Sujet Précédent Sujet Suivant

[Spyware] rapport hijack this

Blast -  
rudyrital Messages postés 6233 Statut Membre -
Bonjour depuis quelques temps j'ai des pubs pour drivecleaner et autres prodtuis qui me font apparaitre des fenetres à l'écran, ça devient très vite agassant. J'ai fait antivrxp + ad-aware et elles sont toujours là. Voilà le rapport de hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 22:37:42, on 26/06/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\devldr32.exe
C:\FRAPS2\FRAPS.EXE
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Denis\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.mangastreet.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {5D60FF48-95BE-4956-B4C6-6BB168A70310}_ - (no file)
R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O4 - HKLM\..\Run: [ScanSoft PDF Professional 3.0-reminder] "C:\Program Files\ScanSoft\PDF Professional 3.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PDF Professional\3\Ereg\ereg.ini"
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\RunServices: [xqax] fqe.exe
O4 - HKLM\..\RunServices: [Microsoft Kernel Support] mskernel.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Fraps] C:\FRAPS2\FRAPS.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer a &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Open with ScanSoft PDF Converter 4.0 - res://C:\Program Files\ScanSoft\PDF Professional 4.0\cnvres_eng.dll /100
O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - C:\WINDOWS\System32\wldr.dll (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - C:\WINDOWS\System32\wldr.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - C:\WINDOWS\System32\wldr.dll (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - C:\WINDOWS\System32\wldr.dll (file missing) (HKCU)
O16 - DPF: Interface Chat Voila - http://chat7.x-echo.com/version3/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version2/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {023A3744-EA13-4C8A-8B23-ABF98974A9F5} (JoyOnPack Control) - http://gunbound.joyon.com/joyonpack.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - http://components.viewpoint.com/...
O16 - DPF: {0F9B4CA4-A30F-480A-841D-69B45C50A8F8} (SekureL0gin.SekureKontrol) - http://secure2.comned.com/signuptemplates/AktiveSekurity.cab
O16 - DPF: {12F7F128-B36C-4843-8AA4-A5F71A969331} (Launcher Control) - https://horizons.eu.istaria.com/controls/launcher.ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1C955F3B-5B32-4393-A05D-24B4970CD2A1} - http://streamhc.redhotnetworks.com/cabs/videox.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - https://www.fileplanet.com/
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/1928de92a639a4b7ef22/netzip/RdxIE2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {7A96FF35-4937-11D1-8F2C-00609779BDA3} (ScolPlugin Class) - http://www.kyela.com/files/atlscol.dll
O16 - DPF: {861FDA2A-2B57-4BDA-8B8B-305C9D5D8604} (_Multimedia Player) - http://stream.pussyharem.com/stream/mmp.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://labophoto.nomatica.com/Components/Upload/ImageUploader3.cab
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.girafoto.fr/uploaders/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD092CD7-AA66-4FF6-8CE1-D4E01489ED2B} - http://www.7adpower.com/dialer/EMSAT.CAB
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1) -
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://kr.pristontale.com/nprotect/nprotect/npx.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://labo.nomatica.com/XUpload.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Netbios Helper Service - Unknown owner - C:\WINDOWS\system32\altsvc.exe
O23 - Service: Network DDE Connections (NETDDEC) - Unknown owner - C:\WINDOWS\system32\service.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwb) (pr2agqwb) - Cyanide - C:\WINDOWS\system32\pr2agqwb.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwc) (pr2agqwc) - Cyanide - C:\WINDOWS\system32\pr2agqwc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe (file missing)

Merci beaucoup de m'aider je sais plus quoi faire :/
A voir également:

14 réponses

Réponse 1 / 14
rudyrital Messages postés 6233 Statut Membre 131
 
Tout d'abord Bonjour et bienvenue sur le forum d'entraide COMMENT CA MARCHE

Fais un clic droit sur ce lien :
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
Enregistrer la cible (du lien) sous... et enregistre-le sur ton bureau.
Fais un clic droit sur navilog1.zip et choisis "tout extraire"
Ensuite double clique sur navilog1.exe pour lancer l'installation.
Une fois l'installation terminée, le fix s'exécutera automatiquement.
(Si ce n'est pas le cas, double-clique sur le raccourci Navilog1 présent sur le bureau).

Laisse-toi guider. Au menu principal, choisis 1 et valides.
(ne fais pas le choix 2,3 ou 4 sans notre avis/accord)

Patiente jusqu'au message :
*** Analyse Termine le ..... ***
Appuie sur une touche comme demandé, le blocnote va s'ouvrir.
Copie-colle l'intégralité dans une réponse. Referme le blocnote.
Le rapport est en outre sauvegardé à la racine du disque (fixnavi.txt)

0
Réponse 2 / 14
joss Messages postés 18 Statut Membre 1
 
http://hijackthis.de/fr#anl
0
rudyrital Messages postés 6233 Statut Membre 131
 
ce lien est un robot d'analyse de log et certaines indications sont fausses

ne rien fixer sans l'avis d'un expert !!!

a vos risques et perils!!!
0
joss Messages postés 18 Statut Membre 1 > rudyrital Messages postés 6233 Statut Membre
 
Ok. Comment tu fais pour detecter si une ligne est mauvaise alors ?
0
rudyrital Messages postés 6233 Statut Membre 131 > rudyrital Messages postés 6233 Statut Membre
 
avec des recherches, de la pratique et de l'experience
en se formant sur des forums specialisés
et en connaissant un minimum l'architecture et le fonctionnement de windows et des virus
0
Réponse 3 / 14
Blast
 
Voici le rapport de Navilog :

Search Navipromo version 2.0.3 commencé le 27/06/2007 à 10:35:38.76

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***

*** Recherche dossiers dans C:\WINDOWS ***

C:\WINDOWS\mslagent trouvé !

*** Recherche dossiers dans C:\Program Files ***

*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***

*** Recherche dossiers dans C:\Documents and Settings\Denis\Application Data ***

*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en

F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of April, 2007.
Version information: 2.2.1061.

[+] Started on 06/27/07 at 10:35:39.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items ............................................................................................................................................................................................................................................................................................................................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 06/27/07 at 11:19:54 (return code = 0).

*** Recherche fichiers ***

C:\WINDOWS\Downloaded Program Files\LiveService.inf trouvé !
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !

*** Recherche cles registre ***

Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]

Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]

Recherche Clé Magic Control

HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_CURRENT_USER\Software\mc trouvé !

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

C:\WINDOWS\system32\gjkkj.bak1 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\qqtss.bak1 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\gjkkj.bak2 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\qqtss.bak2 trouvé ! infection Vundo possible non traité par cet outil !

2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********
0
Réponse 4 / 14
rudyrital Messages postés 6233 Statut Membre 131
 
Double clique sur le raccourci Navilog1 présent sur le bureau et laisse-toi guider.
Au menu principal, choisis 2 et valide.

Le fix va t'informer qu'il va alors redémarrer ton PC
Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts
Appuie sur une touche comme demandé.
(si ton Pc ne redémarre pas automatiquement, fais le toi même)
Au redémarrage de ton PC, choisis ta session habituelle.

Patiente jusqu'au message :
*** Nettoyage Termine le ..... ***
Le blocnote va s'ouvrir. Copie/colle le rapport sur le forum
Sauvegarde le rapport de manière à le retrouver
Referme le blocnote. Ton bureau va réapparaitre

PS:Si ton bureau ne réapparait pas, fais CTRL+ALT+SUPP pour ouvrir le gestionnaire de tâches.
Puis rends-toi à l'onglet "processus". Clique en haut à gauche sur fichiers et choisis "exécuter"
Tape explorer et valide. Celà te fera apparaitre ton bureau.

Ferme internet explorer puis Démarrer/panneau de configuration/options internet
- onglet "Contenu" puis onglet "Certificats" et si tu trouves ceci, en particulier dans "éditeurs approuvés", mais regarde ailleurs :
electronic-group
egroup
Montorgueil
VIP
"Sunny Day Design Ltd"
Tu les supprimes.

Remets un log Hijackthis
@+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 14
Blast
 
Alors voici le rapport navilog après la manip :

Clean Navipromo version 2.0.3 commencé le 28/06/2007 à 10:36:12.96

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO

Mode suppression automatique avec prise en charge résultats Blacklight

*** fsbl1.txt non trouvé ***
(Assurez-vous que Blacklight n'avait rien trouvé lors de la recherche)

*** Suppression dossiers dans C:\WINDOWS ***

C:\WINDOWS\mslagent ...suppression...
C:\WINDOWS\mslagent supprimé !

*** Suppression dossiers dans C:\Program Files ***

*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***

*** Suppression dossiers dans C:\Documents and Settings\Denis\Application Data ***

*** Suppression fichiers ***

C:\WINDOWS\Downloaded Program Files\LiveService.infsupprimé !
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Denis\Local Settings\Temp effectué !

*** Sauvegarde du registre vers dossier Backupnavi***

sauvegarde du registre réalise avec succes !

*** Nettoyage registre ***

Nettoyage registre Ok

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:

C:\WINDOWS\system32\gjkkj.bak1 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\qqtss.bak1 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\gjkkj.bak2 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\qqtss.bak2 trouvé ! infection Vundo possible non traité par cet outil !

2)Recherche et Suppression Heuristique :

*
**
***
****
*****
******
*******
********

3)Contrôle présence clés Rootkit dans le registre :

Aucune autre clés présente dans le registre !

*** Nettoyage termine le 28/06/2007 à 10:40:32.18 ***

Et après un nouveau coup de hijack :

Logfile of HijackThis v1.99.1
Scan saved at 10:45:40, on 28/06/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Denis\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.mangastreet.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {5D60FF48-95BE-4956-B4C6-6BB168A70310}_ - (no file)
R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O4 - HKLM\..\Run: [ScanSoft PDF Professional 3.0-reminder] "C:\Program Files\ScanSoft\PDF Professional 3.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PDF Professional\3\Ereg\ereg.ini"
O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\System32\rwdvotod.dll",realset
O4 - HKLM\..\RunServices: [xqax] fqe.exe
O4 - HKLM\..\RunServices: [Microsoft Kernel Support] mskernel.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Fraps] C:\FRAPS2\FRAPS.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer a &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Open with ScanSoft PDF Converter 4.0 - res://C:\Program Files\ScanSoft\PDF Professional 4.0\cnvres_eng.dll /100
O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - C:\WINDOWS\System32\wldr.dll (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - C:\WINDOWS\System32\wldr.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - C:\WINDOWS\System32\wldr.dll (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - C:\WINDOWS\System32\wldr.dll (file missing) (HKCU)
O16 - DPF: Interface Chat Voila - http://chat7.x-echo.com/version3/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version2/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {023A3744-EA13-4C8A-8B23-ABF98974A9F5} (JoyOnPack Control) - http://gunbound.joyon.com/joyonpack.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - http://components.viewpoint.com/...
O16 - DPF: {0F9B4CA4-A30F-480A-841D-69B45C50A8F8} (SekureL0gin.SekureKontrol) - http://secure2.comned.com/signuptemplates/AktiveSekurity.cab
O16 - DPF: {12F7F128-B36C-4843-8AA4-A5F71A969331} (Launcher Control) - https://horizons.eu.istaria.com/controls/launcher.ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1C955F3B-5B32-4393-A05D-24B4970CD2A1} - http://streamhc.redhotnetworks.com/cabs/videox.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - https://www.fileplanet.com/
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/1928de92a639a4b7ef22/netzip/RdxIE2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {7A96FF35-4937-11D1-8F2C-00609779BDA3} (ScolPlugin Class) - http://www.kyela.com/files/atlscol.dll
O16 - DPF: {861FDA2A-2B57-4BDA-8B8B-305C9D5D8604} (_Multimedia Player) - http://stream.pussyharem.com/stream/mmp.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://labophoto.nomatica.com/Components/Upload/ImageUploader3.cab
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.girafoto.fr/uploaders/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD092CD7-AA66-4FF6-8CE1-D4E01489ED2B} - http://www.7adpower.com/dialer/EMSAT.CAB
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1) -
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://kr.pristontale.com/nprotect/nprotect/npx.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://labo.nomatica.com/XUpload.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Netbios Helper Service - Unknown owner - C:\WINDOWS\system32\altsvc.exe
O23 - Service: Network DDE Connections (NETDDEC) - Unknown owner - C:\WINDOWS\system32\service.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe (file missing)
0
Réponse 6 / 14
rudyrital Messages postés 6233 Statut Membre 131
 
Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=4

* Double-clique VundoFix.exe afin de le lancer.
* Lorsque l'outil se lance à nouveau, clique sur le bouton Scan for Vundo
* Clique sur le bouton Scan for Vundo.
* Lorsque le scan est complété, clique sur le bouton Remove Vundo
* Une invite te demandera si tu veux supprimer les fichiers, clique YES
* Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Tu verras une invite qui t'annonce que ton PC va s'éteindre ("shutdown"); clique OK
* Démarre ton PC à nouveau.
* Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.

Note Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
0
Réponse 7 / 14
Blast
 
Rapport Vundo :

VundoFix V6.5.1

Checking Java version...

Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.

Java version is 1.4.2.4
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Java version is 1.5.0.11

Scan started at 21:05:44 28/06/2007

Listing files found while scanning....

C:\windows\system32\ddayv.dll
C:\windows\system32\dotovdwr.ini
C:\windows\system32\edgvdoxq.ini
C:\windows\system32\euaxqoyt.ini
C:\WINDOWS\System32\gjkkj.bak1
C:\WINDOWS\System32\gjkkj.bak2
C:\WINDOWS\System32\gjkkj.ini
C:\WINDOWS\System32\hynbwyuj.dll
C:\WINDOWS\System32\jkkjg.dll
C:\windows\system32\mljjjhh.dll
C:\windows\system32\qlatitlo.dll
C:\windows\system32\qqtss.bak1
C:\windows\system32\qqtss.bak2
C:\windows\system32\qqtss.ini
C:\windows\system32\qwpfacey.ini
C:\windows\system32\qxodvgde.dll
C:\WINDOWS\System32\rwdvotod.dll
C:\windows\system32\ssqolig.dll
C:\windows\system32\sstqq.dll
C:\windows\system32\tyoqxaue.dll
C:\windows\system32\vyadd.ini
C:\windows\system32\wvuvwwu.dll
C:\windows\system32\yecafpwq.dll

Beginning removal...

Attempting to delete C:\windows\system32\ddayv.dll
C:\windows\system32\ddayv.dll Has been deleted!

Attempting to delete C:\windows\system32\dotovdwr.ini
C:\windows\system32\dotovdwr.ini Has been deleted!

Attempting to delete C:\windows\system32\edgvdoxq.ini
C:\windows\system32\edgvdoxq.ini Has been deleted!

Attempting to delete C:\windows\system32\euaxqoyt.ini
C:\windows\system32\euaxqoyt.ini Has been deleted!

Attempting to delete C:\WINDOWS\System32\gjkkj.bak1
C:\WINDOWS\System32\gjkkj.bak1 Has been deleted!

Attempting to delete C:\WINDOWS\System32\gjkkj.bak2
C:\WINDOWS\System32\gjkkj.bak2 Has been deleted!

Attempting to delete C:\WINDOWS\System32\gjkkj.ini
C:\WINDOWS\System32\gjkkj.ini Has been deleted!

Attempting to delete C:\WINDOWS\System32\jkkjg.dll
C:\WINDOWS\System32\jkkjg.dll Has been deleted!

Attempting to delete C:\windows\system32\mljjjhh.dll
C:\windows\system32\mljjjhh.dll Has been deleted!

Attempting to delete C:\windows\system32\qlatitlo.dll
C:\windows\system32\qlatitlo.dll Has been deleted!

Attempting to delete C:\windows\system32\qqtss.bak1
C:\windows\system32\qqtss.bak1 Has been deleted!

Attempting to delete C:\windows\system32\qqtss.bak2
C:\windows\system32\qqtss.bak2 Has been deleted!

Attempting to delete C:\windows\system32\qqtss.ini
C:\windows\system32\qqtss.ini Has been deleted!

Attempting to delete C:\windows\system32\qwpfacey.ini
C:\windows\system32\qwpfacey.ini Has been deleted!

Attempting to delete C:\windows\system32\qxodvgde.dll
C:\windows\system32\qxodvgde.dll Has been deleted!

Attempting to delete C:\WINDOWS\System32\rwdvotod.dll
C:\WINDOWS\System32\rwdvotod.dll Has been deleted!

Attempting to delete C:\windows\system32\ssqolig.dll
C:\windows\system32\ssqolig.dll Has been deleted!

Attempting to delete C:\windows\system32\sstqq.dll
C:\windows\system32\sstqq.dll Has been deleted!

Attempting to delete C:\windows\system32\tyoqxaue.dll
C:\windows\system32\tyoqxaue.dll Has been deleted!

Attempting to delete C:\windows\system32\vyadd.ini
C:\windows\system32\vyadd.ini Has been deleted!

Attempting to delete C:\windows\system32\wvuvwwu.dll
C:\windows\system32\wvuvwwu.dll Has been deleted!

Attempting to delete C:\windows\system32\yecafpwq.dll
C:\windows\system32\yecafpwq.dll Has been deleted!

Performing Repairs to the registry.
Done!

et HIJACKTHIS

Logfile of HijackThis v1.99.1
Scan saved at 21:18:29, on 28/06/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\devldr32.exe
C:\FRAPS2\FRAPS.EXE
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Denis\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.mangastreet.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {5D60FF48-95BE-4956-B4C6-6BB168A70310}_ - (no file)
R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - {021BB032-80A8-4FB6-B3D5-CF27B1553B95} - C:\WINDOWS\mslagent\4b_1,0,1,0_mslagent.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {1775052B-877C-4768-93F6-19DEBD4A3972} - C:\WINDOWS\System32\jkkjg.dll (file missing)
O2 - BHO: Microsoft Configuration - {40205287-E793-41AC-B95C-D8D064BA33CA} - C:\WINDOWS\system32\mscfg.dll (file missing)
O2 - BHO: (no name) - {6D8242AC-03EE-4035-B4B6-2FF07E1DF9B3} - C:\WINDOWS\System32\sckpeung.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O2 - BHO: (no name) - {90F75E47-94D2-48AC-8D32-863356FA6578} - C:\WINDOWS\System32\wvuvwwu.dll (file missing)
O2 - BHO: (no name) - {EE7ED55D-6895-1232-E09D-32D6D93300C3} - C:\WINDOWS\System32\bxibj.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O4 - HKLM\..\Run: [ScanSoft PDF Professional 3.0-reminder] "C:\Program Files\ScanSoft\PDF Professional 3.0\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Application Data\ScanSoft\PDF Professional\3\Ereg\ereg.ini"
O4 - HKLM\..\RunServices: [xqax] fqe.exe
O4 - HKLM\..\RunServices: [Microsoft Kernel Support] mskernel.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Fraps] C:\FRAPS2\FRAPS.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer a &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Open with ScanSoft PDF Converter 4.0 - res://C:\Program Files\ScanSoft\PDF Professional 4.0\cnvres_eng.dll /100
O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - C:\WINDOWS\System32\wldr.dll (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - C:\WINDOWS\System32\wldr.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - C:\WINDOWS\System32\wldr.dll (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - C:\WINDOWS\System32\wldr.dll (file missing) (HKCU)
O16 - DPF: Interface Chat Voila - http://chat7.x-echo.com/version3/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version2/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {023A3744-EA13-4C8A-8B23-ABF98974A9F5} (JoyOnPack Control) - http://gunbound.joyon.com/joyonpack.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - http://components.viewpoint.com/...
O16 - DPF: {0F9B4CA4-A30F-480A-841D-69B45C50A8F8} (SekureL0gin.SekureKontrol) - http://secure2.comned.com/signuptemplates/AktiveSekurity.cab
O16 - DPF: {12F7F128-B36C-4843-8AA4-A5F71A969331} (Launcher Control) - https://horizons.eu.istaria.com/controls/launcher.ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1C955F3B-5B32-4393-A05D-24B4970CD2A1} - http://streamhc.redhotnetworks.com/cabs/videox.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - https://www.fileplanet.com/
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/1928de92a639a4b7ef22/netzip/RdxIE2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {7A96FF35-4937-11D1-8F2C-00609779BDA3} (ScolPlugin Class) - http://www.kyela.com/files/atlscol.dll
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://labophoto.nomatica.com/Components/Upload/ImageUploader3.cab
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.girafoto.fr/uploaders/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD092CD7-AA66-4FF6-8CE1-D4E01489ED2B} - http://www.7adpower.com/dialer/EMSAT.CAB
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1) -
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://kr.pristontale.com/nprotect/nprotect/npx.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://labo.nomatica.com/XUpload.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Netbios Helper Service - Unknown owner - C:\WINDOWS\system32\altsvc.exe
O23 - Service: Network DDE Connections (NETDDEC) - Unknown owner - C:\WINDOWS\system32\service.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe (file missing)
0
Réponse 8 / 14
rudyrital Messages postés 6233 Statut Membre 131
 
* télécharge AVG Anti-Spyware

avg antispyware
http://www.infos-du-net.com/telecharger/Ewido-Security-Suite,0301-734.html

Tuto : http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

* tu l'installes

Démarrer AVG antispyware. Cliquer sur "mise à jour", cliquer sur le bouton "Commencer la mise à jour" et attendre la fin de cette mise à jour puis, fermer le programme.

si tu n'arrives pas à le mettre à jour prends ici les Mise à jour:

http://downloads.ewido.net/avgas-signatures-full-current.exe

Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).

relance AVG AS et cliquer sur l'onglet "scanner" puis sur "Analyse complète du système".
Une fois le scan terminé, il t'affiche un rapport. Cliquer sur "configurer..." en bas a gauche et choisir "supprimer". Ensuite cliquer sur "Appliquer toutes les actions ", ca va supprimer toutes les infections détectées.
Ensuite cliquer sur "Enregistrer le rapport d'analyse" -> "enregistrer sous" et enregistrer le rapport où bon te semble, afin de me l'envoyer dans ta prochaine réponse.

Copie Et colle le rapport ici
0
Réponse 9 / 14
Blast
 
Rappport Anti-spyware

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 00:24:09 03/07/2007

+ Résultat de l'analyse:

HKU\.DEFAULT\Software\margo -> Adware.Adtomi : Nettoyé.
HKU\S-1-5-18\Software\margo -> Adware.Adtomi : Nettoyé.
C:\WINDOWS\system32\javex80.vxd/C:/Program Files/NaviSearch/bin/nls.exe -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\system32\javex80.vxd/C:/WINDOWS/System32/nvms.dll -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\system32\mbbi8016.dll -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\system32\psis80ex.ax/C:/Program Files/CashBack/bin/cashback.exe -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\system32\psis80ex.ax/C:/Program Files/CashBack/bin/cb.exe -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\system32\psis80ex.ax/C:/Program Files/CashBack/bin/flash.exe -> Adware.BargainBuddy : Nettoyé.
C:\WINDOWS\system32\psis80ex.ax/C:/WINDOWS/System32/mscb.dll -> Adware.BargainBuddy : Nettoyé.
HKU\S-1-5-21-3352483553-1270386979-3842219741-1005\Software\Microsoft\Internet Explorer\Keywords -> Adware.CoolWebSearch : Nettoyé.
C:\Documents and Settings\Denis\Desktop\Données\Musique\WAV to MP3 Encoder\mm332.exe -> Adware.EZula : Nettoyé.
C:\WINDOWS\system32\Xcite2.exe -> Adware.F1Organizer : Nettoyé.
C:\WINDOWS\Downloaded Program Files\HDPlugin1018.dll -> Adware.Gator : Nettoyé.
HKLM\SOFTWARE\Classes\CLSID\{6AC3806F-8B39-4746-9C38-6B01CB7331FF} -> Adware.Generic : Nettoyé.
C:\Documents and Settings\Denis\Desktop\Données\Divers\AccessManager-Installation.exe -> Adware.MDH : Nettoyé.
C:\Documents and Settings\Denis\Desktop\Données\Musique\WAV to MP3 Encoder\DEFNTB.exe -> Adware.NavExcel : Nettoyé.
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Nettoyé.
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Nettoyé.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Nettoyé.
C:\WINDOWS\Downloaded Program Files\videox.inf -> Adware.Redhotnetwo : Nettoyé.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WhenUSave -> Adware.SaveNow : Nettoyé.
C:\WINDOWS\system32\BO2802040113.dll -> Adware.VirtualBouncer : Nettoyé.
C:\WINDOWS\system32\SWRT01.dll -> Adware.VirtualBouncer : Nettoyé.
C:\WINDOWS\system32\fccawur.dll -> Adware.Virtumonde : Nettoyé.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Nettoyé.
HKLM\SOFTWARE\Classes\MediaAccX.Installer -> Adware.WinAd : Nettoyé.
HKLM\SOFTWARE\Classes\MediaAccX.Installer\CLSID -> Adware.WinAd : Nettoyé.
C:\Documents and Settings\Denis\Application Data\WinHound.com -> Adware.WinHound : Nettoyé.
C:\Documents and Settings\Denis\Application Data\WinHound.com\WinHound -> Adware.WinHound : Nettoyé.
C:\Documents and Settings\Denis\Application Data\WinHound.com\WinHound\Autorun -> Adware.WinHound : Nettoyé.
C:\Documents and Settings\Denis\Application Data\WinHound.com\WinHound\Autorun\HKCURun -> Adware.WinHound : Nettoyé.
C:\Documents and Settings\Denis\Application Data\WinHound.com\WinHound\Autorun\HKCURun\RunOnce -> Adware.WinHound : Nettoyé.
C:\Documents and Settings\Denis\Application Data\WinHound.com\WinHound\Autorun\HKCURun\RunOnceEx -> Adware.WinHound : Nettoyé.
C:\Documents and Settings\Denis\Application Data\WinHound.com\WinHound\Autorun\HKLMRun -> Adware.WinHound : Nettoyé.
C:\Documents and Settings\Denis\Application Data\WinHound.com\WinHound\Autorun\HKLMRun\RunOnce -> Adware.WinHound : Nettoyé.
C:\Documents and Settings\Denis\Application Data\WinHound.com\WinHound\Autorun\HKLMRun\RunOnceEx -> Adware.WinHound : Nettoyé.
C:\Documents and Settings\Denis\Application Data\WinHound.com\WinHound\Autorun\StartMenuAllUsers -> Adware.WinHound : Nettoyé.
C:\Documents and Settings\Denis\Application Data\WinHound.com\WinHound\Autorun\StartMenuCurrentUser -> Adware.WinHound : Nettoyé.
C:\Documents and Settings\Denis\Application Data\WinHound.com\WinHound\BrowserObjects -> Adware.WinHound : Nettoyé.
HKLM\SOFTWARE\WinHound.com -> Adware.WinHound : Erreur lors du nettoyage.
HKLM\SOFTWARE\WinHound.com\WinHound -> Adware.WinHound : Erreur lors du nettoyage.
HKLM\SOFTWARE\WinHound.com\WinHound\WinHound -> Adware.WinHound : Erreur lors du nettoyage.
HKLM\SOFTWARE\WinHound.com\WinHound\WinHound\License -> Adware.WinHound : Nettoyé.
C:\Program Files\Mozilla Firefox\plugins\npclntax.dll -> Adware.Zango : Nettoyé.
C:\Program Files\Messenger Plus! 2\Setup.dat/70000011.exe -> Downloader.Swizzor.af : Nettoyé.
C:\Documents and Settings\Denis\Mes documents\Mes fichiers reçus\Messenger Plus! - Setup.exe/70000011.exe -> Downloader.Swizzor.g : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451210.exe -> Downloader.Tiny.id : Nettoyé.
C:\WINDOWS\Downloaded Program Files\ActiveSecurity.ocx -> Not-A-Virus.VirTool.Win32.Collector : Nettoyé.
:mozilla.873:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.874:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.875:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.646:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.647:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.648:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.649:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.650:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.651:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.652:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.653:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.654:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.655:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.656:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.657:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.658:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.659:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.660:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.661:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.662:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.663:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.664:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.665:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.666:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.667:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.668:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.669:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.670:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.671:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.672:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.673:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.674:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.675:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.676:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.677:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.678:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.679:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.791:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.923:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.952:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.200:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.201:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.202:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.203:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.227:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.337:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@3.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@4.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.862:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Addcontrol : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@www.adobe[1].txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.326:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.327:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.329:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.330:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.334:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.336:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.17:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.18:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.591:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.592:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.593:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.594:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.595:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.819:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.273:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.114:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.220:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Clickhype : Nettoyé.
:mozilla.223:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Clickhype : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
:mozilla.121:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.122:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.125:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.126:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.127:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.128:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.753:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.19:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.20:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.21:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@connextra[1].txt -> TrackingCookie.Connextra : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.639:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.640:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.102:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.358:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.230:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.389:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.390:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.391:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.392:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.393:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.394:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.395:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.397:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.623:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.620:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.621:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.622:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.232:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.236:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
:mozilla.12:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.16:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@navrcholu[2].txt -> TrackingCookie.Navrcholu : Nettoyé.
:mozilla.104:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.135:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.136:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.137:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.511:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@pocitadlo[2].txt -> TrackingCookie.Pocitadlo : Nettoyé.
:mozilla.454:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.455:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.456:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.457:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.458:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.459:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.460:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.347:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.348:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.349:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.350:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.351:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.305:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.313:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.314:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.315:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.316:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.317:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.259:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.260:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.261:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.262:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.263:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.264:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.858:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.108:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.109:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.110:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.111:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.253:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.254:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.255:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.256:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.224:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.225:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.226:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.228:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.229:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.27:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.28:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.29:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.30:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.891:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.105:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.106:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.107:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.734:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.829:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\Denis\Cookies\denis@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.184:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.190:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.192:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.193:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.194:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.195:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.196:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.197:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.198:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.398:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.399:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.400:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.401:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.402:C:\Documents and Settings\Denis\Application Data\Mozilla\Firefox\Profiles\l9xykziv.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Denis\Local Settings\Temporary Internet Files\Content.IE5\6P7ODOVA\tob_snd_20070616[1] -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451208.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451209.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451211.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451212.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451213.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451214.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451215.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451216.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451217.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451218.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451219.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451220.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451221.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1873\A0451222.exe -> Trojan.Agent.aoy : Nettoyé.
C:\WINDOWS\system32\qwhottxa.exe -> Trojan.Agent.aoy : Nettoyé.

Fin du rapport

Et HIJACKTHIS

Logfile of HijackThis v1.99.1
Scan saved at 10:42:54, on 03/07/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\FRAPS2\FRAPS.EXE
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Azureus\Azureus.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Documents and Settings\Denis\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.mangastreet.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {5D60FF48-95BE-4956-B4C6-6BB168A70310}_ - (no file)
R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\System32\ltbhxqos.dll",forkonce
O4 - HKLM\..\RunServices: [xqax] fqe.exe
O4 - HKLM\..\RunServices: [Microsoft Kernel Support] mskernel.exe
O4 - HKCU\..\Run: [Fraps] C:\FRAPS2\FRAPS.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer a &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Open with ScanSoft PDF Converter 4.0 - res://C:\Program Files\ScanSoft\PDF Professional 4.0\cnvres_eng.dll /100
O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - (no file)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - (no file) (HKCU)
O16 - DPF: Interface Chat Voila - http://chat7.x-echo.com/version3/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version2/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {023A3744-EA13-4C8A-8B23-ABF98974A9F5} (JoyOnPack Control) - http://gunbound.joyon.com/joyonpack.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - http://components.viewpoint.com/...
O16 - DPF: {0F9B4CA4-A30F-480A-841D-69B45C50A8F8} (SekureL0gin.SekureKontrol) - http://secure2.comned.com/signuptemplates/AktiveSekurity.cab
O16 - DPF: {12F7F128-B36C-4843-8AA4-A5F71A969331} (Launcher Control) - https://horizons.eu.istaria.com/controls/launcher.ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1C955F3B-5B32-4393-A05D-24B4970CD2A1} - http://streamhc.redhotnetworks.com/cabs/videox.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - https://www.fileplanet.com/
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/1928de92a639a4b7ef22/netzip/RdxIE2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {7A96FF35-4937-11D1-8F2C-00609779BDA3} (ScolPlugin Class) - http://www.kyela.com/files/atlscol.dll
O16 - DPF: {861FDA2A-2B57-4BDA-8B8B-305C9D5D8604} (_Multimedia Player) - http://stream.pussyharem.com/stream/mmp.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://labophoto.nomatica.com/Components/Upload/ImageUploader3.cab
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.girafoto.fr/uploaders/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD092CD7-AA66-4FF6-8CE1-D4E01489ED2B} - http://www.7adpower.com/dialer/EMSAT.CAB
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1) -
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://kr.pristontale.com/nprotect/nprotect/npx.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://labo.nomatica.com/XUpload.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Netbios Helper Service - Unknown owner - C:\WINDOWS\system32\altsvc.exe
O23 - Service: Network DDE Connections (NETDDEC) - Unknown owner - C:\WINDOWS\system32\service.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwb) (pr2agqwb) - Cyanide - C:\WINDOWS\system32\pr2agqwb.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwc) (pr2agqwc) - Cyanide - C:\WINDOWS\system32\pr2agqwc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe (file missing)

J'ai encore quelques fenetres qui s'ouvrent ça devient lourd :/ mais merci de ta patience en tout cas !
0
Réponse 10 / 14
rudyrital Messages postés 6233 Statut Membre 131
 
Télécharge SDFix (créé par AndyManchesta) et sauvegarde le sur ton Bureau.
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau. Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :
• Redémarre ton ordinateur
• Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (une pression par seconde).
• A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
• Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
• Choisis ton compte.
Déroule la liste des instructions ci-dessous :
• Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le scrïpt.
• Appuie sur Y pour commencer le processus de nettoyage.
• Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
• Appuie sur une touche pour redémarrer le PC.
• Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
• Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
• Appuie sur une touche pour finir l'exécution du scrïpt et charger les icônes de ton Bureau.
• Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
• Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !
0
Réponse 11 / 14
Blast
 
Rapport SDFIX

SDFix: Version 1.89

Run by Denis on 03/07/2007 at 21:13

Microsoft Windows XP [version 5.1.2600]

Running From: C:\ANTISP~1\SDFix

Safe Mode:
Checking Services:

Name:
Windows Log

ImagePath:
C:\WINDOWS\system32\nvsvcd.exe

Windows Log - Deleted

Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...

Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\WINDOWS\SYSTEM32\1089_UP.EXE - Deleted
C:\WINDOWS\dat.exe.tmp - Deleted
C:\WINDOWS\system32\TFTP1972 - Deleted

Removing Temp Files...

ADS Check:

Checking C:\WINDOWS
C:\WINDOWS
No streams found.

Checking C:\WINDOWS\system32
C:\WINDOWS\system32
No streams found.

Checking C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
No streams found.

Checking C:\WINDOWS\system32\ntoskrnl.exe
C:\WINDOWS\system32\ntoskrnl.exe
No streams found.

Final Check:

Remaining Services:
------------------

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

Remaining Files:
---------------

Backups Folder: - C:\ANTISP~1\SDFix\backups\backups.zip

Files with Hidden Attributes:

C:\Documents and Settings\Denis\Voisinage r‚seau\pwr48n.dynu.com\Desktop.ini
C:\WINDOWS\system32\cfabbfecd_g.dll
C:\WINDOWS\system32\MSVRCTD.DLL
C:\WINDOWS\system32\MSVRCTDR.dll
C:\Documents and Settings\GameSpot DLX Secure Delivery\ageofshadowsclient.exe
C:\WINDOWS\dat.exe
C:\WINDOWS\system32\n?pdb.exe

Finished

et HIJACK

Logfile of HijackThis v1.99.1
Scan saved at 21:40:05, on 03/07/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\FRAPS2\FRAPS.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Denis\Desktop\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.mangastreet.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - {5D60FF48-95BE-4956-B4C6-6BB168A70310}_ - (no file)
R3 - URLSearchHook: (no name) - _{707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: (no name) - {707E6F76-9FFB-4920-A976-EA101271BC25} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\System32\ltbhxqos.dll",forkonce
O4 - HKLM\..\RunServices: [xqax] fqe.exe
O4 - HKLM\..\RunServices: [Microsoft Kernel Support] mskernel.exe
O4 - HKCU\..\Run: [Fraps] C:\FRAPS2\FRAPS.EXE
O8 - Extra context menu item: &eBay Search - res://C:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer a &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Open with ScanSoft PDF Converter 4.0 - res://C:\Program Files\ScanSoft\PDF Professional 4.0\cnvres_eng.dll /100
O8 - Extra context menu item: Tout télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec &BitSpirit - C:\Program Files\BitSpirit\bsurl.htm
O8 - Extra context menu item: Télécharger avec NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Researcher\EROPROJ.DLL
O9 - Extra button: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - (no file)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - (no file)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {AC075332-2D5D-47EC-AB8B-51530F7C1751} - (no file) (HKCU)
O16 - DPF: Interface Chat Voila - http://chat7.x-echo.com/version3/Applet/vchatsign.cab
O16 - DPF: Interface Chat Wanadoo - http://chat10.x-echo.com/version2/Applet/wchatsign.cab
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {023A3744-EA13-4C8A-8B23-ABF98974A9F5} (JoyOnPack Control) - http://gunbound.joyon.com/joyonpack.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) - http://components.viewpoint.com/...
O16 - DPF: {0F9B4CA4-A30F-480A-841D-69B45C50A8F8} (SekureL0gin.SekureKontrol) - http://secure2.comned.com/signuptemplates/AktiveSekurity.cab
O16 - DPF: {12F7F128-B36C-4843-8AA4-A5F71A969331} (Launcher Control) - https://horizons.eu.istaria.com/controls/launcher.ocx
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c7.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {1C955F3B-5B32-4393-A05D-24B4970CD2A1} - http://streamhc.redhotnetworks.com/cabs/videox.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) - https://www.fileplanet.com/
O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - http://tools.ebayimg.com/eps/wl/activex/EPUWALControl_v1-0-3-24.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by111fd.bay111.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com/downloads/rtpatch/EARTPX.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/1928de92a639a4b7ef22/netzip/RdxIE2.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab
O16 - DPF: {7A96FF35-4937-11D1-8F2C-00609779BDA3} (ScolPlugin Class) - http://www.kyela.com/files/atlscol.dll
O16 - DPF: {861FDA2A-2B57-4BDA-8B8B-305C9D5D8604} (_Multimedia Player) - http://stream.pussyharem.com/stream/mmp.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://labophoto.nomatica.com/Components/Upload/ImageUploader3.cab
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - https://www.afternic.com/domains/downloadv3.com
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.girafoto.fr/uploaders/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD092CD7-AA66-4FF6-8CE1-D4E01489ED2B} - http://www.7adpower.com/dialer/EMSAT.CAB
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Environnement d'exécution Java 1.4.1) -
O16 - DPF: {CFCB7308-782F-11D4-BE27-000102598CE4} (NPX Control) - http://kr.pristontale.com/nprotect/nprotect/npx.cab
O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Service Client v.3.4) - http://ccon.futuremark.com/global/msc34.cab
O16 - DPF: {E855A2D4-987E-4F3B-A51C-64D10A7E2479} (EPSImageControl Class) - http://tools.ebayimg.com/eps/activex/EPSControl_v1-0-3-0.cab
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://labo.nomatica.com/XUpload.ocx
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Belkin\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Netbios Helper Service - Unknown owner - C:\WINDOWS\system32\altsvc.exe
O23 - Service: Network DDE Connections (NETDDEC) - Unknown owner - C:\WINDOWS\system32\service.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwb) (pr2agqwb) - Cyanide - C:\WINDOWS\system32\pr2agqwb.exe
O23 - Service: Loki Drivers Auto Removal (pr2agqwc) (pr2agqwc) - Cyanide - C:\WINDOWS\system32\pr2agqwc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
0
Réponse 12 / 14
rudyrital Messages postés 6233 Statut Membre 131
 
fait un scan ici
https://www.bitdefender.fr/
et copie colle le résultat ici
* En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
* Dans la nouvelle fenêtre, clique sur I agree
* La fenêtre change encore, clique sur Click here to scan
* Les signatures se chargent, etc.

tuto en image

http://pageperso.aol.fr/rginformatique/mapage/defender.htm

copie/colle le rapport sur le forum

0
Réponse 13 / 14
Blast
 
Ptain c'est pas possible j'en ai encore une soixantaine !!!

Rapport:

C:\Documents and Settings\Denis\Desktop\Données\Modems\ADSLAutoconnect205F13.exe=>(CAB Sfx o)=>ADSL Autoconnect.exe

Infecté par: Trojan.Horse.AU

C:\Documents and Settings\Denis\Desktop\Modems\ADSLAutoconnect205F13.exe=>(CAB Sfx o)=>ADSL Autoconnect.exe

Echec de la désinfection

C:\Documents and Settings\Denis\Desktop\Modems\ADSLAutoconnect205F13.exe=>(CAB Sfx o)=>ADSL Autoconnect.exe

Supprimé

C:\Documents and Settings\Denis\Desktop\Modems\ADSLAutoconnect205F13.exe=>(CAB Sfx o)

Echec de la mise à jour

C:\Documents and Settings\Denis\Desktop\Données\Optimisation\Abexo registry cleaner.exe=>(RAR Sfx o)=>setup2.exe

Infecté par: Trojan.Agent.AAKN

C:\Documents and Settings\Denis\Desktop\Données\Optimisation\Abexo registry cleaner.exe=>(RAR Sfx o)=>setup2.exe

Echec de la désinfection

C:\Documents and Settings\Denis\Desktop\Données\Optimisation\Abexo registry cleaner.exe=>(RAR Sfx o)=>setup2.exe

Supprimé

C:\Documents and Settings\Denis\Desktop\Données\Optimisation\Abexo registry cleaner.exe=>(RAR Sfx o)

Echec de la mise à jour

C:\Documents and Settings\Denis\Local Settings\Temporary Internet Files\Content.IE5\LN9NMIHE\tob_snd_20070616[1]

Infecté par: Trojan.Fotomoto.A

C:\Documents and Settings\Denis\Local Settings\Temporary Internet Files\Content.IE5\LN9NMIHE\tob_snd_20070616[1]

Echec de la désinfection

C:\Documents and Settings\Denis\Local Settings\Temporary Internet Files\Content.IE5\LN9NMIHE\tob_snd_20070616[1]

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440479.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440479.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440479.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440480.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440480.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440480.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440481.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440481.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440481.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440482.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440482.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440482.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440483.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440483.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440483.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440484.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440484.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440484.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440485.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440485.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440485.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440486.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440486.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440486.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440487.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440487.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440487.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440488.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440488.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440488.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440494.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440494.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440494.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440495.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440495.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440495.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440496.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440496.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440496.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440497.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440497.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440497.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440690.dll

Infecté par: MemScan:Trojan.Virtumod.ALX

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440690.dll

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0440690.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442702.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442702.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442702.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442703.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442703.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442703.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442704.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442704.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442704.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442705.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442705.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442705.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442706.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442706.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1852\A0442706.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1855\A0447299.dll

Infecté par: MemScan:Trojan.Virtumod.ALX

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1855\A0447299.dll

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1855\A0447299.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1856\A0447551.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1856\A0447551.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1856\A0447551.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1856\A0447552.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1856\A0447552.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1856\A0447552.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1856\A0447553.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1856\A0447553.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1856\A0447553.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1861\A0448489.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1861\A0448489.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1861\A0448489.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1861\A0448532.dll

Infecté par: Trojan.BHO.AR

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1861\A0448532.dll

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1861\A0448532.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1861\A0448585.dll

Infecté par: MemScan:Trojan.Virtumod.ALX

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1861\A0448585.dll

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1861\A0448585.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449260.dll

Infecté par: MemScan:Trojan.Virtumod.ALX

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449260.dll

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449260.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449264.dll

Infecté par: MemScan:Trojan.Virtumod.ALX

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449264.dll

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449264.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449265.dll

Infecté par: MemScan:Trojan.Virtumonde.IC

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449265.dll

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449265.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449266.dll

Infecté par: Trojan.Spy.VBStat.B

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449266.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449271.dll

Infecté par: MemScan:Trojan.Virtumonde.IC

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449271.dll

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449271.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449272.dll

Infecté par: MemScan:Trojan.Virtumod.ALX

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449272.dll

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449272.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449275.dll

Infecté par: MemScan:Trojan.Virtumonde.IC

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449275.dll

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1869\A0449275.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1875\A0451343.exe

Infecté par: Trojan.Fotomoto.A

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1875\A0451343.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1875\A0451343.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1875\A0451349.dll

Infecté par: Trojan.Muldrop.1997.D

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1875\A0451349.dll

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1875\A0451349.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1875\A0451354.exe

Infecté par: Trojan.Muldrop.2545.A

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1875\A0451354.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1875\A0451354.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1875\A0451356.dll

Détecté avec: Adware.Virtumonde.GFH

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1875\A0451356.dll

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1875\A0451356.dll

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452715.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452715.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452715.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452716.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452716.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452716.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452717.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452717.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452717.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452718.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452718.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452718.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452719.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452719.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452719.exe

Supprimé

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452720.exe

Infecté par: Trojan.Dropper.NQ

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452720.exe

Echec de la désinfection

C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP1878\A0452720.exe

Supprimé

C:\VundoFix Backups\ddayv.dll.bad

Infecté par: MemScan:Trojan.Virtumod.ALX

C:\VundoFix Backups\ddayv.dll.bad

Echec de la désinfection

C:\VundoFix Backups\ddayv.dll.bad

Supprimé

C:\VundoFix Backups\jkkjg.dll.bad

Infecté par: MemScan:Trojan.Virtumod.ALX

C:\VundoFix Backups\jkkjg.dll.bad

Echec de la désinfection

C:\VundoFix Backups\jkkjg.dll.bad

Supprimé

C:\VundoFix Backups\mljjjhh.dll.bad

Infecté par: MemScan:Trojan.Virtumonde.IC

C:\VundoFix Backups\mljjjhh.dll.bad

Echec de la désinfection

C:\VundoFix Backups\mljjjhh.dll.bad

Supprimé

C:\VundoFix Backups\qlatitlo.dll.bad

Infecté par: Trojan.Spy.VBStat.B

C:\VundoFix Backups\qlatitlo.dll.bad

Supprimé

C:\VundoFix Backups\ssqolig.dll.bad

Infecté par: MemScan:Trojan.Virtumonde.IC

C:\VundoFix Backups\ssqolig.dll.bad

Echec de la désinfection

C:\VundoFix Backups\ssqolig.dll.bad

Supprimé

C:\VundoFix Backups\sstqq.dll.bad

Infecté par: MemScan:Trojan.Virtumod.ALX

C:\VundoFix Backups\sstqq.dll.bad

Echec de la désinfection

C:\VundoFix Backups\sstqq.dll.bad

Supprimé

C:\VundoFix Backups\wvuvwwu.dll.bad

Infecté par: MemScan:Trojan.Virtumonde.IC

C:\VundoFix Backups\wvuvwwu.dll.bad

Echec de la désinfection

C:\VundoFix Backups\wvuvwwu.dll.bad

Supprimé

C:\WINDOWS\Downloaded Program Files\flash.inf

Infecté par: Trojan.Downloader.AJK

C:\WINDOWS\Downloaded Program Files\flash.inf

Echec de la désinfection

C:\WINDOWS\Downloaded Program Files\flash.inf

Supprimé

C:\WINDOWS\system32\Fwv7S5Ce.exe

Infecté par: BehavesLike:Win32.ExplorerHijack

C:\WINDOWS\system32\Fwv7S5Ce.exe

Echec de la désinfection

C:\WINDOWS\system32\Fwv7S5Ce.exe

Supprimé

C:\WINDOWS\system32\jkhhf.dll

Infecté par: DeepScan:Generic.Virtumonde1.ge.872C70D0

C:\WINDOWS\system32\jkhhf.dll

Echec de la désinfection

C:\WINDOWS\system32\jkhhf.dll

Echec de la suppression

C:\WINDOWS\system32\rgujsacj.exe

Infecté par: Trojan.Fotomoto.A

C:\WINDOWS\system32\rgujsacj.exe

Echec de la désinfection

C:\WINDOWS\system32\rgujsacj.exe

Supprimé

C:\WINDOWS\system32\xcycfgyo.exe

Infecté par: Trojan.Fotomoto.A

C:\WINDOWS\system32\xcycfgyo.exe

Echec de la désinfection

C:\WINDOWS\system32\xcycfgyo.exe

Supprimé
0
Réponse 14 / 14
rudyrital Messages postés 6233 Statut Membre 131
 
salut, ou en sont tes problemes ???
0

Discussions similaires

Impossible d'afficher le rapport de tableau croisé dynamique sur un rapport
Utilisateur anonyme -
TomH. -

13 réponses
écrire un rapport de travail
asi -
REGINALD -

3 réponses
impossible d'afficher le tableau dynamique sur un rapport existant
Pierre -
Adrien71 -

3 réponses
Problém affichage du tableau croisé dynamique
BK -
Raymond PENTIER -

2 réponses
Theme de rapport de stage option comptabilité
sana saydou -
Raymond PENTIER -

2 réponses