|
| |||||||
| S'inscrire | Site Spy | Liste des membres | Faire un don | Recherche | Aujourd'hui, les postes | Marquer les forums comme lus | Forum Rules |
 |
 |
| | Thread Tools |
|
#1
27 septembre 2008, 18:16
| |||
| |||
| Iexplore.exe question iexplore.exe ne cesse d'apparaître sur mon gestionnaire de tâches, en dépit du fait que je n'utilise pas IE. Il s'agit de prendre mon ordinateur est lent, il n'y êtes pop ups, parfois il n'ya pas de pop up, juste une voix qui disait: «Félicitations, vous avez gagné ____" (SO freaky), ou les sons comme une fenêtre d'erreur apparaissant ou en cliquant sur quelque chose quand je suis ne rien faire et rien ne s'affiche sur l'écran (en fait, cela rend mon ordinateur sonore hanté! Haha en tout cas) Logfile de Trend Micro HijackThis v2.0.2 Scan saved at 9:12:42 PM, le 9/27/2008 Plate-forme: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe C: \ WINDOWS \ system32 \ LEXBCES.EXE C: \ WINDOWS \ system32 \ spoolsv.exe C: \ WINDOWS \ system32 \ LEXPPS.EXE C: \ Program Files \ Fichiers communs \ AOL \ ACS \ AOLAcsd.exe C: \ Program Files \ Fichiers communs \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ WINDOWS \ system32 \ dlcxcoms.exe C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Fichiers communs \ Microsoft Shared \ VS7DEBUG \ Mdm.exe C: \ Program Files \ Dell \ QuickSet \ NICCONFIGSVC.exe C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe C: \ WINDOWS \ system32 \ rpcnet.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ spysweeper.exe C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ commagent.exe C: \ WINDOWS \ Explorer.EXE C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ Dell \ QuickSet \ quickset.exe C: \ WINDOWS \ system32 \ Rundll32.exe C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ Viewpoint \ Viewpoint Manager \ ViewMgr.exe C: \ WINDOWS \ system32 \ Wuauclt.exe C: \ WINDOWS \ system32 \ SJv56bM4.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ Program Files \ ErrorSmart \ ErrorSmart.exe C: \ Program Files \ Fichiers communs \ AOL \ 1155864818 \ ee \ AOLSoftware.exe C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ acrord32.exe C: \ Program Files \ America Online 9.0 \ shellmon.exe C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.bridgew.edu/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.bridgew.edu/ O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O2 - BHO: Class Solution - (99C6D1BB-7555-474C-91DA-D8FB62A9CC75) - C: \ WINDOWS \ system32 \ 58VayB0u.dll O2 - BHO: Viewpoint Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Program Files \ Viewpoint \ Viewpoint Toolbar \ 3.8.0 \ ViewBarBHO.dll O3 - Toolbar: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O3 - Toolbar: Viewpoint Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Program Files \ Fichiers communs \ Viewpoint \ Toolbar Runtime \ 3.8.0 \ IEViewBar.dll O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [Dell QuickSet] C: \ Program Files \ Dell \ QuickSet \ quickset.exe O4 - HKLM \ .. \ Run: [NvMediaCenter] Rundll32.exe NvMCTray.dll, NvTaskbarInit O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.exe O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [DLCXCATS] rundll32 C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ e.dll DLCXtim, _RunDLLEntry @ 16 O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Program Files \ ErrorSmart \ ErrorSmart.exe O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKCU \ .. \ Run: [AOL Fast Start] "C: \ Program Files \ America Online 9.0 \ AOL.EXE"-b O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 -. DEFAULT Startup: Clean Access Reader.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe (User 'Default user') O4 - Startup: Clean Access Reader.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel présent O8 - Extra du menu contextuel: & AOL Toolbar search - res: / / C: \ Program Files \ AOL Toolbar \ toolbar.dll / search.html O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000 O8 - Extra context menu item: S'abonner au lecteur RSS par défaut - C: \ Documents and Settings \ Administrateur \ Application Data \ RssBandit \ iecontext_subscribefeed.htm O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra button: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL O9 - Extra button: Real.com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Program Files \ PokerStars.NET \ PokerStarsUpdate.exe O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O15 - Trusted Zone: *. bridgew.edu O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?link...67&clcid=0x409 O16 - DPF: (5e2a3510-4371-11d6-B64C-00c04faedb18) (Oracle JInitiator 1.1.8.18) -- http://frmserv.bridgew.edu/jinitiator/jinit.exe O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://update.microsoft.com/windowsu...?1121111428606 O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1121873156643 O16 - DPF: (BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://aolsvc.aol.com/onlinegames/fr...g.1.0.0.33.cab O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Fichiers communs \ Adobe Systems Shared \ Service \ Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C: \ Program Files \ Fichiers communs \ AOL \ ACS \ AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C: \ Program Files \ Fichiers communs \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C: \ WINDOWS \ System32 \ Ati2evxx.exe O23 - Service: CSIScanner - Prevx - C: \ Program Files \ PrevxCSI \ prevxcsi.exe O23 - Service: dlcx_device - - C: \ WINDOWS \ system32 \ dlcxcoms.exe O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ LEXBCES.EXE O23 - Service: NICCONFIGSVC - Dell Inc - C: \ Program Files \ Dell \ QuickSet \ NICCONFIGSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - ALWIL Software - C: \ WINDOWS \ system32 \ rpcnet.exe O23 - Service: Intel (R) PROSet / Wireless Service (S24EventMonitor) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe O23 - Service: Webroot CommAgent Service (WebrootCommAgentService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ commagent.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ spysweeper.exe O23 - Service: Intel (R) PROSet / Wireless SSO Service (WLANKEEPER) - Intel (R) Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe -- End of file - 10609 bytes |
|
#2
27 septembre 2008, 19:15
| |||
| |||
| Iexplore.exe question Bienvenue sur CJ. S'il vous plaît imprimer ces instructions, car ils seront nécessaires plus tard, lorsque l'accès à Internet n'est pas disponible. Télécharger SDFix par AndyManchesta et de l'enregistrer sur votre bureau. Lors de l'utilisation de cet outil, vous devez utiliser la Administrateur du compte ou un compte à Des droits d'administration
Ouvrez le dossier SDFix et double-cliquez sur RunThis.bat pour lancer le script.
__________________  |
|
#3
27 septembre 2008, 20:24
| |||
| |||
| Iexplore.exe question SDFix: Version 1.229 Géré par l'administrateur le sam 09/27/2008 à 10:50 pm Microsoft Windows XP [Version 5.1.2600] Running From: C: \ SDFix Checking Services : Restaurer les valeurs par défaut de sécurité Restauration de fichier Hosts par défaut Redémarrage Vérification des fichiers : N ° Trojan Files Found Suppression de fichiers temporaires ADS Check : Vérification finale : catchme 0.3.1361.2 W2K/XP/Vista - rootkit / stealth malware detector par Gmer, http://www.gmer.net Rootkit scan 2008-09-27 23:14:36 Windows 5.1.2600 Service Pack 2 NTFS scanning processus cachés ... scanning hidden services & ruche système ... numérisation des entrées de registre cachés ... de balayage des fichiers cachés ... scan effectué avec succès processus cachés: 0 hidden services: 0 les fichiers cachés: 0 Remaining Services : Authorized Application Key Export: [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ SharedAccess \ Parameters \ FirewallPolicy \ standard profile \ authorizedapplications \ list] "% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ syste m32 \ \ sessmgr.exe: *: enabled: @ xpsp2res.dll, -22019" "C: \ \ Program Files \ \ RssBandit \ \ RSSBandit.exe" = "C: \ \ Program Files \ \ RssBandit \ \ RSSBandit.exe: *: Enabled: RSS Bandit" "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe" = "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe: *: Enabled: ctmweb.exe" "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe: *: Enabled : AOL Application Loader " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe: *: Enabled : AOL " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe: *: Enabled : AOL " "C: \ \ Program Files \ \ America Online 9.0 \ \ waol.exe" = "C: \ \ Program Files \ \ America Online 9.0 \ \ waol.exe: *: Enabled: AOL" "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe" = "C: \ \ Prog ram Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe: *: Enabled: AOLTsMon " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe" = "C: \ \ Prog ram Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe: *: Enabled: AOLTopSpeed " "C: \ \ Program Files \ Fichiers communs \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost.exe" = "C: \ \ Program Files \ Fichiers communs \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost . exe: *: E nabled: AOL " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe: * : Enabled: AOL " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protection \ \ AOLSP Scheduler.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protection \ \ AOLSP Scheduler . exe: *: Enabled: AOL " "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protection \ \ asp.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protection \ \ asp.exe : *: Enabled: AOL " "C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ fr_FR \ \ lecteur \ \ AOLNySEV.exe" = "C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ fr_FR \ \ lecteur \ \ AOLNySEV . exe: *: Ena bled: AOL " "C: \ \ Program Files \ \ FTP Commander Pro \ \ cftp.exe" = "C: \ \ Program Files \ \ FTP Commander Pro \ \ cftp.exe: *: Enabled: cftp" "C: \ \ Program Files \ \ FTP Commander \ \ ftpcomm.exe" = "C: \ \ Program Files \ \ FTP Commander \ \ ftpcomm.exe: *: Enabled: ftpcomm" "C: \ \ Program Files \ \ Real \ \ RealPlayer \ \ realplay.exe" = "C: \ \ Progra m Files \ \ Real \ \ RealPlayer \ \ realplay.exe: *: Enabled: Re alPlayer" "C: \ \ StubInstaller.exe" = "C: \ \ StubInstaller.exe: *: E nabled: LimeWire essaimé d'installation" "C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe" = "C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe: *: Enabled: LimeWire" "C: \ \ Program Files \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe" = "C: \ \ Program Files \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe: *: Enabled: SmartFTP Client 2.0" "C: \ \ Program Files \ \ BitTornado \ \ btdownloadgui.exe" = "C: \ \ Program Files \ \ BitTornado \ \ btdownloadgui.exe: *: Enabled: BTD ownloadgui" "C: \ \ Program Files \ Fichiers communs \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLSoftware.exe" = "C: \ \ Program Files \ Fichiers communs \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware . exe: *: Enab LED: Services AOL " "C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = "C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe: *: Enabled: Firefox" "C: \ \ Program Files \ \ Get-Torrent \ \ Get-Torrent.exe" = "C: \ \ Program Files \ \ Get-Torrent \ \ Get-Torrent.exe: *: Enabled: Torrent P2P application" "C: \ \ Program Files \ \ Restaurant Empire \ \ re.exe" = "C: \ \ Program Files \ \ Restaurant Empire \ \ re.exe: *: Enabled: re" "C: \ \ Program Files \ \ BitZip \ \ bitzip.exe" = "C: \ \ Program Files \ \ BitZip \ \ bitzip.exe: *: Enabled: BitZip" "C: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe" = "C: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe: *: Enabled: æTorrent" "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe: *: Enabled: iTunes" "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000" "C: \ \ WINDOWS \ system32 \ \ dlcxcoms.exe" = "C: \ \ WINDOWS \ system32 \ \ dlcxcoms.exe: *: Enabled: Dell 926 Server" [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ SharedAccess \ Parameters \ FirewallPolicy \ domainpr ofil \ authorizedapplications \ list] "% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ syste m32 \ \ sessmgr.exe: *: enabled: @ xpsp2res.dll, -22019" "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe" = "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe: *: Enabled: ctmweb Installation Computrace / Management Application" "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000" Les fichiers restants : Les fichiers avec les attributs Caché : Mar. 12 juillet 2005 54,872 A.. H. --- "C: \ Program Files \ America Online 9.0 \ AOLphx.exe" Mar. 12 juillet 2005 31,832 A.. H. --- "C: \ Program Files \ America Online 9.0 \ rbm.exe" Mer 13 octobre 2004 1,694,208 A.. H. --- "C: \ Program Files \ Messenger \ msnmsgr.exe" Mer. 17 sept. 2008 162 A.. H. --- "C: \ Documents and Settings \ Administrateur \ Mes documents \ ~ $ RL3917.tmp" Ven. 23 nov. 2007 4,840,960 ... H. --- "C: \ Documents and Settings \ Administrateur \ Mes documents \ ~ WRL3917.tmp" Dim. 1 avril 2007 247 A.. H. --- "C: \ Program Files \ InterActual \ InterActual Player \ itiC9F.tmp" Dim 1 Juil 2007 0 A.Sh. --- "C: \ Documents and Settings \ All Users \ DRM \ Cache \ Indiv01.tmp" Lun 14 jan 2008 3,459 ... HR --- "C: \ Documents and Settings \ Administrateur \ Application Data \ SecuROM \ UserData \ securom_v7_01.bak" Sam. 27 sept. 2008 4750 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS00643642-9444-46D7-A0F8-98BCEC733FED.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS02319C6A-A321-4C8D-9995-820B7395AC0C.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS025EABA1-CC11-4560-8E12-630DDF3DA7B2.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS045F4367-E293-4856-99B6-A55965765747.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS068F3C9C-D92F-41E5-AF3C-3917DFD07FFB.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0ABE791D-AAB6-45AE-94C0-81FF065FB64C.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \-SSCS0B798094 B44A-427A-B9DC-654E158521EB.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0C1801B8-619C-45EF-A0A9-6FDF58378626.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0DC230DD-648D-4C7A-A46F-125E3BBCACF0.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0FD1D4A0-7A3B-4426-BF06-CBE8A10161D9.tmp" Sam. 27 sept. 2008 12,540 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS12E3E01D-D993-4077-84CD-270FC7998D10.tmp" Sam. 27 sept. 2008 5616 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS1558A464-A8A5-4699-8AD4-1FD636BA73F0.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS16C4CA8E-B45E-4C74-A16A-C6547AC6862A.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS171F971D-9918-4BF8-934E-9F971CE3A62E.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS18482343-5AA4-4A75-B35E-1DE367BE8DF8.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS1F408231-9AD4-4F3A-8F71-E4D1A885E2D9.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS22C553D7-9E17-42E7-9BAC-FD08E49F2DA7.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS29899F67-1A0A-49C1-BF8C-969C56BFE72D.tmp" Sam. 27 sept. 2008 40,408 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS2CE2DD8D-1B89-4236-8CEB-8AE2092F011D.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS2DE8E664-10D0-4BC0-B385-C28929E5600F.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS35CD56A6-869F-4E8D-9744-F5243F94B4B1.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3A52BAF2-C6D8-48c5-A517-8F08AFB8035A.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EC9B69D-3F89-4FC5-B941-1463F3BD2234.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EADD09D-E99C-4EDA-87E8-14DD31C5A1CA.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EDF6917-B0B7-4164-BAA8-7013E06D5FCA.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3FF4AFC6-0025-4047-AEFB-7C34313D972F.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4031D191-1F75-49F0-8272-A12ACD39C269.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS416C7484-2AC6-4BFE-8364-B3DC9640EB90.tmp" Sam. 27 sept. 2008 27,677 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS42B72C22-0C5B-4053-87A4-D8EB671C2029.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4C83367A-C322-4725-A861-182E13107846.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4DB48154-31C5-424F-B7EB-6337D7279415.tmp" Sam. 27 sept. 2008 3393 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4EAE423C-33F9-4D19-AD00-4127948E7F39.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4FE7BDE5-631A-4BEE-BA59-2A86CECDA9DA.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS50B44EC6-2F2E-4D16-AC0C-376383467A7C.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS56CA220B-41A4-B217-4EBA-FF3A496AA590.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5AF7C2DD-39F4-4B22-8F5A-11FC428681E1.tmp" Sam. 27 sept. 2008 101,080 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5DCC2C2E-7275-4CC4-9192-B113F353FB5F.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5D528DF5-B79E-4EE1-9D6C-1EC565BBBC62.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6011FD6D-D50D-43A0-AE81-A050DD789327.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS62CC7F66-91D7-40E6-9C86-9E1A90363BBD.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6548601C-9BB6-472C-aa53-447B881C2428.tmp" Sam. 27 sept. 2008 6,247,755 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6946DC39-11B6-4B93-A005-7F3C9D123F87.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS69A2BD78-4F53-4EBE-A0E3-D640854156D9.tmp" Sam. 27 sept. 2008 198,358 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6927849A-B300-4980-AAEB-7DBA1C6E4164.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6945CE07-04BF-439f-987F-028637985DF0.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6FE21A12-C11B-4E43-99E2-FA8F960870E1.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS700D83FE-2571-4AE3-89BC-6DD584F68699.tmp" Sam. 27 sept. 2008 3,195,852 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \-SSCS713A2772 B7C7-4A87-BAEB-E92C67ED4580.tmp" Sam. 27 sept. 2008 143,110 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS71EC4FAD-E45A-4E20-AE13-D864D8CA24A1.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS716E87B1-65B4-4487-B09B-19A89B9F5C97.tmp" Sam. 27 sept. 2008 1,909,332 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \-SSCS7366E027 AE32-4BC8-9360-699C2C95BEB0.tmp" Sam. 27 sept. 2008 270,314 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS75371617-A509-4E33-9F16-118AA8AC2918.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS767A458F-F431-46EB-A2DA-88FB1A7E3E7D.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7A70C6B2-5850-4473-9585-E0C43F090F27.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7B30F8F2-8A4F-42B9-B9F8-625709173611.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \-SSCS7C1354E8 D74C-4AC8-BE8F-7167A5076F4A.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7CBB22C6-4E66-4720-995F-1C2ADC632A9B.tmp" Sam. 27 sept. 2008 642 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7E1AA5E0-2F18-4CF4-B64E-8EB8F378DF31.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7FEECAB9-C6A6-4302-9AA6-F69FA542ED3D.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS840E4E3A-C733-4DC5-A8F3-B248CC83075B.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8716D8FB-A364-4288-8B00-55605E1EF6C0.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS89FE094B-45FA-4923-87F1-139238C4F97B.tmp" Sam. 27 sept. 2008 610 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8A4D2B50-2BB9-4DC6-9E5E-3CB11929C3D2.tmp" Sam. 27 sept. 2008 4532 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8E7D97AA-E673-4952-AA06-A468A9C52A7C.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8FB3E905-99ba-4D9E-9C2A-B17FB19F5132.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS92FF4DE9-51A7-4FEA-9F94-4984E35FDB14.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS94946861-C52C-4360-B5D7-0BAA075D88BB.tmp" Sam. 27 sept. 2008 674 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9766DA24-0126-49B8-821D-0BBD42716F70.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \-SSCS9CF76AA8 C8DD-426D-8974-7952EA0782D3.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9DE19017-8F84-45F0-8707-3157A64B6CEA.tmp" Sam. 27 sept. 2008 1,190,410 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9F48133A-1109-42EB-93AA-A3CB3CACBCBF.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSABDB0578-02AF-4BA8-A501-9A8992ED7BDB.tmp" Sam. 27 sept. 2008 2736 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSAD28D6FF-3940-4F08-A657-2E61F69B5449.tmp" Sam. 27 sept. 2008 75,790 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB18333D4-60E0-438D-B085-7DB36F72F77D.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB74C069F-C392-4F81-8670-212FC280E95D.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB76C1894-7B69-4834-97D3-B402FE20935A.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB73D6FFC-0E8C-41B9-84D3-8810EC6D9228.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB9036DEB-8242-4521-A54E-139AF6A9A190.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBAE9F5F5-FA44-4E05-9A1D-A462CE8AF520.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \-SSCSBBCD6D72 A069-40FF-9AF2-916180E0A88E.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBBCBA3E5-E607-436F-B3EE-A1DEAC925872.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBEC0CEEC-C42B-4B06-A604-EAAD26CE6255.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSC5D01365-2009-400C-A9A3-5F990CF4A80D.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSC9E0B767-5A0A-47B9-A439-227E2B94F887.tmp" Sam. 27 sept. 2008 134,148 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD2617AFF-BC61-4BFE-B8E6-6CC988A0F275.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD21BE94F-9EE4-475B-B0A2-24C81FFF173F.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD4AA62E4-9D9E-4B7B-9CD0-686A2C05AEF7.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD729F3FB-EE09-459B-A678-BD9132629FDF.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD8157780-DB4C-464F-B192-D31296C412A8.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD97D795A-5F39-4FDD-A7EF-691DEBB65005.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDA1F438F-BCAF-4452-A79A-167408950654.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDA218F7C-D867-4690-96E2-789F80A7D3E0.tmp" Sam. 27 sept. 2008 20,968 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDBBDCE8F-1CB9-456d-9A48-B332BFDD4DA3.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC4DE87E-7FB7-4AAF-9341-074C383E5277.tmp" Sam. 27 sept. 2008 2,168,120 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC4805C4-09F4-44DF-953f-40714AC7B32D.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC54187B-23EE-4C63-A3C1-F95DD71DC749.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE542CE01-559A-4B52-B46E-3ABA034CB806.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE76031B3-69B7-40CD-98AA-1FBADCFD80F9.tmp" Sam. 27 sept. 2008 538 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE89A2A1E-7243-491E-8713-779584114914.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE9F327DF-50B6-42E2-B361-B1279BCFE655.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSEAF8FCDA-0414-40ED-8AC7-F6E8BA990710.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSEC43267D-076B-838C-42D7-4A46B1619D44.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSED7CFB5E-591C-4B3A-BB59-99AC6B355CE9.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF03658AA-EBC4-437C-8F4E-338B053BBCC5.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF1EE7C84-96f2-4922-8549-E4F727B9B3A5.tmp" Sam. 27 sept. 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF5708FAD-F162-475A-BBD8-590D8EED1563.tmp" Sam. 27 sept. 2008 1,609,542 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF60C8606-1E32-4C46-9DD9-9591141A47D3.tmp" Sam. 27 sept. 2008 29,084 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF7DCFFB4-3037-49B4-8FAF-FB62C2892816.tmp" Sam. 27 sept. 2008 16,965 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSFABFD6CE-CC5D-4B27-9BE0-5CE94D2BE9C9.tmp" C'est fini! Logfile de Trend Micro HijackThis v2.0.2 Scan saved at 11:22:30 PM, le 9/27/2008 Plate-forme: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running processes: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe C: \ WINDOWS \ system32 \ LEXBCES.EXE C: \ WINDOWS \ system32 \ spoolsv.exe C: \ WINDOWS \ system32 \ LEXPPS.EXE C: \ Program Files \ Fichiers communs \ AOL \ ACS \ AOLAcsd.exe C: \ Program Files \ Fichiers communs \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ WINDOWS \ system32 \ dlcxcoms.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Fichiers communs \ Microsoft Shared \ VS7DEBUG \ Mdm.exe C: \ Program Files \ Dell \ QuickSet \ NICCONFIGSVC.exe C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe C: \ WINDOWS \ system32 \ rpcnet.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ spysweeper.exe C: \ WINDOWS \ Explorer.EXE C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ commagent.exe C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ Viewpoint \ Viewpoint Manager \ ViewMgr.exe C: \ WINDOWS \ system32 \ notepad.exe C: \ Program Files \ Dell \ QuickSet \ quickset.exe C: \ WINDOWS \ system32 \ Rundll32.exe C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ Program Files \ ErrorSmart \ ErrorSmart.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ Program Files \ America Online 9.0 \ waol.exe C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe C: \ WINDOWS \ system32 \ Wuauclt.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ America Online 9.0 \ shellmon.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.bridgew.edu/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.bridgew.edu/ O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O2 - BHO: Viewpoint Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Program Files \ Viewpoint \ Viewpoint Toolbar \ 3.8.0 \ ViewBarBHO.dll O3 - Toolbar: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O3 - Toolbar: Viewpoint Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Program Files \ Fichiers communs \ Viewpoint \ Toolbar Runtime \ 3.8.0 \ IEViewBar.dll O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [Dell QuickSet] C: \ Program Files \ Dell \ QuickSet \ quickset.exe O4 - HKLM \ .. \ Run: [NvMediaCenter] Rundll32.exe NvMCTray.dll, NvTaskbarInit O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.exe O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [DLCXCATS] rundll32 C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ e.dll DLCXtim, _RunDLLEntry @ 16 O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Program Files \ ErrorSmart \ ErrorSmart.exe O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKCU \ .. \ Run: [AOL Fast Start] "C: \ Program Files \ America Online 9.0 \ AOL.EXE"-b O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 -. DEFAULT Startup: Clean Access Reader.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe (User 'Default user') O4 - Startup: Clean Access Reader.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel présent O8 - Extra du menu contextuel: & AOL Toolbar search - res: / / C: \ Program Files \ AOL Toolbar \ toolbar.dll / search.html O8 - Extra du menu contextuel: E & xporter vers Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000 O8 - Extra context menu item: S'abonner au lecteur RSS par défaut - C: \ Documents and Settings \ Administrateur \ Application Data \ RssBandit \ iecontext_subscribefeed.htm O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra button: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O9 - Extra 'Tools' menuitem: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL O9 - Extra button: Real.com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' menuitem: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Program Files \ PokerStars.NET \ PokerStarsUpdate.exe O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O15 - Trusted Zone: *. bridgew.edu O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?link...67&clcid=0x409 O16 - DPF: (5e2a3510-4371-11d6-B64C-00c04faedb18) (Oracle JInitiator 1.1.8.18) -- http://frmserv.bridgew.edu/jinitiator/jinit.exe O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://update.microsoft.com/windowsu...?1121111428606 O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1121873156643 O16 - DPF: (BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://aolsvc.aol.com/onlinegames/fr...g.1.0.0.33.cab O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Fichiers communs \ Adobe Systems Shared \ Service \ Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C: \ Program Files \ Fichiers communs \ AOL \ ACS \ AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C: \ Program Files \ Fichiers communs \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - Unknown owner - C: \ WINDOWS \ System32 \ Ati2evxx.exe O23 - Service: CSIScanner - Prevx - C: \ Program Files \ PrevxCSI \ prevxcsi.exe O23 - Service: dlcx_device - - C: \ WINDOWS \ system32 \ dlcxcoms.exe O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Fichiers communs \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ LEXBCES.EXE O23 - Service: NICCONFIGSVC - Dell Inc - C: \ Program Files \ Dell \ QuickSet \ NICCONFIGSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - ALWIL Software - C: \ WINDOWS \ system32 \ rpcnet.exe O23 - Service: Intel (R) PROSet / Wireless Service (S24EventMonitor) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe O23 - Service: Webroot CommAgent Service (WebrootCommAgentService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ commagent.exe O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ spysweeper.exe O23 - Service: Intel (R) PROSet / Wireless SSO Service (WLANKEEPER) - Intel (R) Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe -- End of file - 10298 bytes |
|
#4
27 septembre 2008, 20:37
| |||
| |||
| Iexplore.exe question Désactiver SpySweeper Vous pouvez le réactiver après vous propre. Pour désactiver SpySweeper: Ouvert Spysweeper click> Options vers la gauche puis> Options > Décochez "charge au démarrage de Windows" Plus à gauche, cliquez sur "boucliers" et Décochez tous là bas. Décochez "Page d'accueil de bouclier" Décochez «restaurer automatiquement par défaut, sans notification" Après tous les correctifs sont complets, il est très important que vous activez la protection en temps réel à nouveau. ---------- Désactiver Windows Defender Nous avons besoin de désactiver votre Windows Defender en temps réel comme la protection de mai interférer avec les correctifs que nous devons faire.
---------- Nous devons supprimer ErrorSmart. Ceci est considéré comme un programme de rouge parce qu'il n'est pas fiable et souvent installés sans le consentement des utilisateurs. Allez à Ajouter ou supprimer des programmes et de désinstaller ErrorSmart (si elle y est) ---------- HijackThis et sélectionnez Ouvrir Est-ce que seulement un système de balayage. Placez une coche à côté de l'entrée suivante: (s'il ya)
Quitter HijackThis. ---------- Note: les instructions ci-dessous ont été créées spécifiquement pour cet utilisateur. Si vous n'êtes pas cet utilisateur, NE PAS suivre ces instructions, sous peine d'endommager le fonctionnement de votre système Aller à Démarrer> Exécuter et le type notepad.exe puis cliquez sur OK Copiez et collez le dans le Bloc-notes ci-dessous et de mettre en fixme.reg à votre Desktop Code: REGEDIT4 [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Run] "ErrorSmart" =- Assurez-vous me dire si vous recevez un message de succès sur l'ajout de ce qui précède dans le Registre. Si vous ne recevez pas un message de succès, elle ne fonctionne pas. Supprimer les fixme.reg du Desktop. ---------- Télécharger CCleaner Slim et de l'enregistrer sur votre bureau. Lorsque le fichier a été sauvegardé, allez sur votre bureau et double-cliquez sur ccsetupxxx_slim.exe Suivez les instructions pour installer le programme. Terminez l'installation puis:
---------- Télécharger Malwarebytes' Anti-Malware (MBAM)
__________________ |
|
#5
27 septembre 2008, 21:50
| |||
| |||
| Iexplore.exe question Je n'ai un message de réussite de la greffe. Malwarebytes' Anti-Malware 1.28 Version de base de données: 1216 Windows 5.1.2600 Service Pack 2 9/28/2008 12:45:51 AM Mbam-log-2008-09-28 (00-45-51). txt Scan type: Quick Scan Scannées Objects: 59369 Temps écoulé: 10 minute (s), 46 second (s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Fichiers infectés: 1 Memory Processes Infected: (Articles n ° malveillants détectés) Memory Modules Infected: (Articles n ° malveillants détectés) Registry Keys Infected: (Articles n ° malveillants détectés) Registry Values Infected: (Articles n ° malveillants détectés) Registry Data Items Infected: (Articles n ° malveillants détectés) Folders Infected: (Articles n ° malveillants détectés) Fichiers infectés: C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully. |
|
#6
27 septembre 2008, 21:55
| |||
| |||
| Iexplore.exe question Les changements?
__________________ |
|
#7
27 septembre 2008, 22:49
| |||
| |||
| Iexplore.exe question Nope, toujours là |
|
#8
27 septembre 2008, 22:56
| |||
| |||
| Iexplore.exe question Ne vous inquiétez pas, nous allons le trouver. Télécharger ComboFix par SUBS de l'un des liens ci-dessous. Assurez-vous haut mettre à la Desktop. Lien # 1 Link # 2 ** Note: Il est important de le sauvegarder directement sur votre bureau Fermez tous les navigateurs Web. (Firefox, Internet Explorer, etc) avant de lancer ComboFix. Momentanément désactiver ton antivirus, Et tout antispyware protection en temps réel avant effectuer une analyse. Cliquez sur ce lien pour voir la liste des programmes de sécurité qui doit être désactivé et comment les désactiver. Double-cliquez sur combofix.exe et suivre les instructions. Lorsque vous avez terminé ComboFix va produire un journal pour vous. Publier le ComboFix log dans votre prochaine réponse. Important: Ne pas ComboFix clic de souris, la fenêtre en cours d'exécution. Cela mai à cause de décrochage. N'oubliez pas de réactiver votre antivirus et antispyware protection ComboFix est terminée.
__________________ |
|
#9
28 septembre 2008, 08:56
| |||
| |||
| Iexplore.exe question ComboFix 08-09-27.05 - Administrateur 2008-09-28 11:44:34.1 - NTFSx86 Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1033.18.615 [GMT -4:00] Running from: C: \ Documents and Settings \ Administrator \ Desktop \ ComboFix.exe * Création d'un nouveau point de restauration ATTENTION CETTE MACHINE-N'A PAS LA CONSOLE DE RECUPERATION INSTALLED! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))) )))))))))))))))))))))))))))))))))))))))) . C: \ Documents and Settings \ NetworkService \ Cookies \ system @ trafficmp [1]. Txt C: \ WINDOWS \ system32 \ drivers \ fad.sys . Créée à partir de ((((((((((((((((((((((((( Files 2008-08-28 au 2008-09-28 ))))))))))) )))))))))))))))))))) . 2008-09-28 01:46. 2008-09-28 01:46 0 - a ------ C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a 2008-09-27 22:45. 2008-09-27 22:45 <DIR> d -------- C: \ WINDOWS \ ERUNT 2008-09-27 22:20. 2008-09-27 23:19 <DIR> d -------- C: \ SDFix 2008-09-27 21:03. 2008-09-27 21:03 <DIR> d -------- C: \ Program Files \ Trend Micro 2008-09-27 20:48. 2008-09-27 20:48 <DIR> d -------- C: \ Documents and Settings \ NetworkService \ Application Data \ AdobeUM 2008-09-27 20:36. 2008-09-27 20:40 <DIR> d -------- C: \ Documents and Settings \ Administrateur \ Application Data \ ErrorSmart 2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Program Files \ Malwarebytes' Anti-Malware 2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes 2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Documents and Settings \ Administrateur \ Application Data \ Malwarebytes 2008-09-27 19:38. 2008-09-10 00:04 38.528 - a ------ C: \ WINDOWS \ system32 \ drivers \ mbamswissarmy.sys 2008-09-27 19:38. 2008-09-10 00:03 17.200 - a ------ C: \ WINDOWS \ system32 \ drivers \ mbam.sys 2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Program Files \ SUPERAntiSpyware 2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard 2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ SUPERAntiSpyware.com 2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Documents and Settings \ Administrateur \ Application Data \ SUPERAntiSpyware.com 2008-09-27 15:13. 2008-09-27 15:13 <DIR> d -------- C: \ Program Files \ CCleaner 2008-09-27 12:35. 2008-09-27 12:35 <DIR> d -------- C: \ Program Files \ PrevxCSI 2008-09-27 12:35. 2008-09-28 11:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PrevxCSI 2008-09-27 12:35. 2008-09-27 12:35 17.408 - a ------ C: \ WINDOWS \ system32 \ drivers \ pxark.sys 2008-09-27 00:48. 2008-09-27 00:47 102.664 - a ------ C: \ WINDOWS \ system32 \ drivers \ tmcomm.sys 2008-09-27 00:47. 2008-09-27 00:48 <DIR> d -------- C: \ Documents and Settings \ Administrateur \. Housecall6.6 2008-09-26 23:23. 2008-09-26 23:22 30.272 - a ------ C: \ WINDOWS \ system32 \0vx55IOc.exe 2008-09-23 19:04. 2008-09-23 22:56 <DIR> d -------- C: \ WINDOWS \ system32 \ CatRoot_bak 2008-09-21 00:19. 2008-09-21 00:19 <DIR> d -------- C: \ Program Files \ Windows Defender 2008-09-12 13:32. 2004-03-29 16:23 90.112 - a ------ C: \ WINDOWS \ unvise32.exe 2008-09-11 12:41. 2008-09-28 11:36 54.156 - ah ----- C: \ WINDOWS \ QTFont.qfn 2008-09-11 12:41. 2008-09-11 12:41 1.409 - a ------ C: \ WINDOWS \ QTFont.for 2008-09-09 15:33. 2008-09-09 15:56 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ FarmFrenzy2 2008-09-04 13:39. 2008-09-04 13:39 <DIR> d -------- C: \ Program Files \ Atari 2008-09-03 23:06. 2008-06-10 02:32 73.728 - a ------ C: \ WINDOWS \ system32 \ javacpl.cpl 2008-09-01 20:34. 2008-09-01 20:34 <DIR> d -------- C: \ Documents and Settings \ Administrateur \ Application Data \ Eyeblaster 2008-08-28 23:11. 2004-08-04 00:56 159.232 - a ------ C: \ WINDOWS \ system32 \ ptpusd.dll 2008-08-28 23:11. 2001-08-17 22:36 5.632 - a ------ C: \ WINDOWS \ system32 \ ptpusb.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2008-09-28 15:35 31.232 ---- aw C: \ WINDOWS \ system32 \ rpcnet.dll 2008-09-28 15:35 17.408 ---- aw C: \ WINDOWS \ system32 \ Rpcnetp.exe 2008-09-28 03:10 17.408 ---- aw C: \ WINDOWS \ system32 \ rpcnetp.dll 2008-09-28 00:20 --------- d ----- w C: \ Program Files \ RealArcade 2008-09-25 21:30 --------- d ----- w C: \ Program Files \ FTP Commander 2008-09-21 04:33 --------- d ----- w C: \ Program Files \ Fichiers communs \ Adobe 2008-09-11 16:36 --------- d ----- w C: \ Documents and Settings \ Administrateur \ Application Data \ uTorrent 2008-09-05 18:19 98.304 ---- aw C: \ WINDOWS \ system32 \ CmdLineExt.dll 2008-09-04 17:39 --------- d - h - w C: \ Program Files \ InstallShield Installation Information 2008-09-04 03:06 --------- d ----- w C: \ Program Files \ Java 2008-08-30 00:32 --------- d ----- w C: \ Program Files \ dl_Cats 2008-08-24 21:28 --------- d ----- w C: \ Documents and Settings \ Administrateur \ Application Data \ Move Networks 2008-08-24 21:07 --------- d ----- w C: \ Documents and Settings \ Administrateur \ Application Data \ Gamelab 2008-07-30 01:59 --------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ FreshGames 2008-07-19 02:10 94.920 ---- aw C: \ WINDOWS \ system32 \ cdm.dll 2008-07-19 02:10 53.448 ---- aw C: \ WINDOWS \ system32 \ Wuauclt.exe 2008-07-19 02:10 45.768 ---- aw C: \ WINDOWS \ system32 \ wups2.dll 2008-07-19 02:10 36.552 ---- aw C: \ WINDOWS \ system32 \ wups.dll 2008-07-19 02:09 563.912 ---- aw C: \ WINDOWS \ system32 \ wuapi.dll 2008-07-19 02:09 325.832 ---- aw C: \ WINDOWS \ system32 \ wucltui.dll 2008-07-19 02:09 205.000 ---- aw C: \ WINDOWS \ system32 \ wuweb.dll 2008-07-19 02:09 1.811.656 ---- aw C: \ WINDOWS \ system32 \ Wuaueng.dll 2008-07-19 02:07 270.880 ---- aw C: \ WINDOWS \ system32 \ mucltui.dll 2008-07-19 02:07 210.976 ---- aw C: \ WINDOWS \ system32 \ muweb.dll 2008-07-07 20:32 253.952 ---- aw C: \ WINDOWS \ system32 \ es.dll 2007-10-02 01:01 60.968 ---- aw C: \ Documents and Settings \ Administrateur \ GoToAssistDownloadHelper.ex e 2007-01-13 12:49 774.144 ---- aw C: \ Program Files \ RngInterstitial.dll 2007-08-10 19:03 6.275.816 ---- aw C: \ Program Files \ Mozilla Firefox \ plugins \ ScorchPDFWrapper.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Note * empty entries & legit entrées par défaut ne sont pas indiquées REGEDIT4 [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curré ntVersion \ Run] "ctfmon.exe" = "C: \ WINDOWS \ system32 \ ctfmon.exe" [2004-08-04 15360] "AOL Fast Start" = "C: \ Program Files \ America Online 9.0 \ AOL.EXE" [2005-07-12 50776] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "NvCplDaemon" = "C: \ WINDOWS \ system32 \ NvCpl.dll" [2007-04-28 8429568] "Dell QuickSet" = "C: \ Program Files \ Dell \ QuickSet \ quickset.exe" [2007-07-20 1228800] "HPDJ Taskbar Utility" = "C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb03.exe" [2001-06-12 200704] "QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-01-10 385024] "iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-01-15 267048] "DLCXCATS" = "C: \ WINDOWS \ System32 \ spool \ drivers \ W32X 86 \ 3 \ DLCXtime.dll" [2006-10-16 106496] "SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" [2008-06-10 144784] "NvMediaCenter" = "NvMCTray.dll" [2007-04-28 C: \ WINDOWS \ system32 \ nvmctray.dll] [HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ RunOnce] "RunNarrator" = "Narrator.exe" [2004-08-04 C: \ WINDOWS \ system32 \ narrator.exe] C: \ Documents and Settings \ Administrateur \ Start Menu \ Programs \ Startup \ Clean Access Agent.lnk - C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe [2007-06-28 2056266] [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curré ntversion \ Policies \ Explorer] "NoSMBalloonTip" = 1 (0x1) "NoAutoTrayNotify" = 1 (0x1) [HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ actu rentversion \ Policies \ Explorer] "NoActiveDesktopChanges" = 0 (0x0) [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ windows \ curr entversion \ Explorer \ ShellExecuteHooks] "(5AE067D3-9AFB-48E0-853a-EBB7F4A000DA)" = "C: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \! SASWinLogon] 2008-07-23 16:28 352256 C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll [HKLM \ ~ \ startupfolder \ C: Documents and Settings ^ ^ ^ Administrator Menu Démarrer ^ Programmes ^ Démarrage ^ Adobe Gamma.lnk] path = C: \ Documents and Settings \ Administrateur \ Start Menu \ Programs \ Startup \ Adobe Gamma.lnk backup = C: \ WINDOWS \ pss \ Adobe Gamma.lnkStartup [HKLM \ ~ \ startupfolder \ C: ^ Documents and Settings ^ All Users ^ Menu Démarrer ^ Programmes ^ Démarrage ^ Adobe Reader Speed Launch.lnk] path = C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \ Adobe Reader Speed Launch.lnk backup = C: \ WINDOWS \ pss \ Adobe Reader Speed Launch.lnkCommon de démarrage [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ AOLDialer] -ra ------ 2006-10-23 08:50 71216 C: \ Program Files \ Fichiers communs \ AOL \ ACS \ AOLDial.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ apoint] - a ------ 2003-08-20 20:24 151552 C: \ Program Files \ apoint \ Apoint.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ ctfmon.exe] - a ------ 2004-08-04 00:56 15360 C: \ WINDOWS \ system32 \ ctfmon.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ HostManager] - a ------ 2006-09-25 20:52 50736 C: \ Program Files \ Fichiers communs \ AOL \ 1155864818 \ ee \ aolsoftware.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ igfxhkcmd] - a ------ 2006-07-14 18:04 77824 C: \ WINDOWS \ system32 \ hkcmd.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ igfxpers] - a ------ 2006-07-14 18:08 118784 C: \ WINDOWS \ system32 \ igfxpers.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ igfxtray] - a ------ 2006-07-14 18:07 94208 C: \ WINDOWS \ system32 \ igfxtray.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ IntelWireless] - a ------ 2006-08-02 01:32 696320 C: \ Program Files \ Intel \ Wireless \ Bin \ iFrmewrk.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ IntelZeroConfig] - a ------ 2006-08-02 01:38 802816 C: \ Program Files \ Intel \ Wireless \ Bin \ ZCfgSvc.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ iTunesHelper] - a ------ 2008-01-15 04:22 267048 C: \ Program Files \ iTunes \ iTunesHelper.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ MSMSGS] - ah ----- 2004-10-13 12:24 1694208 C: \ Program Files \ Messenger \ msmsgs.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ NvCplDaemon] - a ------ 2007-04-28 19:05 8429568 C: \ WINDOWS \ system32 \ nvcpl.dll [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ NvMediaCenter] - a ------ 2007-04-28 19:05 81920 C: \ WINDOWS \ system32 \ nvmctray.dll [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ QuickTime Task] - a ------ 2008-01-10 16:27 385024 C: \ Program Files \ QuickTime \ QTTask.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ RealTray] - a ------ 2006-08-17 21:34 26112 C: \ Program Files \ Real \ RealPlayer \ realplay.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ SunJavaUpdateSched] - a ------ 2006-12-15 04:23 75520 C: \ Program Files \ Java \ jre1.5.0_11 \ bin \ jusched.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ WMPNSCFG] --------- 2006-10-18 20:05 204288 C: \ Program Files \ Windows Media Player \ wmpnscfg.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ NVHotkey] - a ------ 2007-04-28 19:05 67584 C: \ WINDOWS \ system32 \ nvhotkey.dll [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ nwiz] - a ------ 2007-04-28 19:05 1626112 C: \ WINDOWS \ system32 \ nwiz.exe [HKEY_LOCAL_MACHINE \ software \ microsoft \ shared tools \ msconfig \ startupreg \ SigmatelSysTrayApp] - a - c --- 2005-11-16 15:35 397312 C: \ WINDOWS \ stsystra.exe [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ StandardProfile \ AuthorizedApplications \ List] "% windir% \ \ system32 \ \ sessmgr.exe" = "C: \ \ Program Files \ \ RssBandit \ \ RSSBandit.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" = "C: \ \ Program Files \ \ America Online 9.0 \ \ waol.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protection \ \ AOLSP Scheduler.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protection \ \ asp.exe" = "C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ fr_FR \ \ lecteur \ \ AOLNySEV.exe" = "C: \ \ Program Files \ \ FTP Commander \ \ ftpcomm.exe" = "C: \ \ Program Files \ \ Real \ \ RealPlayer \ \ realplay.exe" = "C: \ \ StubInstaller.exe" = "C: \ \ Program Files \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe" = "C: \ \ Program Files \ \ BitTornado \ \ btdownloadgui.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ ee \ \ aolsoftware.exe" = "C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = "C: \ \ Program Files \ \ BitZip \ \ bitzip.exe" = "C: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe" = "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "C: \ \ WINDOWS \ \ system32 \ \ dlcxcoms.exe" = [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ StandardProfile \ GloballyOpenPorts \ List] "50001: TCP" = 50001: TCP: webroots "50002: TCP" = 50002: TCP: webroots2 "3389: TCP" = 3389: TCP: @ xpsp2res.dll, -22009 [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ StandardProfile \ IcmpSettings] "AllowInboundEchoRequest" = 1 (0x1) R0 a320raid; a320raid; C: \ WINDOWS \ system32 \ drivers \ A320 raid.sys [2006-04-04 251578] R0 pxark; pxark; C: \ WINDOWS \ system32 \ drivers \ pxark.sys [2008-09-27 17408] R1 SAVOnAccess Control; SAVOnAccess Control; C: \ WINDOWS \ system32 \ drivers \ savonaccesscon trol.sys [2006-04-14 80128] R1 SAVOnAccess Filter; SAVOnAccess Filter; C: \ WINDOWS \ system32 \ drivers \ savonaccessfilt er.sys [2006-04-14 24064] R2 CSIScanner; CSIScanner; C: \ Program Files \ PrevxCSI \ prevxcsi.exe [2008-09-27 618040] R2 dlcx_device; dlcx_device; C: \ WINDOWS \ system32 \ dlcxco ms.exe [2006-11-03 537480] R2 Viewpoint Manager Service; Viewpoint Manager Service; C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652] S2 ousbehci; NEC PCI vers USB Enhanced Host Controller; C: \ WINDOWS \ system32 \ Drivers \ ousbehci.sy s [2003-08-01 41600] S3 GTIPCI21; GTIPCI21; C: \ WINDOWS \ system32 \ drivers \ PITCG ci21.sys [2004-05-03 80384] S3 NWADI; NWADI Bus Enumerator; C: \ WINDOWS \ system32 \ drivers \ NWADIenum.s ys [2005-12-09 67840] S3 ousb2hub; OrangeWare USB 2.0 Root Hub Support; C: \ WINDOWS \ system32 \ drivers \ ousb2hub.sys [2003-08-01 55552] S3 whfltr2k; molette USB Lower Filter Driver; C: \ WINDOWS \ system32 \ drivers \ whfltr2k.sys [2007-01-25 6784] S3 whmice2k avancée Wheel Mouse Upper Filter Driver; C: \ WINDOWS \ system32 \ drivers \ whmice2k.sys [2004-04-25 6885] [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curré ntversion \ explorer \ mountpoints2 \ D] \ Shell \ AutoRun \ command - D: \ autorun.exe [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curré ntversion \ explorer \ mountpoints2 \ (64d8acf2-5f84-11db-b756-00038a000015)] \ Shell \ AutoRun \ command - E: \ Installer.exe [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curré ntversion \ explorer \ mountpoints2 \ (7aebf132-2e3f-11db-b6e0-0015c547091a)] \ Shell \ AutoRun \ command - E: \ wd_windows_tools \ setup.exe [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curré ntversion \ explorer \ mountpoints2 \ (c4f3f4e1-2c11-11d9-8305-806d6172696f)] \ Shell \ AutoRun \ command - D: \ Programmes \ nu2menu \ nu2menu.exe * * Service nouvellement créé - PROCEXP90 . Contenu de la "Tâches planifiées" dossier . - - - - ORPHELINS REMOVED - - - -- MSConfigStartUp-! AVG Anti-Spyware - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe MSConfigStartUp-NeroFilterCheck - C: \ Program Files \ PowerDVD \ Apoint.exe MSConfigStartUp-SpySweeperEnterprise - C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ \ spysweeperui.exe MSConfigStartUp-SpysweeperUI - C: \ Program Files \ Webroot \ Enterprise \ Spy Sweeper \ spysweeperui.exe MSConfigStartUp-SunJavaUpdateSched - C: \ Program Files \ Fichiers communs \ Sonic \ Update Manager \ realsched.exe . Supplementary Scan ------- ------- . FireFox -: Profile - C: \ Documents and Settings \ Administrateur \ Application Data \ Mozilla \ Firefox \ Profiles \ dlc1hobz.default \ FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp: / / www.broadway.com/ FF -: plugin - C: \ Documents and Settings \ Administrateur \ Application Data \ Mozilla \ Firefox \ Profiles \ dlc1hobz.default \ ensions ext \ npmozax@real.com \ plugins \ npmozax.dll FF -: plugin - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ Browser \ nppdf32.dll FF -: plugin - C: \ Program Files \ iTunes \ Mozilla Plugins \ npitunes.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npagent.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npmozax.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npmusicn.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npracplug.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ nptgeqplugin.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugins \ npunagi2.dll FF -: plugin - C: \ Program Files \ Real \ RealArcade \ Plugins \ Mozilla \ l npracplug.dl FF -: plugin - C: \ Program Files \ Viewpoint \ Viewpoint Experience Technology \ npViewpoint.dll . ************************************************** ************************ catchme 0.3.1361 W2K/XP/Vista - rootkit / stealth malware detector par Gmer, http://www.gmer.net Rootkit scan 2008-09-28 11:48:43 Windows 5.1.2600 Service Pack 2 NTFS scanning processus cachés ... scanning hidden autostart entries ... HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run DLCXCATS = rundll32 C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ e.dll DLCXtim, _RunDLLEntry @ 16 ???????????????????????? ????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? de balayage des fichiers cachés ... scan effectué avec succès les fichiers cachés: 0 ************************************************** ************************ . --------------------- DLLs Loaded Sous Running Processes --------------------- PROCESSUS: C: \ WINDOWS \ system32 \ winlogon.exe -> C: \ WINDOWS \ system32 \ ati2evxx.dll . Completion time: 2008-09-28 11:50:56 ComboFix-quarantined-files.txt 2008-09-28 15:50:52 Pre-Run: 25918537728 octets libres Post-Run: 25986658304 octets libres 255 --- EOF --- 2008-09-26 12:22:29 |
|
#10
28 septembre 2008, 10:25
| |||
| |||
| Iexplore.exe question Note: les instructions ci-dessous ont été créées spécifiquement pour cet utilisateur. Si vous n'êtes pas cet utilisateur, NE PAS suivre ces instructions, sous peine d'endommager le fonctionnement de votre système Supprimer ces fichiers / dossiers, comme suit: 1. Aller à Démarrer > Courir > Type Notepad.exe et cliquez sur OK pour ouvrir le Bloc-notes. Il devoir être Bloc-notes, Wordpad pas. 2. Copiez le texte ci-dessous dans la case code en mettant en lumière tout le texte et en appuyant sur Ctrl + C Code: Killall:: File:: C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a C: \ WINDOWS \ system32 \ Folder 0vx55IOc.exe:: C: \ Documents and Settings \ Administrateur \ Application Data \ ErrorSmart 4. Ensuite, cliquez sur Fichier > Sauver 5. Nom du fichier CFScript.txt - Enregistrez le fichier sur votre bureau 6. Ensuite, faites glisser le CFScript (maintenez enfoncé le bouton gauche tout en faisant glisser le fichier) et déposez-le (la libération du bouton gauche de la souris) dans ComboFix.exe comme vous le voyez sur la capture d'écran ci-dessous. Important: Exécutez cette instruction attentivement!  ComboFix va commencer à exécuter, il suffit de suivre les instructions. Après un redémarrage (dans le cas où il demande de redémarrer l'ordinateur), il va produire un journal pour vous. Post que log (Combofix.txt) dans votre prochaine réponse. Note: Ne pas ComboFix clic de souris, la fenêtre en cours d'exécution. Cette mai cause votre système de gel
__________________ |
|
| |
| Bookmarks |
Similar Threads | ||||
| Fil | Thread Starter | Forum | Réponses | Last Post |
| Iexplore.exe | electra369 | Virus, Spyware et sécurité | 1 | 12 Jan 2009 00:16 |
| Winzix adware iexplore.exe question. S'il vous plaît, aidez! | winzix moron | Virus, Spyware et sécurité | 35 | 18 déc 2008 16:47 |
| Iexplore.exe # 3 | jman8700 | Virus, Spyware et sécurité | 8 | 29 Mai 2008 10:39 |
| Un autre iexplore>. < | sens | Virus, Spyware et sécurité | 20 | 18 Jan 2008 08:15 |
| Iexplore.exe | rsteenoven | Virus, Spyware et sécurité | 19 | 16 Jan 2008 14:02 |
| Thread Tools | |
| |
