10.24 -
    VBA32 3.12.8.8 2008.10.25 -
    ViRobot 2008.10.24.1436 2008.10.24 -
    VirusBuster 4.5.11.0 2008.10.24 -
    0
  20. sKe69 Messages postés 21955 Statut Contributeur sécurité 463
     
    Aucun prb ;)

    continues pour les autres ....
    0
  21. psg59
     
    2 eme

    Antivirus Version Dernière mise à jour Résultat
    AhnLab-V3 2008.10.24.3 2008.10.24 -
    AntiVir 7.9.0.9 2008.10.24 -
    Authentium 5.1.0.4 2008.10.24 -
    Avast 4.8.1248.0 2008.10.25 -
    AVG 8.0.0.161 2008.10.25 -
    BitDefender 7.2 2008.10.25 -
    CAT-QuickHeal 9.50 2008.10.24 -
    ClamAV 0.93.1 2008.10.25 -
    DrWeb 4.44.0.09170 2008.10.25 -
    eSafe 7.0.17.0 2008.10.23 -
    eTrust-Vet 31.6.6168 2008.10.25 -
    Ewido 4.0 2008.10.25 -
    F-Prot 4.4.4.56 2008.10.24 -
    F-Secure 8.0.14332.0 2008.10.25 -
    Fortinet 3.113.0.0 2008.10.25 -
    GData 19 2008.10.25 -
    Ikarus T3.1.1.44.0 2008.10.25 -
    K7AntiVirus 7.10.506 2008.10.24 -
    Kaspersky 7.0.0.125 2008.10.25 -
    McAfee 5415 2008.10.25 -
    Microsoft 1.4005 2008.10.25 -
    NOD32 3555 2008.10.25 -
    Norman 5.80.02 2008.10.24 -
    Panda 9.0.0.4 2008.10.25 -
    PCTools 4.4.2.0 2008.10.24 -
    Prevx1 V2 2008.10.25 -
    Rising 21.00.52.00 2008.10.25 -
    SecureWeb-Gateway 6.7.6 2008.10.24 -
    Sophos 4.35.0 2008.10.25 -
    Sunbelt 3.1.1753.1 2008.10.25 -
    Symantec 10 2008.10.25 -
    TheHacker 6.3.1.0.126 2008.10.25 -
    TrendMicro 8.700.0.1004 2008.10.24 -
    VBA32 3.12.8.8 2008.10.25 -
    ViRobot 2008.10.24.1436 2008.10.24 -
    VirusBuster 4.5.11.0 2008.10.24 -
    0
  • 1
  • 2
  • 3
  • 4