A voir également:
- Trojan horse
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Anti trojan - Télécharger - Antivirus & Antimalwares
- Csrss.exe trojan fr ✓ - Forum Virus
- Virus trojan al11 ✓ - Forum Virus
- Trojan win32 - Forum Virus
19 réponses
salut,
tu es peut etre timide ou tu es peut etre lent a taper mais ne crois tu pas que si tu nous exposer un peu plus ton probleme, nos recherches seront plus ciblées , ce qui permettrait de resoudre ton probleme rapidement et efficacement non?
si tu veux je t aide !!
Quel systeme d exploitation?
As tu un pare feu?
as tu spybot et/ou ad aware?
Quel est ton anti virus?
qui te signale ce trojan?
Voila je t ai orienté maintenant repond moi a ceci
Merci, bon courage
tu es peut etre timide ou tu es peut etre lent a taper mais ne crois tu pas que si tu nous exposer un peu plus ton probleme, nos recherches seront plus ciblées , ce qui permettrait de resoudre ton probleme rapidement et efficacement non?
si tu veux je t aide !!
Quel systeme d exploitation?
As tu un pare feu?
as tu spybot et/ou ad aware?
Quel est ton anti virus?
qui te signale ce trojan?
Voila je t ai orienté maintenant repond moi a ceci
Merci, bon courage
1-xp
2-norton antivirus
3-
nom de l'objet c\windows\systeme32\nfip.exe
nom deu virus trojan horse
action effectuée impossible de réparer ce fichier
j'est appuyer ok
nom de l'objet c\windows\systeme32\nfip.exe
nom deu virus trojan horse
action effectuée l'accès au fichier a été refusé
ok
nom de l'objet c\windows\appgz.exe
nom deu virus trojan horse
action effectuée impossible de réparer ce fichier
ok
nom de l'objet c\windows\appgz.exe
nom deu virus trojan horse
action effectuée l'accès au fichier a été refusé
ok
4- pas spybot et je ne sait c'est qoui pare feu,
dernere analyse
Incident Status Location
Adware:Adware/MyWebSearch No disinfected C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll
Adware:Adware/MyWebSearch No disinfected C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
Adware:Adware/FunWeb No disinfected C:\Program Files\MSN Messenger\RICHED20.dll
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
Adware:Adware/MyWebSearch No disinfected C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
Adware:Adware/SaveNow No disinfected Windows Registry
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII
Adware:Adware/nCase No disinfected C:\Temp\FLEOK
Spyware:Spyware/Dyfuca No disinfected Windows Registry
Spyware:Spyware/ISTbar No disinfected C:\Program Files\ISTbar
Adware:Adware/PowerScan No disinfected Windows Registry
Adware:Adware/SAHAgent No disinfected C:\DOCUME~1\AZAHAQ\LOCALS~1\Temp\SAHUpdate
Adware:Adware/CWS No disinfected C:\Documents and Settings\AZAHAQ\Favoris\Fun & Games\Betting.lnk
Adware:Adware/BHO No disinfected Windows Registry
Adware:Adware/Apropos No disinfected C:\DOCUME~1\AZAHAQ\LOCALS~1\Temp\cfout.txt
Adware:Adware/SearchAid No disinfected Windows Registry
Adware:Adware/SideFind No disinfected C:\Program Files\SideFind
Adware:Adware/NavHelper No disinfected Windows Registry
Adware:Adware/Comet No disinfected C:\Program Files\Comet
Adware:Adware/Alexa-Toolbar No disinfected C:\Program Files\Alexa Toolbar
Adware:Adware/WUpd No disinfected C:\Program Files\Media Access
Spyware:Spyware/YourSiteBar No disinfected Windows Registry
Spyware:Spyware/Petro-Line No disinfected C:\WINDOWS\Downloaded Program Files\inst2.dll
Adware:Adware/CWS.Aboutblank No disinfected Windows Registry
Virus:Trj/Lowzones.BV Disinfected C:\Documents and Settings\AZAHAQ\Application Data\sgrunt\disinstalla.htm
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\aj8sml3fo_.exe
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\h63v2629j_.exe
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\lcp4q80t9_.dll
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\setup4003.cab[lcp4q80t9_.dll]
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\setup4003.cab[aj8sml3fo_.exe]
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\setup4003.cab[uu1en13ec_.exe]
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\setup4003.cab[h63v2629j_.exe]
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\uu1en13ec_.exe
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Update\supdate.cab[comutil.dll]
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Update\supdate.cab[csadzap.dll]
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Update\supdate.cab[csinst.dll]
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Update\supdate.cab[cstray.exe]
Adware:Adware/Sqwire No disinfected C:\Program Files\common files\romw\romwd\romwc.dll
Adware:Adware/Gator No disinfected C:\Program Files\DashBar\DbAu.exe
Adware:Adware/Gator No disinfected C:\Program Files\DashBar\DBUninstaller.exe
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII\CMEIIAPI.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII\GIocl.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII\GIoclClient.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII\GObjs.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII\GStore.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII\GStoreServer.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\GMT\DashBar.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\GMT\gtrawbm.fil
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\jplelall\hraarthn\ndlbbtlt.exe
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\jplelall\jjfatlcjda\eblpbhjcr.exe
Adware:Adware/WUpd No disinfected C:\Program Files\Media Access\MediaAccC.dll
Adware:Adware/FunWeb No disinfected C:\Program Files\MSN Messenger\riched20.dll
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
Adware:Adware/MyWebSearch No disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
Adware:Adware/MyWebSearch No disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
Adware:Adware/MyWebSearch No disinfected C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
Adware:Adware/MyWebSearch No disinfected C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
Adware:Adware/MyWebSearch No disinfected C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
Adware:Adware/SideFind No disinfected C:\Program Files\SideFind\sfbho.dll
Adware:Adware/Gator No disinfected C:\Program Files\WebSecureAlert\WebSecureAlert.exe
Adware:Adware/Gator No disinfected C:\Program Files\WebSecureAlert\WSAHelper.dll
Adware:Adware/FunWeb No disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.8-2.inf
Spyware:Spyware/Petro-Line No disinfected C:\WINDOWS\Downloaded Program Files\inst2.dll
Spyware:Spyware/Petro-Line No disinfected C:\WINDOWS\Downloaded Program Files\inst2.inf
Adware:Adware/123Messenger No disinfected C:\WINDOWS\Downloaded Program Files\msa64chk.inf
Spyware:Spyware/Dyfuca No disinfected C:\WINDOWS\Downloaded Program Files\UniDist.inf
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\2b3fsk0h.dll
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\bln02nqv.exe
Adware:Adware/FunWeb No disinfected C:\WINDOWS\system32\f3PSSavr.scr
Spyware:Spyware/ISTbar No disinfected C:\WINDOWS\system32\tsuninst.exe
Adware:Adware/EasySearch No disinfected C:\WINDOWS\wdzhv.dll
Adware:Adware/Trymedia No disinfected F:\logiciel téléchargé\HongKong_Mahjong1024-dm.exe
Adware:Adware/Trymedia No disinfected F:\logiciel téléchargé\Bej2Setup_TryGames-dm.exe
Adware:Adware/Trymedia No disinfected F:\logiciel téléchargé\Hitman2SilentAssassinSetup-dm.exe
Adware:Adware/Trymedia No disinfected F:\logiciel téléchargé\WormsFortsSetup-dm.exe
Adware:Adware/Trymedia No disinfected F:\logiciel téléchargé\Nouveau dossier\WildfireSetup-dm 1.exe
2-norton antivirus
3-
nom de l'objet c\windows\systeme32\nfip.exe
nom deu virus trojan horse
action effectuée impossible de réparer ce fichier
j'est appuyer ok
nom de l'objet c\windows\systeme32\nfip.exe
nom deu virus trojan horse
action effectuée l'accès au fichier a été refusé
ok
nom de l'objet c\windows\appgz.exe
nom deu virus trojan horse
action effectuée impossible de réparer ce fichier
ok
nom de l'objet c\windows\appgz.exe
nom deu virus trojan horse
action effectuée l'accès au fichier a été refusé
ok
4- pas spybot et je ne sait c'est qoui pare feu,
dernere analyse
Incident Status Location
Adware:Adware/MyWebSearch No disinfected C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoestb.dll
Adware:Adware/MyWebSearch No disinfected C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
Adware:Adware/FunWeb No disinfected C:\Program Files\MSN Messenger\RICHED20.dll
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
Adware:Adware/MyWebSearch No disinfected C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
Adware:Adware/SaveNow No disinfected Windows Registry
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII
Adware:Adware/nCase No disinfected C:\Temp\FLEOK
Spyware:Spyware/Dyfuca No disinfected Windows Registry
Spyware:Spyware/ISTbar No disinfected C:\Program Files\ISTbar
Adware:Adware/PowerScan No disinfected Windows Registry
Adware:Adware/SAHAgent No disinfected C:\DOCUME~1\AZAHAQ\LOCALS~1\Temp\SAHUpdate
Adware:Adware/CWS No disinfected C:\Documents and Settings\AZAHAQ\Favoris\Fun & Games\Betting.lnk
Adware:Adware/BHO No disinfected Windows Registry
Adware:Adware/Apropos No disinfected C:\DOCUME~1\AZAHAQ\LOCALS~1\Temp\cfout.txt
Adware:Adware/SearchAid No disinfected Windows Registry
Adware:Adware/SideFind No disinfected C:\Program Files\SideFind
Adware:Adware/NavHelper No disinfected Windows Registry
Adware:Adware/Comet No disinfected C:\Program Files\Comet
Adware:Adware/Alexa-Toolbar No disinfected C:\Program Files\Alexa Toolbar
Adware:Adware/WUpd No disinfected C:\Program Files\Media Access
Spyware:Spyware/YourSiteBar No disinfected Windows Registry
Spyware:Spyware/Petro-Line No disinfected C:\WINDOWS\Downloaded Program Files\inst2.dll
Adware:Adware/CWS.Aboutblank No disinfected Windows Registry
Virus:Trj/Lowzones.BV Disinfected C:\Documents and Settings\AZAHAQ\Application Data\sgrunt\disinstalla.htm
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\aj8sml3fo_.exe
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\h63v2629j_.exe
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\lcp4q80t9_.dll
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\setup4003.cab[lcp4q80t9_.dll]
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\setup4003.cab[aj8sml3fo_.exe]
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\setup4003.cab[uu1en13ec_.exe]
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\setup4003.cab[h63v2629j_.exe]
Adware:Adware/SAHAgent No disinfected C:\Documents and Settings\AZAHAQ\Local Settings\Temp\SahUpdate\uu1en13ec_.exe
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Update\supdate.cab[comutil.dll]
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Update\supdate.cab[csadzap.dll]
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Update\supdate.cab[csinst.dll]
Adware:Adware/Comet No disinfected C:\Program Files\Comet\Update\supdate.cab[cstray.exe]
Adware:Adware/Sqwire No disinfected C:\Program Files\common files\romw\romwd\romwc.dll
Adware:Adware/Gator No disinfected C:\Program Files\DashBar\DbAu.exe
Adware:Adware/Gator No disinfected C:\Program Files\DashBar\DBUninstaller.exe
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII\CMEIIAPI.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII\GIocl.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII\GIoclClient.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII\GObjs.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII\GStore.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\CMEII\GStoreServer.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\GMT\DashBar.dll
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\GMT\gtrawbm.fil
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\jplelall\hraarthn\ndlbbtlt.exe
Adware:Adware/Gator No disinfected C:\Program Files\Fichiers communs\jplelall\jjfatlcjda\eblpbhjcr.exe
Adware:Adware/WUpd No disinfected C:\Program Files\Media Access\MediaAccC.dll
Adware:Adware/FunWeb No disinfected C:\Program Files\MSN Messenger\riched20.dll
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3CJPEG.DLL
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3PSSAVR.SCR
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3RESTUB.DLL
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3SCHMON.EXE
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL
Adware:Adware/MyWebSearch No disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL
Adware:Adware/MyWebSearch No disinfected C:\Program Files\MyWebSearch\bar\1.bin\M3SKIN.DLL
Adware:Adware/MyWebSearch No disinfected C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
Adware:Adware/FunWeb No disinfected C:\Program Files\MyWebSearch\bar\1.bin\MWSOEPLG.DLL
Adware:Adware/MyWebSearch No disinfected C:\Program Files\MyWebSearch\bar\1.bin\MWSOESTB.DLL
Adware:Adware/MyWebSearch No disinfected C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
Adware:Adware/SideFind No disinfected C:\Program Files\SideFind\sfbho.dll
Adware:Adware/Gator No disinfected C:\Program Files\WebSecureAlert\WebSecureAlert.exe
Adware:Adware/Gator No disinfected C:\Program Files\WebSecureAlert\WSAHelper.dll
Adware:Adware/FunWeb No disinfected C:\WINDOWS\Downloaded Program Files\f3initialsetup1.0.0.8-2.inf
Spyware:Spyware/Petro-Line No disinfected C:\WINDOWS\Downloaded Program Files\inst2.dll
Spyware:Spyware/Petro-Line No disinfected C:\WINDOWS\Downloaded Program Files\inst2.inf
Adware:Adware/123Messenger No disinfected C:\WINDOWS\Downloaded Program Files\msa64chk.inf
Spyware:Spyware/Dyfuca No disinfected C:\WINDOWS\Downloaded Program Files\UniDist.inf
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\2b3fsk0h.dll
Adware:Adware/SAHAgent No disinfected C:\WINDOWS\system32\bln02nqv.exe
Adware:Adware/FunWeb No disinfected C:\WINDOWS\system32\f3PSSavr.scr
Spyware:Spyware/ISTbar No disinfected C:\WINDOWS\system32\tsuninst.exe
Adware:Adware/EasySearch No disinfected C:\WINDOWS\wdzhv.dll
Adware:Adware/Trymedia No disinfected F:\logiciel téléchargé\HongKong_Mahjong1024-dm.exe
Adware:Adware/Trymedia No disinfected F:\logiciel téléchargé\Bej2Setup_TryGames-dm.exe
Adware:Adware/Trymedia No disinfected F:\logiciel téléchargé\Hitman2SilentAssassinSetup-dm.exe
Adware:Adware/Trymedia No disinfected F:\logiciel téléchargé\WormsFortsSetup-dm.exe
Adware:Adware/Trymedia No disinfected F:\logiciel téléchargé\Nouveau dossier\WildfireSetup-dm 1.exe
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
ok, difficile de te suivre dans tes propos , normal?
alors fais cela deja:
lance un scan chez RAV :
http://www.ravantivirus.com/scan/
Clique sur "To continue without subscribing click here" et attends quelques minutes.
Lorsque "Ready" est affiché dans "status", coche la case "Autoclean" puis clique sur "Scan my PC"
A la fin de l'analyse, copie/colle le rapport ici
alors fais cela deja:
lance un scan chez RAV :
http://www.ravantivirus.com/scan/
Clique sur "To continue without subscribing click here" et attends quelques minutes.
Lorsque "Ready" est affiché dans "status", coche la case "Autoclean" puis clique sur "Scan my PC"
A la fin de l'analyse, copie/colle le rapport ici
vide tes fichiers temps et tempory internet file sur tous les utilisateur
utilise ceci pour le faire
http://pageperso.aol.fr/Balltrap34/CleanUp312.exe
-------------
installe ca, met a jour et scan tous ce qu il trouve:
Ad-Aware :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html
Le patch en Français pour Ad-Aware :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
Spybot :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html
--------------------------------------------------------------------------
lance un scan chez RAV :
http://www.ravantivirus.com/scan/
Clique sur "To continue without subscribing click here" et attends quelques minutes.
Lorsque "Ready" est affiché dans "status", coche la case "Autoclean" puis clique sur "Scan my PC"
A la fin de l'analyse, copie/colle le rapport ici
telecharge hijackthis:
http://www.merijn.org/files/hijackthis.zip
Dezippe le dans un dossier prévu a cet effet.
Par exemple C:\hijackthis
lance le puis:
clic sur "do a system scan and save logfile" et pas autre chose
fais un copier coller du log entier ici
Troell
utilise ceci pour le faire
http://pageperso.aol.fr/Balltrap34/CleanUp312.exe
-------------
installe ca, met a jour et scan tous ce qu il trouve:
Ad-Aware :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/11643.html
Le patch en Français pour Ad-Aware :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/25543.html
Spybot :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html
--------------------------------------------------------------------------
lance un scan chez RAV :
http://www.ravantivirus.com/scan/
Clique sur "To continue without subscribing click here" et attends quelques minutes.
Lorsque "Ready" est affiché dans "status", coche la case "Autoclean" puis clique sur "Scan my PC"
A la fin de l'analyse, copie/colle le rapport ici
telecharge hijackthis:
http://www.merijn.org/files/hijackthis.zip
Dezippe le dans un dossier prévu a cet effet.
Par exemple C:\hijackthis
lance le puis:
clic sur "do a system scan and save logfile" et pas autre chose
fais un copier coller du log entier ici
Troell
Scan started at 04/19/2005 17:25:01
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\WINDOWS\Adulti.exe - Trojan:Win32/Dialer.B -> Infected
C:\WINDOWS\DirectX.log->ADS:tvwkae - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\jydng.dll - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\KB823559.log->ADS:eafwxa - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\KB842773.log->ADS:hifytv - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\lhoyh.dll - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\Q811630.log->ADS:nwbpjw - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\wdzhv.dll - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\_default.pif->ADS:cjgtwk - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\system32\gigay.dll - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\system32\kyqwx.dll - TrojanDownloader:Win32/WinShow.AK -> Suspicious
Scanned
============================
Objects: 35474
Directories: 4635
Archives: 935
Size(Kb): -1653965
Infected files: 1
Found
============================
Viruses found: 1
Suspicious files: 10
Disinfected files: 0
Mail files: 95
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\WINDOWS\Adulti.exe - Trojan:Win32/Dialer.B -> Infected
C:\WINDOWS\DirectX.log->ADS:tvwkae - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\jydng.dll - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\KB823559.log->ADS:eafwxa - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\KB842773.log->ADS:hifytv - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\lhoyh.dll - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\Q811630.log->ADS:nwbpjw - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\wdzhv.dll - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\_default.pif->ADS:cjgtwk - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\system32\gigay.dll - TrojanDownloader:Win32/WinShow.AK -> Suspicious
C:\WINDOWS\system32\kyqwx.dll - TrojanDownloader:Win32/WinShow.AK -> Suspicious
Scanned
============================
Objects: 35474
Directories: 4635
Archives: 935
Size(Kb): -1653965
Infected files: 1
Found
============================
Viruses found: 1
Suspicious files: 10
Disinfected files: 0
Mail files: 95
Logfile of HijackThis v1.99.1
Scan saved at 18:02:14, on 04/19/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\PROGRA~1\NORTON~2\NORTON~3\GHOSTS~2.EXE
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\locator.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Documents and Settings\AZAHAQ\Application Data\sgrunt\IE4321.exe
C:\Program Files\SpamBlockerUtility\Bin\4.6.1.0\SbOEAddOn.exe
C:\PROGRA~1\SPAMBL~1\Bin\461~1.0\SBInst.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\SpamBlockerUtility\Bin\4.6.1.0\SbWeatherOnTray.exe
C:\windows\system32\iutjqcknd.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\syslm32.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Fichiers communs\GMT\GMT.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\RECYCLER\NPROTECT\00004699.EXE
C:\RECYCLER\NPROTECT\00004699.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\AZAHAQ\LOCALS~1\Temp\Rar$EX03.078\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O2 - BHO: (no name) - {C8F47880-52EF-4AA6-8D33-E43E9369AC13} - C:\WINDOWS\system32\iewy.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [Olympic] C:\Documents and Settings\AZAHAQ\Application Data\sgrunt\IE4321.exe
O4 - HKLM\..\Run: [SpamBlocker] C:\Program Files\SpamBlockerUtility\Bin\4.6.1.0\SbOEAddOn.exe
O4 - HKLM\..\Run: [Spam Blocker for Outlook Express] C:\PROGRA~1\SPAMBL~1\Bin\461~1.0\SBInst.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [QD FastAndSafe] C:\Program Files\Norton SystemWorks\Norton CleanSweep\QDCSFS.exe /démarrage /planificateur
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\SpamBlockerUtility\Bin\4.6.1.0\SbWeatherOnTray.exe
O4 - HKLM\..\Run: [Media Server] C:\Documents and Settings\AZAHAQ\Local Settings\Temp\RarSFX0\Media Jukebox\Media Server.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [iutjqcknd] c:\windows\system32\iutjqcknd.exe -start
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SpySpotter] C:\Program Files\SpySpotter\SpySpotter.exe
O4 - HKLM\..\Run: [syslm32.exe] C:\WINDOWS\system32\syslm32.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [crxs.exe] C:\WINDOWS\crxs.exe
O4 - HKLM\..\RunOnce: [d3ct.exe] C:\WINDOWS\d3ct.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [romw] C:\PROGRA~1\COMMON~1\romw\romwm.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Ted] C:\Program Files\Track Eraser Deluxe\ted.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Save with Download Manager... - C:\Program Files\J River\Media Jukebox\DMDownload.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\googletoolbar.dll/cmtrans.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: MP3Chansons - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\System32\MP3Chansons (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.4.0\ShprRprt.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.4.0\ShprRprt.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O15 - Trusted Zone: www.master69.biz
O15 - Trusted Zone: www.sgrunt.biz
O15 - Trusted Zone: www.xbeta69.com
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020050000} - http://212.239.40.73/cla/sms.exe
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://videohd.m6.fr.ipercast.net/installer-hidden.cab
O16 - DPF: {08C818C3-2F1E-11D0-9223-00A0244D2920} (ChartFX IE Client Object) - http://www.finaccess.co.ma/download/cfxax.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c18.cab
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} (InstallX Class) - http://www.20x2p.com/a054f6ce/enter.cab
O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} (PackageHTML) - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - http://akamai.downloadv3.com/binaries/IA/svcsysnet32_FR_XP.cab
O16 - DPF: {40289096-9F72-4A04-BCB3-E434ECDCEE33} (AppDLCtrl Class) - http://download.howudodat.com/chatterbox/download/appdl.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/2/fr/SysWebTelecomInt.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1111112517264
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://69.93.148.2:1995/talk.cab
O16 - DPF: {6B78B13A-6E99-4588-8EAB-C2399B202022} (iVocalize Web Conference 4 Setup) - http://www.aviamost.com/entrance/iv4.cab
O16 - DPF: {869518C3-FBA5-4D75-8A14-7047437E9498} (Jacques Class) - http://htmldialer.parisvoyeur.com/CABSPOLY/cd/1,0,3,8/fr/Bernadette.cab
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (SbInstObj) - http://installs.spamblockerutility.com/installs/spamblockerutility/programs/spamblockerutility.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {A7A9CFBE-98E6-4C37-BEC6-B060597B7831} (iVocalize Internet Conference 4 Setup) - http://www.aviamost.com/entrance/ivsetup4.cab
O16 - DPF: {AFCF364F-F730-4B1E-B2D5-80F9172FBC44} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1039_FR_XP.cab
O16 - DPF: {B24F0664-7DDA-40B6-B38C-A4FD68DE8685} - http://centra.englishtown.com/main/Install/en/US/CentraDownloader.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1058_XP.cab
O16 - DPF: {C1C3CC42-F029-49A2-91C2-C043DFAE3C96} (Samson Class) - http://htmldialer.parisvoyeur.com/CABSPOLY/cd/1,0,3,8/fr/Dalila.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {D9CA5D65-52BE-4790-BEA3-F3E2F5A76B02} - http://62.97.81.200/dll/clickweb.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/604067.exe
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B2F49FB} - http://www.sgrunt.biz/closer/close.exe
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\d3ai.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~3\GHOSTS~2.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Scan saved at 18:02:14, on 04/19/2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\PROGRA~1\NORTON~2\NORTON~3\GHOSTS~2.EXE
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\PROGRA~1\NETWOR~1\COMMON~1\naPrdMgr.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\locator.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe
C:\Documents and Settings\AZAHAQ\Application Data\sgrunt\IE4321.exe
C:\Program Files\SpamBlockerUtility\Bin\4.6.1.0\SbOEAddOn.exe
C:\PROGRA~1\SPAMBL~1\Bin\461~1.0\SBInst.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\SpamBlockerUtility\Bin\4.6.1.0\SbWeatherOnTray.exe
C:\windows\system32\iutjqcknd.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\WINDOWS\system32\syslm32.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Fichiers communs\GMT\GMT.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\RECYCLER\NPROTECT\00004699.EXE
C:\RECYCLER\NPROTECT\00004699.EXE
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\AZAHAQ\LOCALS~1\Temp\Rar$EX03.078\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\qowyy.dll/sp.html#45635
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O2 - BHO: (no name) - {C8F47880-52EF-4AA6-8D33-E43E9369AC13} - C:\WINDOWS\system32\iewy.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fr\msntb.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\ycomp5_5_7_0.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Norton SystemWorks\Norton Ghost\GhostStartTrayApp.exe
O4 - HKLM\..\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup
O4 - HKLM\..\Run: [Olympic] C:\Documents and Settings\AZAHAQ\Application Data\sgrunt\IE4321.exe
O4 - HKLM\..\Run: [SpamBlocker] C:\Program Files\SpamBlockerUtility\Bin\4.6.1.0\SbOEAddOn.exe
O4 - HKLM\..\Run: [Spam Blocker for Outlook Express] C:\PROGRA~1\SPAMBL~1\Bin\461~1.0\SBInst.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\fr\msnappau.exe"
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [QD FastAndSafe] C:\Program Files\Norton SystemWorks\Norton CleanSweep\QDCSFS.exe /démarrage /planificateur
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\SpamBlockerUtility\Bin\4.6.1.0\SbWeatherOnTray.exe
O4 - HKLM\..\Run: [Media Server] C:\Documents and Settings\AZAHAQ\Local Settings\Temp\RarSFX0\Media Jukebox\Media Server.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Fichiers communs\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [iutjqcknd] c:\windows\system32\iutjqcknd.exe -start
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [SpySpotter] C:\Program Files\SpySpotter\SpySpotter.exe
O4 - HKLM\..\Run: [syslm32.exe] C:\WINDOWS\system32\syslm32.exe
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\RunOnce: [crxs.exe] C:\WINDOWS\crxs.exe
O4 - HKLM\..\RunOnce: [d3ct.exe] C:\WINDOWS\d3ct.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [romw] C:\PROGRA~1\COMMON~1\romw\romwm.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Ted] C:\Program Files\Track Eraser Deluxe\ted.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - HKCU\..\Run: [SpyKiller] C:\Program Files\SpyKiller\spykiller.exe /startup
O4 - HKCU\..\Run: [BestPopUpKiller] C:\Program Files\BestPopUpKiller\BestPopupKiller.exe /startup
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Startup: RegFreeze.lnk = C:\Program Files\RegFreeze\regfreeze.exe
O4 - Global Startup: GStartup.lnk = C:\Program Files\Fichiers communs\GMT\GMT.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Mail to a Friend... - http://client.alexa.com/holiday/script/actions/mailto.htm
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Save with Download Manager... - C:\Program Files\J River\Media Jukebox\DMDownload.htm
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\googletoolbar.dll/cmtrans.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: MP3Chansons - {76DD9E77-F06C-4471-AB6C-CF03C5C6B5B0} - C:\WINDOWS\System32\MP3Chansons (file missing)
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.4.0\ShprRprt.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.4.0\ShprRprt.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O15 - Trusted Zone: www.master69.biz
O15 - Trusted Zone: www.sgrunt.biz
O15 - Trusted Zone: www.xbeta69.com
O15 - Trusted Zone: http://ny.contentmatch.net (HKLM)
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version5/Applet/vchatsign.cab
O16 - DPF: ppctlcab - http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 - DPF: Yahoo! MahJong Solitaire - http://download.games.yahoo.com/games/clients/y/mjst4_x.cab
O16 - DPF: Yahoo! Pool 2 - http://download.games.yahoo.com/games/clients/y/pote_x.cab
O16 - DPF: {00000000-0000-0000-0000-000020050000} - http://212.239.40.73/cla/sms.exe
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://videohd.m6.fr.ipercast.net/installer-hidden.cab
O16 - DPF: {08C818C3-2F1E-11D0-9223-00A0244D2920} (ChartFX IE Client Object) - http://www.finaccess.co.ma/download/cfxax.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c18.cab
O16 - DPF: {22A88341-AFCB-45F0-A856-C2BAE74F878E} (InstallX Class) - http://www.20x2p.com/a054f6ce/enter.cab
O16 - DPF: {2472DCCC-68CE-49DA-AA81-E7E6D83C1DFA} (PackageHTML) - http://acces.blonde.com/package/op/PackageHtmlCab.CAB
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {31DDC1FD-CEA3-4837-A6DC-87E67015ADC9} - http://akamai.downloadv3.com/binaries/IA/svcsysnet32_FR_XP.cab
O16 - DPF: {40289096-9F72-4A04-BCB3-E434ECDCEE33} (AppDLCtrl Class) - http://download.howudodat.com/chatterbox/download/appdl.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/2/fr/SysWebTelecomInt.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1111112517264
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {6924091F-CD97-41E1-B1D4-D9079409D413} (IMCv1 Control) - http://69.93.148.2:1995/talk.cab
O16 - DPF: {6B78B13A-6E99-4588-8EAB-C2399B202022} (iVocalize Web Conference 4 Setup) - http://www.aviamost.com/entrance/iv4.cab
O16 - DPF: {869518C3-FBA5-4D75-8A14-7047437E9498} (Jacques Class) - http://htmldialer.parisvoyeur.com/CABSPOLY/cd/1,0,3,8/fr/Bernadette.cab
O16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (SbInstObj) - http://installs.spamblockerutility.com/installs/spamblockerutility/programs/spamblockerutility.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) - http://www.ravantivirus.com/scan/ravonline.cab
O16 - DPF: {A7A9CFBE-98E6-4C37-BEC6-B060597B7831} (iVocalize Internet Conference 4 Setup) - http://www.aviamost.com/entrance/ivsetup4.cab
O16 - DPF: {AFCF364F-F730-4B1E-B2D5-80F9172FBC44} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1039_FR_XP.cab
O16 - DPF: {B24F0664-7DDA-40B6-B38C-A4FD68DE8685} - http://centra.englishtown.com/main/Install/en/US/CentraDownloader.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {BFC9677B-8006-4336-9D49-2C797AEFCB9E} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCESS_1058_XP.cab
O16 - DPF: {C1C3CC42-F029-49A2-91C2-C043DFAE3C96} (Samson Class) - http://htmldialer.parisvoyeur.com/CABSPOLY/cd/1,0,3,8/fr/Dalila.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://eu.download.games.yahoo.com/zylom/activex/zylomloader.cab
O16 - DPF: {D9CA5D65-52BE-4790-BEA3-F3E2F5A76B02} - http://62.97.81.200/dll/clickweb.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} - http://deposito.hostance.net/dialer/604067.exe
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} - http://www.sponsoradulto.com/cab/14/fr/SysWebTelecomInt.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab
O16 - DPF: {FFFF0003-0001-101A-A3C9-08002B2F49FB} - http://www.sgrunt.biz/closer/close.exe
O23 - Service: Network Security Service ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\system32\d3ai.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSetMgr.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~3\GHOSTS~2.EXE
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\NPROTECT.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton Antivirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
salut,
supprime ce qui est en gras !
C:\WINDOWS\Adulti.exe
C:\WINDOWS\DirectX.log
C:\WINDOWS\jydng.dll
C:\WINDOWS\KB823559.log
C:\WINDOWS\KB842773.log
C:\WINDOWS\lhoyh.dll
C:\WINDOWS\Q811630.log
C:\WINDOWS\wdzhv.dll
C:\WINDOWS\_default.pif
C:\WINDOWS\system32\gigay.dll
C:\WINDOWS\system32\kyqwx.dll
ensuite passe ad aware + spybot; refais un scan avec RAV pour verif
a++
supprime ce qui est en gras !
C:\WINDOWS\Adulti.exe
C:\WINDOWS\DirectX.log
C:\WINDOWS\jydng.dll
C:\WINDOWS\KB823559.log
C:\WINDOWS\KB842773.log
C:\WINDOWS\lhoyh.dll
C:\WINDOWS\Q811630.log
C:\WINDOWS\wdzhv.dll
C:\WINDOWS\_default.pif
C:\WINDOWS\system32\gigay.dll
C:\WINDOWS\system32\kyqwx.dll
ensuite passe ad aware + spybot; refais un scan avec RAV pour verif
a++
ensuite passe ad aware + spybot; comment ca je n'est pas compris
j'ai instaler Spybot - Search & Destroy il na pas terminer la reparation il me demande
l'application ou la DLLC:\WINDOWS\Systeme32\msegcompicl.dll n'est pas une image windows valide .vérifie a l'aide de votre disquete d'instalation et merci d'avance
j'ai instaler Spybot - Search & Destroy il na pas terminer la reparation il me demande
l'application ou la DLLC:\WINDOWS\Systeme32\msegcompicl.dll n'est pas une image windows valide .vérifie a l'aide de votre disquete d'instalation et merci d'avance
regis59 merci de ton aide mais ce probleme est tjs la
maitenant ja fait l'analyse je l'envois dés qui'elle se términe
maitenant ja fait l'analyse je l'envois dés qui'elle se términe
Scan started at 04/19/2005 22:09:20
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\Documents and Settings\AZAHAQ\Local Settings\Temporary Internet Files\Content.IE5\O9EVCPMN\closer[1].htm->(OBJECT0000) - HTML/CodeBaseExec* -> Infected
Scanned
============================
Objects: 34599
Directories: 3028
Archives: 1276
Size(Kb): -590873
Infected files: 1
Found
============================
Viruses found: 1
Suspicious files: 0
Disinfected files: 0
Mail files: 98
Scanning memory...
Scanning boot sectors...
Scanning files...
C:\Documents and Settings\AZAHAQ\Local Settings\Temporary Internet Files\Content.IE5\O9EVCPMN\closer[1].htm->(OBJECT0000) - HTML/CodeBaseExec* -> Infected
Scanned
============================
Objects: 34599
Directories: 3028
Archives: 1276
Size(Kb): -590873
Infected files: 1
Found
============================
Viruses found: 1
Suspicious files: 0
Disinfected files: 0
Mail files: 98
re,
vide tes fichiers temps et tempory internet file sur tous les utilisateur
utilise ceci pour le faire
http://pageperso.aol.fr/Balltrap34/CleanUp312.exe
ensuite fais le manuellement:
tu vas dans outil internet et clik sur supprimer cookies+fichiers temp+historique !
et refais scan immediat !
vide tes fichiers temps et tempory internet file sur tous les utilisateur
utilise ceci pour le faire
http://pageperso.aol.fr/Balltrap34/CleanUp312.exe
ensuite fais le manuellement:
tu vas dans outil internet et clik sur supprimer cookies+fichiers temp+historique !
et refais scan immediat !
Scanned
============================
Objects: 34599
Directories: 3028
Archives: 1276
Size(Kb): -590873
Infected files: 0
Found
============================
Viruses found: 0
Suspicious files: 0
Disinfected files: 0
Mail files: 97
============================
Objects: 34599
Directories: 3028
Archives: 1276
Size(Kb): -590873
Infected files: 0
Found
============================
Viruses found: 0
Suspicious files: 0
Disinfected files: 0
Mail files: 97
salut yoyoazer faite comme regis59 vous la dit
supprime ce qui est en gras !
C:\WINDOWS\Adulti.exe
C:\WINDOWS\DirectX.log
C:\WINDOWS\jydng.dll
C:\WINDOWS\KB823559.log
C:\WINDOWS\KB842773.log
C:\WINDOWS\lhoyh.dll
C:\WINDOWS\Q811630.log
C:\WINDOWS\wdzhv.dll
C:\WINDOWS\_default.pif
C:\WINDOWS\system32\gigay.dll
C:\WINDOWS\system32\kyqwx.dll
ensuite passe ad aware + spybot; refais un scan avec RAV pour verif deconnecte vous d'internet
le tranjan horse sais un cheval de Troie téléchargeur de fichier (trojan horse downloader). éssayer aussi en mode sans echec
supprime ce qui est en gras !
C:\WINDOWS\Adulti.exe
C:\WINDOWS\DirectX.log
C:\WINDOWS\jydng.dll
C:\WINDOWS\KB823559.log
C:\WINDOWS\KB842773.log
C:\WINDOWS\lhoyh.dll
C:\WINDOWS\Q811630.log
C:\WINDOWS\wdzhv.dll
C:\WINDOWS\_default.pif
C:\WINDOWS\system32\gigay.dll
C:\WINDOWS\system32\kyqwx.dll
ensuite passe ad aware + spybot; refais un scan avec RAV pour verif deconnecte vous d'internet
le tranjan horse sais un cheval de Troie téléchargeur de fichier (trojan horse downloader). éssayer aussi en mode sans echec
