Bonjour a ts
je fais une tentative par ce forum pake ces virus me rendent folleeeee!!!je ne suis pas une pro de l info je vs previen deja!! je ne sais pas si ttes les infos fournies sont necessaires ou completes!!!dc je sais kil y a un trojan msdirect.sys je n arrete pas de faire des analyses anti virus je l ai mis en quarantaine, suprimer, reparer rien n y fait il revient... il bloque littéralement l ordi ... je voulais formater mon ordi ms ac un peu de chance un de vs pourra m aider avt la solution extreme!!
alors voici le rapport ke ad-aware m a fait si ca peu vous aider a m aider!!! ce n est pas le seul virus a bord!!! dc si vs avez des solutions pr les autres c deja ca!!! un ts gd merci a vs!
Ad-Aware SE Build 1.05
Logfile Created on:samedi 3 décembre 2005 15:58:24
Using definitions file:SE1R77 30.11.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Abox(TAC index:6):2 total references
MRU List(TAC index:0):28 total references
Tracking Cookie(TAC index:3):38 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan within archives
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Ignore spanned files when scanning cab archives
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Block pop-ups aggressively
Set : Automatically select problematic objects in results lists
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Show splash screen
Set : Backup current definitions file before updating
Set : Play sound at scan completion if scan locates critical objects
3-12-2005 15:58:24 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : D:\Documents and Settings\Administrateur\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles
Description : list of recently used files in adobe reader
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\ahead\nero - burning rom\recent file list
Description : list of recently used files in nero burning rom
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\clipart gallery\2.0\mrudescription
Description : most recently used description in microsoft clipart gallery
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\mediaplayer\medialibraryui
Description : last selected node in the microsoft windows media player media library
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\mediaplayer\player\settings
Description : last open directory used in jasc paint shop pro
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\office\9.0\excel\recent files
Description : list of recent files used by microsoft excel
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\office\9.0\powerpoint\recent file list
Description : list of recent files used by microsoft powerpoint
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\windows\currentversion\applets\paint\recent file list
Description : list of files recently opened using microsoft paint
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\realnetworks\realplayer\6.0\preferences
Description : list of recent skins in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\realnetworks\realplayer\6.0\preferences
Description : list of recent clips in realplayer
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
MRU List Object Recognized!
Location: : S-1-5-21-1844237615-1972579041-682003330-500\software\winrar\dialogedithistory\extrpath
Description : winrar "extract-to" history
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 380
ThreadCreationTime : 3-12-2005 14:18:10
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\D:\WINDOWS\system32\
ProcessID : 636
ThreadCreationTime : 3-12-2005 14:19:40
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\D:\WINDOWS\system32\
ProcessID : 660
ThreadCreationTime : 3-12-2005 14:19:41
BasePriority : High
#:4 [services.exe]
FilePath : D:\WINDOWS\system32\
ProcessID : 704
ThreadCreationTime : 3-12-2005 14:19:42
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : D:\WINDOWS\system32\
ProcessID : 716
ThreadCreationTime : 3-12-2005 14:19:42
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : D:\WINDOWS\system32\
ProcessID : 876
ThreadCreationTime : 3-12-2005 14:19:43
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 900
ThreadCreationTime : 3-12-2005 14:19:44
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1084
ThreadCreationTime : 3-12-2005 14:19:45
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1108
ThreadCreationTime : 3-12-2005 14:19:45
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [spoolsv.exe]
FilePath : D:\WINDOWS\system32\
ProcessID : 1276
ThreadCreationTime : 3-12-2005 14:19:46
BasePriority : Normal
FileVersion : 5.1.2600.0 (XPClient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:11 [aswupdsv.exe]
FilePath : D:\Program Files\Alwil Software\Avast4\
ProcessID : 1404
ThreadCreationTime : 3-12-2005 14:19:47
BasePriority : Normal
#:12 [ashserv.exe]
FilePath : D:\Program Files\Alwil Software\Avast4\
ProcessID : 1432
ThreadCreationTime : 3-12-2005 14:19:48
BasePriority : High
FileVersion : 4, 6, 695, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright (c) 2005 ALWIL Software
OriginalFilename : aswServ.exe
#:13 [smagent.exe]
FilePath : D:\Program Files\Analog Devices\SoundMAX\
ProcessID : 1504
ThreadCreationTime : 3-12-2005 14:19:49
BasePriority : Normal
FileVersion : 3, 2, 6, 0
ProductVersion : 3, 2, 6, 0
ProductName : SoundMAX service agent
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX service agent component
InternalName : SMAgent
LegalCopyright : Copyright © 2002
OriginalFilename : SMAgent.exe
#:14 [svchost.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1520
ThreadCreationTime : 3-12-2005 14:19:49
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:15 [wdfmgr.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1536
ThreadCreationTime : 3-12-2005 14:19:49
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:16 [explorer.exe]
FilePath : D:\WINDOWS\
ProcessID : 1840
ThreadCreationTime : 3-12-2005 14:19:52
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE
#:17 [rundll32.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 160
ThreadCreationTime : 3-12-2005 14:19:57
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Exécuter une DLL en tant qu'application
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : RUNDLL.EXE
#:18 [notifyphonebook.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 204
ThreadCreationTime : 3-12-2005 14:19:58
BasePriority : Normal
#:19 [tgcmd.exe]
FilePath : D:\Program Files\Support.com\bin\
ProcessID : 224
ThreadCreationTime : 3-12-2005 14:19:59
BasePriority : Normal
FileVersion : 5,6,1039,0
ProductVersion : 5,6,1039,0
ProductName : Support.com Scheduler and Command Dispatcher
CompanyName : SupportSoft, Inc.
FileDescription : Support.com Scheduler and Command Dispatcher
InternalName : TGCMD
LegalCopyright : Copyright 1997-2069 SupportSoft
OriginalFilename : TGCMD.EXE
#:20 [realsched.exe]
FilePath : D:\Program Files\Fichiers communs\Real\Update_OB\
ProcessID : 208
ThreadCreationTime : 3-12-2005 14:20:00
BasePriority : Normal
FileVersion : 0.1.0.3208
ProductVersion : 0.1.0.3208
ProductName : RealPlayer (32-bit)
CompanyName : RealNetworks, Inc.
FileDescription : RealNetworks Scheduler
InternalName : schedapp
LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004
LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc.
OriginalFilename : realsched.exe
#:21 [ashwebsv.exe]
FilePath : D:\Program Files\Alwil Software\Avast4\
ProcessID : 424
ThreadCreationTime : 3-12-2005 14:20:03
BasePriority : Normal
#:22 [hpgs2wnd.exe]
FilePath : D:\Program Files\Hewlett-Packard\HP Share-to-Web\
ProcessID : 440
ThreadCreationTime : 3-12-2005 14:20:04
BasePriority : Normal
FileVersion : 2,3,0,0\ 161
ProductVersion : 2,3,0,0\ 161
ProductName : Hewlett-Packard hpgs2wnd
CompanyName : Hewlett-Packard
FileDescription : hpgs2wnd
InternalName : hpgs2wnd
LegalCopyright : Copyright © 2001
OriginalFilename : hpgs2wnd.exe
#:23 [smtray.exe]
FilePath : D:\Program Files\Analog Devices\SoundMAX\
ProcessID : 488
ThreadCreationTime : 3-12-2005 14:20:04
BasePriority : Normal
FileVersion : 3, 2, 12, 0
ProductVersion : 3, 2, 12, 0
ProductName : SoundMAX Integrated Digital Audio
CompanyName : Analog Devices, Inc.
FileDescription : SoundMAX System Tray
InternalName : SMTray
LegalCopyright : Copyright © 2001 Analog Devices
OriginalFilename : SMTray.exe
#:24 [msgplus.exe]
FilePath : D:\Program Files\MessengerPlus! 3\
ProcessID : 516
ThreadCreationTime : 3-12-2005 14:20:05
BasePriority : Normal
#:25 [qttask.exe]
FilePath : D:\Program Files\QuickTime\
ProcessID : 532
ThreadCreationTime : 3-12-2005 14:20:06
BasePriority : Normal
FileVersion : 6.0.2
ProductVersion : QuickTime 6.0.2
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2002
OriginalFilename : QTTask.exe
#:26 [hpwuschd.exe]
FilePath : D:\Program Files\Hewlett-Packard\HP Software Update\
ProcessID : 580
ThreadCreationTime : 3-12-2005 14:20:07
BasePriority : Normal
FileVersion : 1, 0, 0, 3
ProductVersion : 1, 0, 0, 3
ProductName : Hewlett-Packard hpwuSchd
CompanyName : Hewlett-Packard
FileDescription : hpwuSchd
InternalName : hpwuSchd
LegalCopyright : Copyright © 2003
OriginalFilename : hpwuSchd.exe
#:27 [ashdisp.exe]
FilePath : D:\PROGRA~1\ALWILS~1\Avast4\
ProcessID : 592
ThreadCreationTime : 3-12-2005 14:20:08
BasePriority : Normal
FileVersion : 4, 6, 695, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright (c) 2005 ALWIL Software
OriginalFilename : aswDisp.exe
#:28 [copypad32.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 620
ThreadCreationTime : 3-12-2005 14:20:11
BasePriority : Normal
#:29 [av32.pif]
FilePath : D:\WINDOWS\System32\
ProcessID : 956
ThreadCreationTime : 3-12-2005 14:20:12
BasePriority : Normal
#:30 [ctfmon.exe]
FilePath : D:\WINDOWS\System32\
ProcessID : 1004
ThreadCreationTime : 3-12-2005 14:20:12
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:31 [voissanopubs.exe]
FilePath : D:\Program Files\VoissaNoPubs\
ProcessID : 1128
ThreadCreationTime : 3-12-2005 14:20:13
BasePriority : Normal
FileVersion : 2.0.0.0
ProductVersion : 2.0.0.0
CompanyName : Voissa.com
LegalCopyright : Cedrat Net
#:32 [ashmaisv.exe]
FilePath : D:\Program Files\Alwil Software\Avast4\
ProcessID : 1156
ThreadCreationTime : 3-12-2005 14:20:13
BasePriority : Normal
#:33 [hpgs2wnf.exe]
FilePath : D:\Program Files\Hewlett-Packard\HP Share-to-Web\
ProcessID : 1164
ThreadCreationTime : 3-12-2005 14:20:14
BasePriority : Normal
FileVersion : 2, 6, 0, 161
ProductVersion : 2, 6, 0, 161
ProductName : hpgs2wnf Module
FileDescription : hpgs2wnf Module
InternalName : hpgs2wnf
LegalCopyright : Copyright 2001
OriginalFilename : hpgs2wnf.EXE
#:34 [wcescomm.exe]
FilePath : D:\Program Files\Microsoft ActiveSync\
ProcessID : 1756
ThreadCreationTime : 3-12-2005 14:20:17
BasePriority : Normal
FileVersion : 3.5.0.12007
ProductVersion : 3.5.12007
ProductName : Microsoft ActiveSync
CompanyName : Microsoft Corporation
FileDescription : Connection Manager
InternalName : wcescomm
LegalCopyright : Copyright © 1995-2001 Microsoft Corp. All rights reserved.
LegalTrademarks : Microsoft® and Windows® are registered trademarks of Microsoft Corporation.
OriginalFilename : WCESCOMM.EXE
#:35 [iexplore.exe]
FilePath : d:\progra~1\intern~1\
ProcessID : 1592
ThreadCreationTime : 3-12-2005 14:20:17
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : IEXPLORE.EXE
#:36 [iexplore.exe]
FilePath : D:\Program Files\Internet Explorer\
ProcessID : 2124
ThreadCreationTime : 3-12-2005 14:20:19
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : IEXPLORE.EXE
#:37 [hpqtra08.exe]
FilePath : D:\Program Files\Hewlett-Packard\Digital Imaging\bin\
ProcessID : 2256
ThreadCreationTime : 3-12-2005 14:20:22
BasePriority : Normal
FileVersion : 5.35.0.035
ProductVersion : 005.035.000.035
ProductName : hp digital imaging - hp all-in-one series
CompanyName : Hewlett-Packard Co.
FileDescription : HP Digital Imaging Monitor (CUE)
InternalName : HPQTRA00
LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2001
OriginalFilename : HPQTRA00.EXE
Comments : HP Digital Imaging Monitor (CUE)
#:38 [msnmsgr.exe]
FilePath : D:\Program Files\MSN Messenger\
ProcessID : 2264
ThreadCreationTime : 3-12-2005 14:20:22
BasePriority : Normal
FileVersion : 7.5.0311
ProductVersion : 7.5.0311
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe
#:39 [wmplayer.exe]
FilePath : D:\Program Files\Windows Media Player\
ProcessID : 2480
ThreadCreationTime : 3-12-2005 14:21:07
BasePriority : Normal
FileVersion : 10.00.00.3646
ProductVersion : 10.00.00.3646
ProductName : Lecteur Windows Media Microsoft(R)
CompanyName : Microsoft Corporation
FileDescription : Lecteur Windows Media
InternalName : WMPLAYER.EXE
LegalCopyright : (C) Microsoft Corporation. Tous droits réservés.
OriginalFilename : WMPLAYER.EXE
#:40 [iexplore.exe]
FilePath : D:\Program Files\Internet Explorer\
ProcessID : 3860
ThreadCreationTime : 3-12-2005 14:35:50
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : IEXPLORE.EXE
#:41 [ad-aware.exe]
FilePath : D:\Program Files\Lavasoft\Ad-Aware SE Professional\
ProcessID : 4720
ThreadCreationTime : 3-12-2005 14:57:45
BasePriority : Normal
FileVersion : 6.2.0.208
ProductVersion : VI.Second Edition
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 28
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@ads.multimania.lycos[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrateur@ads.multimania.lycos.fr/
Expires : 3-12-2005 20:31:06
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@cgi-bin[2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:administrateur@imrworldwide.com/cgi-bin
Expires : 29-11-2015 19:12:56
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@fastclick[2].txt
Category : Data Miner
Comment : Hits:8
Value : Cookie:administrateur@fastclick.net/
Expires : 3-12-2007 15:42:06
LastSync : Hits:8
UseCount : 0
Hits : 8
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@estat[1].txt
Category : Data Miner
Comment : Hits:17
Value : Cookie:administrateur@estat.com/
Expires : 30-11-2015 18:12:04
LastSync : Hits:17
UseCount : 0
Hits : 17
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@etype.adbureau[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrateur@etype.adbureau.net/
Expires : 1-03-2007 1:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@beweb[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:administrateur@beweb.com/
Expires : 1-02-2007 1:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@serving-sys[2].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:administrateur@serving-sys.com/
Expires : 31-12-2037 23:00:00
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@www.smartadserver[2].txt
Category : Data Miner
Comment : Hits:14
Value : Cookie:administrateur@www.smartadserver.com/
Expires : 28-11-2025 14:32:52
LastSync : Hits:14
UseCount : 0
Hits : 14
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@as-eu.falkag[2].txt
Category : Data Miner
Comment : Hits:16
Value : Cookie:administrateur@as-eu.falkag.net/
Expires : 2-12-2006 20:34:44
LastSync : Hits:16
UseCount : 0
Hits : 16
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@metriweb[1].txt
Category : Data Miner
Comment : Hits:24
Value : Cookie:administrateur@metriweb.be/
Expires : 1-12-2006 19:09:26
LastSync : Hits:24
UseCount : 0
Hits : 24
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@ayb.lop[1].txt
Category : Data Miner
Comment : Hits:6
Value : Cookie:administrateur@ayb.lop.com/
Expires : 2-12-2006 16:59:16
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@www.lop[1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:administrateur@www.lop.com/
Expires : 1-12-2006 18:00:46
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@atdmt[2].txt
Category : Data Miner
Comment : Hits:12
Value : Cookie:administrateur@atdmt.com/
Expires : 30-11-2010 1:00:00
LastSync : Hits:12
UseCount : 0
Hits : 12
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@revenue[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:administrateur@revenue.net/
Expires : 10-06-2022 6:05:42
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@lop[1].txt
Category : Data Miner
Comment : Hits:9
Value : Cookie:administrateur@lop.com/
Expires : 2-12-2006 19:19:22
LastSync : Hits:9
UseCount : 0
Hits : 9
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@247realmedia[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrateur@247realmedia.com/
Expires : 1-01-2021 1:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@doubleclick[1].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:administrateur@doubleclick.net/
Expires : 30-11-2008 19:15:22
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@hitbox[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:administrateur@hitbox.com/
Expires : 1-12-2006 19:15:24
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@ehg-systran.hitbox[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrateur@ehg-systran.hitbox.com/
Expires : 1-12-2006 19:15:24
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@advertising[1].txt
Category : Data Miner
Comment : Hits:9
Value : Cookie:administrateur@advertising.com/
Expires : 1-12-2010 20:35:24
LastSync : Hits:9
UseCount : 0
Hits : 9
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@2o7[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:administrateur@2o7.net/
Expires : 1-12-2010 22:43:04
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@bluestreak[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:administrateur@bluestreak.com/
Expires : 1-12-2015 8:45:50
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@mediaplex[1].txt
Category : Data Miner
Comment : Hits:7
Value : Cookie:administrateur@mediaplex.com/
Expires : 22-06-2009 1:00:00
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@apmebf[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:administrateur@apmebf.com/
Expires : 1-12-2010 20:25:22
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@bluestreak[1].txt
Category : Data Miner
Comment : Hits:4
Value : Cookie:administrateur@bluestreak.com/
Expires : 1-12-2015 8:45:50
LastSync : Hits:4
UseCount : 0
Hits : 4
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@images.lop[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:anyuser@images.lop.com/
Expires : 30-11-2005 19:42:20
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@promo.casinotropez[1].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:administrateur@promo.casinotropez.com/
Expires : 21-11-2010 7:41:04
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@cgi-bin[2].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:administrateur@imrworldwide.com/cgi-bin
Expires : 29-11-2015 19:12:56
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@as1.falkag[2].txt
Category : Data Miner
Comment : Hits:5
Value : Cookie:administrateur@as1.falkag.de/
Expires : 20-12-2005 16:13:34
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : anyuser@ayb.lop[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:anyuser@ayb.lop.com/
Expires : 27-11-2006 12:34:02
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@weborama[2].txt
Category : Data Miner
Comment : Hits:11
Value : Cookie:administrateur@weborama.fr/
Expires : 22-11-2010 15:05:18
LastSync : Hits:11
UseCount : 0
Hits : 11
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@www.smartadserver[1].txt
Category : Data Miner
Comment : Hits:24
Value : Cookie:administrateur@www.smartadserver.com/
Expires : 26-11-2025 10:44:40
LastSync : Hits:24
UseCount : 0
Hits : 24
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@2o7[1].txt
Category : Data Miner
Comment : Hits:3
Value : Cookie:administrateur@2o7.net/
Expires : 1-12-2010 22:43:04
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@sel.as-eu.falkag[1].txt
Category : Data Miner
Comment : Hits:1
Value : Cookie:administrateur@sel.as-eu.falkag.net/
Expires : 23-12-2005 15:02:50
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@apmebf[2].txt
Category : Data Miner
Comment : Hits:2
Value : Cookie:administrateur@apmebf.com/
Expires : 1-12-2010 20:25:22
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 35
Objects found so far: 63
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 63
Deep scanning and examining files (D:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@lop[1].txt
Category : Data Miner
Comment :
Value : D:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@lop[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@fastclick[2].txt
Category : Data Miner
Comment :
Value : D:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@fastclick[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : administrateur@revenue[2].txt
Category : Data Miner
Comment :
Value : D:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@revenue[2].txt
Abox Object Recognized!
Type : File
Data : A0154985.exe
Category : Malware
Comment :
Object : D:\System Volume Information\_restore{78D19D50-2F18-45A7-B401-104625358C4B}\RP268\
FileVersion : 1.00
ProductVersion : 1.00
ProductName : Progetto1
CompanyName : 7H
InternalName : logon3
OriginalFilename : logon3.exe
Abox Object Recognized!
Type : File
Data : A0154986.exe
Category : Malware
Comment :
Object : D:\System Volume Information\_restore{78D19D50-2F18-45A7-B401-104625358C4B}\RP268\
FileVersion : 1.00
ProductVersion : 1.00
ProductName : Progetto1
CompanyName : 7H
InternalName : ABox5
OriginalFilename : ABox5.exe
Disk Scan Result for D:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 68
Scanning Hosts file......
Hosts file location:"D:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 68
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 68
16:09:23 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:10:58.766
Objects scanned:128668
Objects identified:40
Objects ignored:0
New critical objects:40
merci !!!!
