Sujet Précédent Sujet Suivant

Virus album photo msn

Fermé
Remart Messages postés 12 Date d'inscription dimanche 1 juillet 2007 Statut Membre Dernière intervention 2 juillet 2007 - 1 juil. 2007 à 02:19
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 - 2 juil. 2007 à 15:25
Bonsoir.

J'ai fait le tour des forums et autres sites me permettant de trouver une solution globale au probleme du virus album se transmettant sur msn.
Malheureusement, je dois etre un boulet... et je n'y arrive pas.
J'ajoute que MSNFix ne le detecte pas :s

Pouvez vous m'aider?
A voir également:

19 réponses

Réponse 1 / 19
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
1 juil. 2007 à 10:35
colle un rapport hijackthis

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html


----------



lance spybot

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html


-------------



fait un scan en ligne avec bitdefender et colle le rapport

http://www.bitdefender.fr/scan_fr/scan8/ie.html
0
Réponse 2 / 19
Remart Messages postés 12 Date d'inscription dimanche 1 juillet 2007 Statut Membre Dernière intervention 2 juillet 2007
1 juil. 2007 à 14:01
Hijack :

Logfile of HijackThis v1.99.1
Scan saved at 12:53:32, on 01/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\E_S00RP1.EXE
C:\Program Files\Borland\InterBase\bin\ibguard.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE
C:\WINDOWS\system32\1049\svchost.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Borland\InterBase\bin\ibserver.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Remart\blqsev.exe
C:\Documents and Settings\Remart\Bureau\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.ircfast.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\system32\1049\svchost.exe
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Auto EPSON Stylus CX6600 Series sur GEGE] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P40 "Auto EPSON Stylus CX6600 Series sur GEGE" /O13 "\\GEGE\EPSONS" /M "Stylus CX6600"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\SetPoint\SetPoint.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://remart.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: system32 - {874F7323-C090-4B09-9CA4-FF6F91EDBC25} - sysprinters.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: SQL Server FullText Search (WICKY) (msftesql$WICKY) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe" -s:MSSQL.1 -f:WICKY (file missing)
O23 - Service: SQL Server Analysis Services (WICKY) (MSOLAP$WICKY) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\Config (file missing)
O23 - Service: SQL Server (WICKY) (MSSQL$WICKY) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sWICKY (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SQL Server Agent (WICKY) (SQLAgent$WICKY) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE" -i WICKY (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe



spybot :



je trouve pas mon malware...



Bitdefender :


Rapport d'analyse généré à: Sun, Jul 01, 2007 - 13:52:59









Voie d'analyse: C:\;D:\;E:\;F:\;G:\;I:\;















Statistiques

Temps


00:39:51

Fichiers


394299

Directoires


10418

Secteurs de boot


8

Archives


8617

Paquets programmes


19483







Résultats

Virus identifiés


5

Fichiers infectés


66

Fichiers suspects


0

Avertissements


0

Désinfectés


0

Fichiers effacés


65







Info sur les moteurs

Définition virus


636142

Version des moteurs


AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)

Analyse des plugins


14

Archive des plugins


38

Unpack des plugins


6

E-mail plugins


6

Système plugins


1







Paramètres d'analyse

Première action


Désinfecté

Seconde Action


Supprimé

Heuristique


Oui

Acceptez les avertissements


Oui

Extensions analysées


*;

Excludez les extensions




Analyse d'emails


Oui

Analyse des Archives


Oui

Analyser paquets programmes


Oui

Analyse des fichiers


Oui

Analyse de boot


Oui








Fichier analysé


Statut

C:\install\ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\install\ghost.exe


Echec de la désinfection

C:\install\ghost.exe


Supprimé

C:\WINDOWS\myalbum2007.zip=>photo album-2007.scr


Infecté par: DeepScan:Generic.Dropper.Delf.DBEEE130

C:\WINDOWS\myalbum2007.zip=>photo album-2007.scr


Echec de la désinfection

C:\WINDOWS\myalbum2007.zip=>photo album-2007.scr


Supprimé

C:\WINDOWS\myalbum2007.zip


Mis à jour

C:\WINDOWS\retadpu420.exe


Infecté par: Trojan.Downloader.Agent.YFI

C:\WINDOWS\retadpu420.exe


Echec de la désinfection

C:\WINDOWS\retadpu420.exe


Supprimé

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\W9MJ0LQ7\addyt[1].exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\W9MJ0LQ7\addyt[1].exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\W9MJ0LQ7\addyt[1].exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\W9MJ0LQ7\addyt[1].exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addy[1].exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addy[1].exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addy[1].exe


Supprimé

C:\Documents and Settings\Remart\Mes documents\Mes fichiers reçus\myalbum2007.zip=>photo album-2007.scr


Infecté par: DeepScan:Generic.Dropper.Delf.DBEEE130

C:\Documents and Settings\Remart\Mes documents\Mes fichiers reçus\myalbum2007.zip=>photo album-2007.scr


Echec de la désinfection

C:\Documents and Settings\Remart\Mes documents\Mes fichiers reçus\myalbum2007.zip=>photo album-2007.scr


Supprimé

C:\Documents and Settings\Remart\Mes documents\Mes fichiers reçus\myalbum2007.zip


Mis à jour

C:\Documents and Settings\Remart\Mes documents\Mes fichiers reçus\photo album-2007.scr


Infecté par: DeepScan:Generic.Dropper.Delf.DBEEE130

C:\Documents and Settings\Remart\Mes documents\Mes fichiers reçus\photo album-2007.scr


Echec de la désinfection

C:\Documents and Settings\Remart\Mes documents\Mes fichiers reçus\photo album-2007.scr


Supprimé

C:\Documents and Settings\Remart\ystisv.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\ystisv.exe


Echec de la désinfection

C:\Documents and Settings\Remart\ystisv.exe


Supprimé

C:\Documents and Settings\Remart\xqavrg.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\xqavrg.exe


Echec de la désinfection

C:\Documents and Settings\Remart\xqavrg.exe


Supprimé

C:\Documents and Settings\Remart\qlrpwx.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\qlrpwx.exe


Echec de la désinfection

C:\Documents and Settings\Remart\qlrpwx.exe


Supprimé

C:\Documents and Settings\Remart\jerhkg.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\jerhkg.exe


Echec de la désinfection

C:\Documents and Settings\Remart\jerhkg.exe


Supprimé

C:\Documents and Settings\Remart\xzkpnr.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\xzkpnr.exe


Echec de la désinfection

C:\Documents and Settings\Remart\xzkpnr.exe


Supprimé

C:\Documents and Settings\Remart\yhvaky.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\yhvaky.exe


Echec de la désinfection

C:\Documents and Settings\Remart\yhvaky.exe


Supprimé

C:\Documents and Settings\Remart\vidhpz.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\vidhpz.exe


Echec de la désinfection

C:\Documents and Settings\Remart\vidhpz.exe


Supprimé

C:\Documents and Settings\Remart\dtdzxa.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\dtdzxa.exe


Echec de la désinfection

C:\Documents and Settings\Remart\dtdzxa.exe


Supprimé

C:\Documents and Settings\Remart\pzwszd.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\pzwszd.exe


Echec de la désinfection

C:\Documents and Settings\Remart\pzwszd.exe


Supprimé

C:\Documents and Settings\Remart\mgembq.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\mgembq.exe


Echec de la désinfection

C:\Documents and Settings\Remart\mgembq.exe


Supprimé

C:\Documents and Settings\Remart\pnwkcm.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\pnwkcm.exe


Echec de la désinfection

C:\Documents and Settings\Remart\pnwkcm.exe


Supprimé

C:\Documents and Settings\Remart\tgxdeh.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\tgxdeh.exe


Echec de la désinfection

C:\Documents and Settings\Remart\tgxdeh.exe


Supprimé

C:\Documents and Settings\Remart\jmwric.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\jmwric.exe


Echec de la désinfection

C:\Documents and Settings\Remart\jmwric.exe


Supprimé

C:\Documents and Settings\Remart\aijbhz.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\aijbhz.exe


Echec de la désinfection

C:\Documents and Settings\Remart\aijbhz.exe


Supprimé

C:\Documents and Settings\Remart\zruldr.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\zruldr.exe


Echec de la désinfection

C:\Documents and Settings\Remart\zruldr.exe


Supprimé

C:\Documents and Settings\Remart\dgosnl.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\dgosnl.exe


Echec de la désinfection

C:\Documents and Settings\Remart\dgosnl.exe


Supprimé

C:\Documents and Settings\Remart\fgpoga.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\fgpoga.exe


Echec de la désinfection

C:\Documents and Settings\Remart\fgpoga.exe


Supprimé

C:\Documents and Settings\Remart\selfah.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\selfah.exe


Echec de la désinfection

C:\Documents and Settings\Remart\selfah.exe


Supprimé

C:\Documents and Settings\Remart\rcxhjs.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\rcxhjs.exe


Echec de la désinfection

C:\Documents and Settings\Remart\rcxhjs.exe


Supprimé

C:\Documents and Settings\Remart\ctdaly.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\ctdaly.exe


Echec de la désinfection

C:\Documents and Settings\Remart\ctdaly.exe


Supprimé

C:\Documents and Settings\Remart\exgxow.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\exgxow.exe


Echec de la désinfection

C:\Documents and Settings\Remart\exgxow.exe


Supprimé

C:\Documents and Settings\Remart\ojefvo.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\ojefvo.exe


Echec de la désinfection

C:\Documents and Settings\Remart\ojefvo.exe


Supprimé

C:\Documents and Settings\Remart\fmdbai.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\fmdbai.exe


Echec de la désinfection

C:\Documents and Settings\Remart\fmdbai.exe


Supprimé

C:\Documents and Settings\Remart\bhmmmg.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\bhmmmg.exe


Echec de la désinfection

C:\Documents and Settings\Remart\bhmmmg.exe


Supprimé

C:\Documents and Settings\Remart\yofczx.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\yofczx.exe


Echec de la désinfection

C:\Documents and Settings\Remart\yofczx.exe


Supprimé

C:\Documents and Settings\Remart\dbcvwk.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\dbcvwk.exe


Echec de la désinfection

C:\Documents and Settings\Remart\dbcvwk.exe


Supprimé

C:\Documents and Settings\Remart\qziehq.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\qziehq.exe


Echec de la désinfection

C:\Documents and Settings\Remart\qziehq.exe


Supprimé

C:\Documents and Settings\Remart\cxmind.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\cxmind.exe


Echec de la désinfection

C:\Documents and Settings\Remart\cxmind.exe


Supprimé

C:\Documents and Settings\Remart\qhhzfr.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\qhhzfr.exe


Echec de la désinfection

C:\Documents and Settings\Remart\qhhzfr.exe


Supprimé

C:\Documents and Settings\Remart\nezljb.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\nezljb.exe


Echec de la désinfection

C:\Documents and Settings\Remart\nezljb.exe


Supprimé

C:\Documents and Settings\Remart\sruyol.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\sruyol.exe


Echec de la désinfection

C:\Documents and Settings\Remart\sruyol.exe


Supprimé

C:\Documents and Settings\Remart\etlzki.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\etlzki.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\etlzki.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\etlzki.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\iufoeq.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\iufoeq.exe


Echec de la désinfection

C:\Documents and Settings\Remart\iufoeq.exe


Supprimé

C:\Documents and Settings\Remart\hhsfrn.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\hhsfrn.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\hhsfrn.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\hhsfrn.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\aoukwf.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\aoukwf.exe


Echec de la désinfection

C:\Documents and Settings\Remart\aoukwf.exe


Supprimé

C:\Documents and Settings\Remart\pwfsvp.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\pwfsvp.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\pwfsvp.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\pwfsvp.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\xwqenp.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\xwqenp.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\xwqenp.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\xwqenp.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\syubtn.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\syubtn.exe


Echec de la désinfection

C:\Documents and Settings\Remart\syubtn.exe


Supprimé

C:\Documents and Settings\Remart\hwqqud.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\hwqqud.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\hwqqud.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\hwqqud.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\momwqq.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\momwqq.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\momwqq.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\momwqq.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\crfvaq.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\crfvaq.exe


Echec de la désinfection

C:\Documents and Settings\Remart\crfvaq.exe


Supprimé

C:\Documents and Settings\Remart\blqsev.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\blqsev.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\blqsev.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\blqsev.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\qbcalf.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\qbcalf.exe


Echec de la désinfection

C:\Documents and Settings\Remart\qbcalf.exe


Supprimé

C:\Documents and Settings\Remart\awpjpk.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\awpjpk.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\awpjpk.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\awpjpk.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\jxdyto.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\jxdyto.exe


Echec de la désinfection

C:\Documents and Settings\Remart\jxdyto.exe


Supprimé

C:\Documents and Settings\Remart\gowspr.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\gowspr.exe


Echec de la désinfection

C:\Documents and Settings\Remart\gowspr.exe


Echec de la suppression

C:\Documents and Settings\Remart\kxtkuk.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\kxtkuk.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\kxtkuk.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\kxtkuk.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\grlkgb.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\grlkgb.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\grlkgb.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\grlkgb.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\mqdsiy.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\mqdsiy.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\mqdsiy.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\mqdsiy.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Program Files\DAEMON Tools\SetupDTSB.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe


Infecté par: Generic.Adw.SaveNow.F5FEB660

C:\Program Files\DAEMON Tools\SetupDTSB.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe


Echec de la désinfection

C:\Program Files\DAEMON Tools\SetupDTSB.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe


Supprimé

C:\Program Files\DAEMON Tools\SetupDTSB.exe=>(CAB Sfx r)


Echec de la mise à jour

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026287.scr


Infecté par: DeepScan:Generic.Dropper.Delf.DBEEE130

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026287.scr


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026287.scr


Supprimé

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026336.exe


Infecté par: Trojan.Downloader.JISG

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026336.exe


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026336.exe


Supprimé

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026337.exe


Infecté par: Trojan.Downloader.JISG

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026337.exe


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026337.exe


Supprimé

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026338.exe


Infecté par: Trojan.Downloader.JISG

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026338.exe


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026338.exe


Supprimé

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026339.exe


Infecté par: Trojan.Downloader.JISG

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026339.exe


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026339.exe


Supprimé

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026340.exe


Infecté par: Trojan.Downloader.JISG

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026340.exe


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026340.exe


Supprimé

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026341.exe


Infecté par: Trojan.Downloader.JISG

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026341.exe


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026341.exe


Supprimé

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026342.exe


Infecté par: Trojan.Downloader.JISG

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026342.exe


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026342.exe


Supprimé

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026343.exe


Infecté par: Trojan.Downloader.JISG

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026343.exe


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP161\A0026343.exe


Supprimé
0
Réponse 3 / 19
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
1 juil. 2007 à 15:04
CCLEANER (reparer les erreurs et nettoyage) sans installer la barre yahoo:

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html


------------
desactive la restauration systeme (DEMARRER TOUS LES PROG puis ACCESSOIRE puis OUTILS SYSTEME puis RESTAURATION et desactive dans PARAMETRE puis reactive)

---------

refait ensuite un scan en ligne et colle le rapport ainsi que
hijackthis
0
Réponse 4 / 19
Remart Messages postés 12 Date d'inscription dimanche 1 juillet 2007 Statut Membre Dernière intervention 2 juillet 2007
1 juil. 2007 à 17:59
BitDefender Online Scanner







Rapport d'analyse généré à: Sun, Jul 01, 2007 - 15:53:37









Voie d'analyse: C:\;D:\;E:\;F:\;G:\;I:\;















Statistiques

Temps


00:37:42

Fichiers


384076

Directoires


9961

Secteurs de boot


8

Archives


8582

Paquets programmes


19201







Résultats

Virus identifiés


4

Fichiers infectés


25

Fichiers suspects


0

Avertissements


0

Désinfectés


0

Fichiers effacés


25







Info sur les moteurs

Définition virus


636168

Version des moteurs


AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)

Analyse des plugins


14

Archive des plugins


38

Unpack des plugins


6

E-mail plugins


6

Système plugins


1







Paramètres d'analyse

Première action


Désinfecté

Seconde Action


Supprimé

Heuristique


Oui

Acceptez les avertissements


Oui

Extensions analysées


*;

Excludez les extensions




Analyse d'emails


Oui

Analyse des Archives


Oui

Analyser paquets programmes


Oui

Analyse des fichiers


Oui

Analyse de boot


Oui








Fichier analysé


Statut

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyCAGI3IQG.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyCAGI3IQG.exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyCAGI3IQG.exe


Supprimé

C:\Documents and Settings\Remart\etlzki.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\etlzki.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\etlzki.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\etlzki.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\hhsfrn.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\hhsfrn.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\hhsfrn.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\hhsfrn.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\pwfsvp.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\pwfsvp.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\pwfsvp.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\pwfsvp.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\xwqenp.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\xwqenp.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\xwqenp.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\xwqenp.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\hwqqud.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\hwqqud.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\hwqqud.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\hwqqud.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\momwqq.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\momwqq.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\momwqq.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\momwqq.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\blqsev.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\blqsev.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\blqsev.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\blqsev.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\awpjpk.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\awpjpk.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\awpjpk.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\awpjpk.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\gowspr.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\gowspr.exe


Echec de la désinfection

C:\Documents and Settings\Remart\gowspr.exe


Supprimé

C:\Documents and Settings\Remart\kxtkuk.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\kxtkuk.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\kxtkuk.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\kxtkuk.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\grlkgb.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\grlkgb.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\grlkgb.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\grlkgb.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\mqdsiy.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\mqdsiy.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\mqdsiy.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\mqdsiy.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\sycdfz.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\sycdfz.exe


Echec de la désinfection

C:\Documents and Settings\Remart\sycdfz.exe


Supprimé

C:\Documents and Settings\Remart\ubdduc.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\ubdduc.exe


Echec de la désinfection

C:\Documents and Settings\Remart\ubdduc.exe


Supprimé

C:\Documents and Settings\Remart\fjuqzl.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\fjuqzl.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\fjuqzl.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\fjuqzl.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\mpcjwd.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\mpcjwd.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\mpcjwd.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\mpcjwd.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\cdccmy.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\Documents and Settings\Remart\cdccmy.exe


Echec de la désinfection

C:\Documents and Settings\Remart\cdccmy.exe


Supprimé

C:\Documents and Settings\Remart\fagayx.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\fagayx.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\fagayx.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\fagayx.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\zgvqhn.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\zgvqhn.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\zgvqhn.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\zgvqhn.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\yxwbhb.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\yxwbhb.exe


Echec de la désinfection

C:\Documents and Settings\Remart\yxwbhb.exe


Supprimé

C:\Documents and Settings\Remart\zzvvic.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\zzvvic.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\zzvvic.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\zzvvic.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\kzmgyz.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\kzmgyz.exe


Echec de la désinfection

C:\Documents and Settings\Remart\kzmgyz.exe


Supprimé

C:\Documents and Settings\Remart\xszawy.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\xszawy.exe


Echec de la désinfection

C:\Documents and Settings\Remart\xszawy.exe


Supprimé

C:\Program Files\DAEMON Tools\SetupDTSB.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe


Infecté par: Generic.Adw.SaveNow.F5FEB660

C:\Program Files\DAEMON Tools\SetupDTSB.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe


Echec de la désinfection

C:\Program Files\DAEMON Tools\SetupDTSB.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe


Supprimé

C:\Program Files\DAEMON Tools\SetupDTSB.exe=>(CAB Sfx r)


Echec de la mise à jour

























Logfile of HijackThis v1.99.1
Scan saved at 17:58:57, on 01/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\E_S00RP1.EXE
C:\Program Files\Borland\InterBase\bin\ibguard.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE
C:\WINDOWS\system32\1049\svchost.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ASUS\Splendid\ACMON.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE
C:\WINDOWS\system32\ACEngSvr.exe
C:\Program Files\Borland\InterBase\bin\ibserver.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\SpeedSim\SpeedSim.exe
C:\UT2004\System\UT2004.exe
C:\Documents and Settings\Remart\Bureau\hijackthis\test.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.ircfast.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\system32\1049\svchost.exe
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Auto EPSON Stylus CX6600 Series sur GEGE] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P40 "Auto EPSON Stylus CX6600 Series sur GEGE" /O13 "\\GEGE\EPSONS" /M "Stylus CX6600"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\SetPoint\SetPoint.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://remart.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: system32 - {874F7323-C090-4B09-9CA4-FF6F91EDBC25} - sysprinters.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: SQL Server FullText Search (WICKY) (msftesql$WICKY) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe" -s:MSSQL.1 -f:WICKY (file missing)
O23 - Service: SQL Server Analysis Services (WICKY) (MSOLAP$WICKY) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\Config (file missing)
O23 - Service: SQL Server (WICKY) (MSSQL$WICKY) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sWICKY (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SQL Server Agent (WICKY) (SQLAgent$WICKY) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE" -i WICKY (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 19
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
1 juil. 2007 à 19:13
http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe

Télécharger sur le bureau
Navilog.zip
= Double-Clic navilog1.zip
= Extraire tout sur le bureau
= Double-Clic navilog1 qui est sur le bureau
= Appuyer sur une touche jusqu' arriver aux options
= Choisir option 1

un rapport : fixnavi.txt dans C : va se creer
le copier/coller dans ton prochain message.




= Redémarrer en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistrer ou imprimer les consignes. Relancer le Pc et tapoter la touche F8, jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionner Mode sans échec ==> entrée ==>nom utilisateur habituel
= Lance navilog1
= Cette fois-ci choisi l'option 2
= Navilog va faire le nettoyage.. patient jusqu'à ce qui soit marqué *** Nettoyage Termine le ..... ***
= Un rapport va être génrer sur ton C:\ qui sera en option 2
Note: le bureau disparaît

= Redémarre en mode normal et colle le contenu du rapport de navilog (qui est en option 2)

------------------

lance avg antispyware et colle le rapport
https://www.01net.com/telecharger/
-------------------------

refait ensuite encore un scan en ligne pour etre sur que tout est ok
-------

tu peux aussi scanner avec ton antivirus a jour pour voir
0
Réponse 6 / 19
Remart Messages postés 12 Date d'inscription dimanche 1 juillet 2007 Statut Membre Dernière intervention 2 juillet 2007
1 juil. 2007 à 19:23
Search Navipromo version 2.0.5 commencé le 01/07/2007 à 19:21:33,98

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 01.07.2007 a 12h00 by IL-MAFIOSO

Executé en mode normal

*** Recherche Programmes installes ***




*** Recherche dossiers dans C:\WINDOWS ***




*** Recherche dossiers dans C:\Program Files ***




*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***




*** Recherche dossiers dans C:\Documents and Settings\Remart\Application Data ***



*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en


F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================

Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of October, 2007.
Version information: 2.2.1064.

[+] Started on 07/01/07 at 19:21:35.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items ...........................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 07/01/07 at 19:22:14 (return code = 0).


*** Recherche fichiers ***




*** Recherche cles registre ***


Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]



Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]



Recherche Clé Magic Control



*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:


2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********

3)Recherche Certificats :


*** Analyse Terminé le 01/07/2007 à 19:22:27,50 ***

Je passe a la partie 2
0
Réponse 7 / 19
Remart Messages postés 12 Date d'inscription dimanche 1 juillet 2007 Statut Membre Dernière intervention 2 juillet 2007
1 juil. 2007 à 19:50
Bon voila c'est fait.

J'ai refémaré en mode sans echec et executé le soft.
Seulement, il a redémaré quasiment aussitot.

Une fois redémaré, il m'a affiché ca :

Clean Navipromo version 2.0.5 commencé le 01/07/2007 à 19:40:50,59

Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 01.07.2007 a 12h00 by IL-MAFIOSO

Mode suppression automatique avec prise en charge résultats Blacklight



*** fsbl1.txt non trouvé ***
(Assurez-vous que Blacklight n'avait rien trouvé lors de la recherche)


*** Suppression dossiers dans C:\WINDOWS ***


*** Suppression dossiers dans C:\Program Files ***


*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***


*** Suppression dossiers dans C:\Documents and Settings\Remart\Application Data ***



*** Suppression fichiers ***


*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Remart\Local Settings\Temp effectué !


*** Sauvegarde du registre vers dossier Backupnavi***


sauvegarde du registre réalise avec succes !


*** Nettoyage registre ***


Nettoyage registre Ok

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche fichiers connus:


2)Recherche et Suppression Heuristique :

*
**
***
****
*****
******
*******
********

3)Contrôle présence clés Rootkit dans le registre :

Aucune autre clés présente dans le registre !

4)Certificats :


*** Nettoyage termine le 01/07/2007 à 19:45:13,85 ***





Le truc qui me gene un peu... c'est qu'a part ca, rien ne s'est lancé au démarage... pas même avast!
0
Réponse 8 / 19
Remart Messages postés 12 Date d'inscription dimanche 1 juillet 2007 Statut Membre Dernière intervention 2 juillet 2007
1 juil. 2007 à 21:07
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 20:25:36 01/07/2007

+ Résultat de l'analyse:



:mozilla.127:C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.128:C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.106:C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.107:C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.37:C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.129:C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.59:C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.126:C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.39:C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.40:C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.41:C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.73:C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Remart\Cookies\remart@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.


Fin du rapport







BitDefender Online Scanner







Rapport d'analyse généré à: Sun, Jul 01, 2007 - 21:04:26









Voie d'analyse: C:\;D:\;E:\;F:\;G:\;I:\;















Statistiques

Temps


00:36:09

Fichiers


383288

Directoires


9976

Secteurs de boot


8

Archives


8598

Paquets programmes


19152







Résultats

Virus identifiés


4

Fichiers infectés


37

Fichiers suspects


0

Avertissements


0

Désinfectés


0

Fichiers effacés


37







Info sur les moteurs

Définition virus


636182

Version des moteurs


AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)

Analyse des plugins


14

Archive des plugins


38

Unpack des plugins


6

E-mail plugins


6

Système plugins


1







Paramètres d'analyse

Première action


Désinfecté

Seconde Action


Supprimé

Heuristique


Oui

Acceptez les avertissements


Oui

Extensions analysées


*;

Excludez les extensions




Analyse d'emails


Oui

Analyse des Archives


Oui

Analyser paquets programmes


Oui

Analyse des fichiers


Oui

Analyse de boot


Oui








Fichier analysé


Statut

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[1].exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[1].exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[1].exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[1].exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[2].exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[2].exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[2].exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[2].exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[3].exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[3].exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[3].exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[3].exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyCALEIZWI.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyCALEIZWI.exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyCALEIZWI.exe


Supprimé

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[4].exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[4].exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[4].exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[4].exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[5].exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[5].exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[5].exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyt[5].exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyCA7QMVZV.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyCA7QMVZV.exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\OHMN4TIN\addyCA7QMVZV.exe


Supprimé

C:\Documents and Settings\Remart\etlzki.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\etlzki.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\etlzki.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\etlzki.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\hhsfrn.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\hhsfrn.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\hhsfrn.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\hhsfrn.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\pwfsvp.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\pwfsvp.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\pwfsvp.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\pwfsvp.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\xwqenp.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\xwqenp.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\xwqenp.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\xwqenp.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\hwqqud.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\hwqqud.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\hwqqud.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\hwqqud.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\momwqq.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\momwqq.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\momwqq.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\momwqq.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\blqsev.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\blqsev.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\blqsev.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\blqsev.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\awpjpk.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\awpjpk.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\awpjpk.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\awpjpk.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\kxtkuk.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\kxtkuk.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\kxtkuk.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\kxtkuk.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\grlkgb.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\grlkgb.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\grlkgb.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\grlkgb.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\mqdsiy.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\mqdsiy.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\mqdsiy.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\mqdsiy.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\fjuqzl.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\fjuqzl.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\fjuqzl.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\fjuqzl.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\mpcjwd.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\mpcjwd.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\mpcjwd.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\mpcjwd.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\fagayx.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\fagayx.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\fagayx.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\fagayx.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\zgvqhn.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\zgvqhn.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\zgvqhn.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\zgvqhn.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\zzvvic.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\zzvvic.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\zzvvic.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\zzvvic.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\arsrsp.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\arsrsp.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\arsrsp.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\arsrsp.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\ljwluu.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\ljwluu.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\ljwluu.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\ljwluu.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\hezmul.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\hezmul.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\hezmul.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\hezmul.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\vdoioo.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\vdoioo.exe


Echec de la désinfection

C:\Documents and Settings\Remart\vdoioo.exe


Supprimé

C:\Documents and Settings\Remart\kczjkp.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\kczjkp.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\kczjkp.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\kczjkp.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\ahxdxe.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\ahxdxe.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\ahxdxe.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\ahxdxe.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\zohmuk.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\Documents and Settings\Remart\zohmuk.exe


Echec de la désinfection

C:\Documents and Settings\Remart\zohmuk.exe


Supprimé

C:\Documents and Settings\Remart\lvjzes.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\lvjzes.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\lvjzes.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\lvjzes.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\fgamqu.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\fgamqu.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\fgamqu.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\fgamqu.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\fspxkn.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\fspxkn.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\fspxkn.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\fspxkn.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\uajyks.exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\uajyks.exe


Echec de la désinfection

C:\Documents and Settings\Remart\uajyks.exe


Supprimé

C:\Documents and Settings\Remart\xmnhgd.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\xmnhgd.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\xmnhgd.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\xmnhgd.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\xqisob.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\xqisob.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\xqisob.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\xqisob.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Program Files\DAEMON Tools\SetupDTSB.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe


Infecté par: Generic.Adw.SaveNow.F5FEB660

C:\Program Files\DAEMON Tools\SetupDTSB.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe


Echec de la désinfection

C:\Program Files\DAEMON Tools\SetupDTSB.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe


Supprimé

C:\Program Files\DAEMON Tools\SetupDTSB.exe=>(CAB Sfx r)


Echec de la mise à jour





















Bon, a priori ya plus de trace de l'album photo...
Mais ca arrive pas a supprimer les autres trojans...
Et Avast me lance des alertes sans arret...
0
Réponse 9 / 19
Remart Messages postés 12 Date d'inscription dimanche 1 juillet 2007 Statut Membre Dernière intervention 2 juillet 2007
1 juil. 2007 à 21:23
J'ai fait un scan complet avec avast, il detecte absolument rien -_-
0
Réponse 10 / 19
tété
1 juil. 2007 à 21:29
Logfile of HijackThis v1.99.1
Scan saved at 21:29:15, on 01/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Securitoo\av_fw\fswsclds.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\BCMSMMSG.exe
C:\WINDOWS\System32\DSentry.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\VeriSign\NAVI\naviagent.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Creative\Shared Files\CamTray.exe
C:\Palm\HOTSYNC.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\wanmpsvc.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\WINDOWS\System32\svchost.exe
C:\DOCUME~1\THO~1\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/fr/fra/gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: phoneaccess Class - {5054F860-748D-4840-B7B4-DDDB428421AF} - C:\WINDOWS\DOWNLO~1\PHONEA~1.DLL (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PD0620 STISvc] RunDLL32.exe P0620Pin.dll,RunDLL32EP 513
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Program Files\Creative\Shared Files\CamTray.exe"
O4 - Global Startup: AOL 8.0 Icône AOL.lnk = C:\Program Files\AOL 8.0\aoltray.exe
O4 - Global Startup: AOL Compagnon.lnk = C:\Program Files\AOL Compagnon\companion.exe
O4 - Global Startup: HotSync Manager.lnk = C:\Palm\HOTSYNC.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: Aide i-Nav - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra 'Tools' menuitem: Options i-Nav - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program Files\VeriSign\i-Nav\i-nav_4_2_1.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Interface Chat Wanadoo - http://chat1.voila.fr/version4/Applet/wchatsign.cab
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://fr.encyclopedia.yahoo.com/rsc/tdserver.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {5054F860-748D-4840-B7B4-DDDB428421AF} (phoneaccess Class) - http://ip.sponsoradulto.com/cab/4/fr/phoneaccess.cab
O16 - DPF: {511F9316-771B-4953-A268-1C36DA667FE9} - http://ip.sponsoradulto.com/cab/3/fr/SysWebTelecomInt.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: system32 - {36E62F42-53D2-434D-BAE8-FF42A5773E4D} - sysprinters.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: F-Secure Windows Security Center Legacy Detection Service (Fswsclds) - F-Secure Corporation - C:\Program Files\Securitoo\av_fw\fswsclds.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program Files\VeriSign\NAVI\naviagent.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: WAN Miniport (ATW) Service (WANMiniportService) - America Online, Inc. - C:\WINDOWS\wanmpsvc.exe

jessaye mé sa ma fé pareil mé jé kr 13 an et jcompren pa bien^^
0
Réponse 11 / 19
tété
1 juil. 2007 à 21:33
c bn jé pigé!!^^
0
Réponse 12 / 19
Remart Messages postés 12 Date d'inscription dimanche 1 juillet 2007 Statut Membre Dernière intervention 2 juillet 2007
1 juil. 2007 à 21:37
sinon, tu peux aussi créer ton topic...

jlpjlp est ce que c'est bon ou faut que je rouvre un autre topic pour mes autres trojans?
(en regardant un peu dans C:/Windows/
Je vois toujours le fichier myalbum2007.zip et il apparait toujours dans mes fichiers recus... est ce normal?
0
Réponse 13 / 19
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
1 juil. 2007 à 21:51
si tu as le lien supprime le ce dossier!

lance
AD AWARE:
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/11643.html

---------------------
a squared
https://www.01net.com/telecharger/

----
refait un scan en ligne bit defender et colle le rapport

puis hijacktihs
0
Réponse 14 / 19
Remart Messages postés 12 Date d'inscription dimanche 1 juillet 2007 Statut Membre Dernière intervention 2 juillet 2007
1 juil. 2007 à 22:17
Scan Results
Ad-Aware 2007 Free Edition
Log File Created on:2007-07-0122:09:58
Using Definitions File:C:\Documents and Settings\All Users\Application Data\Lavasoft\Ad-Aware 2007\core.aawdef
Computer name:WICKY
Name of user performing scan:SYSTEM
Name of user ordering scan:Remart
Scan completed successfully

System Information
File Verion Information
Ad-Aware 2007 Settings
Extended Ad-Aware 2007 Settings
Database Information
Scan Statistics
Scan Detailed Statistics
Infections Found
Listing of running processes
System Information
Number of processors:2
Processor type:Intel(R) Core(TM)2 CPU T7200 @ 2.00GHz
Memory Available:64%
Total Physical Memory:2146742272 Bytes
Available Physical Memory:1358823424 Bytes
Total Page File Size:4131459072 Bytes
Available On Page File:3290394624 Bytes
Total Virtual Memory:2147352576 Bytes
Available Virtual Memory:1989136384 Bytes
OS:Microsoft Windows XP 5.1 (Build 2600)
[to top]
File Verion Information
File Version
CEAPI.dll 7, 0, 1, 2
aawservice.exe 7, 0, 1, 2
Ad-Aware2007.exe 7.0.1.2
[to top]
Ad-Aware 2007 Settings
Skipping files larger than:1048576 Bytes
Ignoring infections with lower TAI than:3
Safe Mode:False
[to top]
Extended Ad-Aware 2007 Settings
Unload malicious processes and modules
Unload Modules
Let Windows remove files at Start-Up
Deactivate Ad-Watch
Re-analyze Scan Result
Update Definitions on startup
Delete Restored Items
Permanent Archive Caching
Write Protect System Files
Create Log file
Include basic settings
Include advanced settings
Include user and computer name
Environment information
Running processes
Running processes and modules
Include info about ignored objects in log file
Consider definitions File Outdated after x days
Proxy URL
Proxy Port
[to top]
Database Info
Version number:6
Build Number:0
Build Date and Time:2007/06/2915:31:32
[to top]
Scan Statistics
Method:Full

Items Scanned:252971
Infections Detected:44
Infections Removed:0
Infections Quarantined:0
Infections Ignored:0
[to top]
Scan Detailed Statistics
Type Critical Total
Process Scan 0 0
Registry Scan 0 0
Registry PE Scan 0 0
Hosts Scan 0 0
File Scan 0 0
Folder Scan 0 0
LSP Scan 0 0
ADS Scan 0 0
Cookie Scan 43 43
File Hash Scan 0 0
[to top]
Infections Found
Family Id Name Category TAI
725 Tracking Cookie DataMiner 3
[600000408] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat serving-sys.com A2 /
[600000408] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat serving-sys.com B2 /
[600000408] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat serving-sys.com C3 /
[600000408] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat serving-sys.com D3 /
[600000408] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat serving-sys.com E2 /
[600000171] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat bs.serving-sys.com eyeblaster /
[600000173] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat bluestreak.com id /
[600000190] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat www.googleadservices.com Conversion /pagead/conversion/1070723169/
[600000001] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat adserver.aol.fr CfP /
[600000001] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat adserver.aol.fr JEB2 /
[600000049] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat tripod.com CookieStatus /
[600000447] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat apmebf.com S /
[600000447] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat apmebf.com LCLK /
[600000461] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat ad.uk.tangozebra.com TZID /a
[600000190] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat www.googleadservices.com Conversion /pagead/conversion/1071932884/
[600000225] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt weborama.fr AFFICHE_W /
[600000225] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt weborama.fr wbo_temps_reel /
[600000001] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt www.smartadserver.com TestIfCookieP /
[600000001] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt www.smartadserver.com pbw /
[600000001] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt www.smartadserver.com pid /
[600000144] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt doubleclick.net id /
[600000187] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt advertising.com BASE /
[600000187] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt advertising.com ROLL /
[600000187] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt advertising.com F1 /
[600000187] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt advertising.com ACID /
[600000190] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt www.googleadservices.com Conversion /pagead/conversion/1070847646/
[600000179] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt atdmt.com AA002 /
[600000664] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt fileforum.betanews.com __utma /
[600000664] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt fileforum.betanews.com __utmz /
[600000664] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt betanews.com RMID /
[600000295] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt adtech.de CfP /
[600000295] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt adtech.de JEB2 /
[600000664] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt betanews.us.smarttargetting.com VM_USR /
[600000263] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt mediaplex.com svid /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt 247realmedia.com RMID /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt 247realmedia.com 614998 /
[600000173] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt bluestreak.com id /
[600000449] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt adultfriendfinder.com ffadult_tr /
[600000449] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt adultfriendfinder.com HISTORY /
[600000211] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt 022295372.eu1.badoo.com __utmz /
[600000211] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt 022295372.eu1.badoo.com __utma /
[600000225] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt positexte.weborama.com awsid /
[600000031] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt www.cibleclick.com CIDENT_ID /

9999 MRU Object MRU Object 0
[1] MRU Path: C:\Documents and Settings\Remart\Recent Count: 1


Quarantined Objects
Family Id Name Category TAI

Removed Objects
Family Id Name Category TAI
725 Tracking Cookie DataMiner 3
[600000408] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat serving-sys.com A2 /
[600000408] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat serving-sys.com B2 /
[600000408] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat serving-sys.com C3 /
[600000408] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat serving-sys.com D3 /
[600000408] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat serving-sys.com E2 /
[600000171] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat bs.serving-sys.com eyeblaster /
[600000173] Browser: Internet Explorer Cookie: C:\Documents and Settings\Remart\Cookies\index.dat bluestreak.com id /
[600000190] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat www.googleadservices.com Conversion /pagead/conversion/1070723169/
[600000001] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat adserver.aol.fr CfP /
[600000001] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat adserver.aol.fr JEB2 /
[600000049] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat tripod.com CookieStatus /
[600000447] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat apmebf.com S /
[600000447] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat apmebf.com LCLK /
[600000461] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat ad.uk.tangozebra.com TZID /a
[600000190] Browser: Internet Explorer Cookie: C:\Documents and Settings\Wicket\Cookies\index.dat www.googleadservices.com Conversion /pagead/conversion/1071932884/
[600000225] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt weborama.fr AFFICHE_W /
[600000225] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt weborama.fr wbo_temps_reel /
[600000001] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt www.smartadserver.com TestIfCookieP /
[600000001] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt www.smartadserver.com pbw /
[600000001] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt www.smartadserver.com pid /
[600000144] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt doubleclick.net id /
[600000187] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt advertising.com BASE /
[600000187] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt advertising.com ROLL /
[600000187] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt advertising.com F1 /
[600000187] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt advertising.com ACID /
[600000190] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt www.googleadservices.com Conversion /pagead/conversion/1070847646/
[600000179] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt atdmt.com AA002 /
[600000664] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt fileforum.betanews.com __utma /
[600000664] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt fileforum.betanews.com __utmz /
[600000664] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt betanews.com RMID /
[600000295] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt adtech.de CfP /
[600000295] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt adtech.de JEB2 /
[600000664] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt betanews.us.smarttargetting.com VM_USR /
[600000263] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt mediaplex.com svid /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt 247realmedia.com RMID /
[600000083] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt 247realmedia.com 614998 /
[600000173] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt bluestreak.com id /
[600000449] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt adultfriendfinder.com ffadult_tr /
[600000449] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt adultfriendfinder.com HISTORY /
[600000211] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt 022295372.eu1.badoo.com __utmz /
[600000211] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt 022295372.eu1.badoo.com __utma /
[600000225] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt positexte.weborama.com awsid /
[600000031] Browser: Firefox Cookie: C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles/q99fru39.default\cookies.txt www.cibleclick.com CIDENT_ID /

9999 MRU Object MRU Object 0
[1] MRU Path: C:\Documents and Settings\Remart\Recent Count: 1

[to top]
Listing of Running Processes
C:\WINDOWS\SYSTEM32\SMSS.EXE
c:\windows\system32\smss.exe
c:\windows\system32\ntdll.dll
C:\WINDOWS\SYSTEM32\CSRSS.EXE
c:\windows\system32\csrss.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\csrsrv.dll
c:\windows\system32\basesrv.dll
c:\windows\system32\winsrv.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\sxs.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\version.dll
C:\WINDOWS\SYSTEM32\WINLOGON.EXE
c:\windows\system32\winlogon.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\authz.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\nddeapi.dll
c:\windows\system32\profmap.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\regapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\version.dll
c:\windows\system32\winsta.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\msgina.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comdlg32.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\odbcint.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\ole32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\winscard.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\sxs.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\cscdll.dll
c:\windows\system32\wlnotify.dll
c:\windows\system32\winspool.drv
c:\windows\system32\mpr.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\samlib.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\cscui.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\wdmaud.drv
c:\windows\system32\msacm32.drv
c:\windows\system32\msacm32.dll
c:\windows\system32\midimap.dll
c:\windows\system32\comres.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
C:\WINDOWS\SYSTEM32\SERVICES.EXE
c:\windows\system32\services.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\userenv.dll
c:\windows\system32\scesrv.dll
c:\windows\system32\authz.dll
c:\windows\system32\umpnpmgr.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acadproc.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\secur32.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\version.dll
c:\windows\system32\eventlog.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\psapi.dll
c:\windows\system32\wtsapi32.dll
C:\WINDOWS\SYSTEM32\LSASS.EXE
c:\windows\system32\lsass.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\lsasrv.dll
c:\windows\system32\mpr.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\samsrv.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\msprivs.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\netlogon.dll
c:\windows\system32\w32time.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\schannel.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\wdigest.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\scecli.dll
c:\windows\system32\ipsecsvc.dll
c:\windows\system32\authz.dll
c:\windows\system32\oakley.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\pstorsvc.dll
c:\windows\system32\psbase.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\xpsp2res.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\termsrv.dll
c:\windows\system32\icaapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\authz.dll
c:\windows\system32\mstlsapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\atl.dll
c:\windows\system32\regapi.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\rpcss.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msi.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\shsvcs.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\dhcpcsvc.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\wzcsvc.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\wmi.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\esent.dll
c:\windows\system32\atl.dll
c:\windows\system32\irmon.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\wshirda.dll
c:\windows\system32\rastls.dll
c:\windows\system32\cryptui.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\mprapi.dll
c:\windows\system32\activeds.dll
c:\windows\system32\adsldpc.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\schannel.dll
c:\windows\system32\winscard.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\raschap.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\wzcsapi.dll
c:\windows\system32\schedsvc.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\msidle.dll
c:\windows\system32\audiosrv.dll
c:\windows\system32\wkssvc.dll
c:\windows\system32\cryptsvc.dll
c:\windows\system32\certcli.dll
c:\windows\system32\dmserver.dll
c:\windows\system32\es.dll
c:\windows\pchealth\helpctr\binaries\pchsvc.dll
c:\windows\system32\hidserv.dll
c:\windows\system32\hid.dll
c:\windows\system32\srvsvc.dll
c:\windows\system32\seclogon.dll
c:\windows\system32\sens.dll
c:\windows\system32\srsvc.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\trkwks.dll
c:\windows\system32\sxs.dll
c:\windows\system32\wbem\wmisvc.dll
c:\windows\system32\vssapi.dll
c:\windows\system32\w32time.dll
c:\windows\system32\wuauserv.dll
c:\windows\system32\wuaueng.dll
c:\windows\system32\winspool.drv
c:\windows\system32\winhttp.dll
c:\windows\system32\cabinet.dll
c:\windows\system32\mspatcha.dll
c:\windows\system32\browser.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\comsvcs.dll
c:\windows\system32\colbact.dll
c:\windows\system32\mtxclu.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\clusapi.dll
c:\windows\system32\resutils.dll
c:\windows\system32\sfc.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\wscsvc.dll
c:\windows\system32\msi.dll
c:\windows\system32\netshell.dll
c:\windows\system32\credui.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\wbem\wbemcore.dll
c:\windows\system32\wbem\esscli.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\wbem\wmiutils.dll
c:\windows\system32\wbem\repdrvfs.dll
c:\windows\system32\wbem\wmiprvsd.dll
c:\windows\system32\ncobjapi.dll
c:\windows\system32\wbem\wbemess.dll
c:\windows\system32\wbem\ncprov.dll
c:\windows\system32\tapisrv.dll
c:\windows\system32\psapi.dll
c:\windows\system32\rasmans.dll
c:\windows\system32\winipsec.dll
c:\windows\system32\netcfgx.dll
c:\windows\system32\rastapi.dll
c:\windows\system32\unimdm.tsp
c:\windows\system32\uniplat.dll
c:\windows\system32\unimdmat.dll
c:\windows\system32\modemui.dll
c:\windows\system32\kmddsp.tsp
c:\windows\system32\ndptsp.tsp
c:\windows\system32\ipconf.tsp
c:\windows\system32\h323.tsp
c:\windows\system32\hidphone.tsp
c:\windows\system32\rasppp.dll
c:\windows\system32\ntlsapi.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\advpack.dll
c:\windows\system32\netman.dll
c:\windows\system32\upnp.dll
c:\windows\system32\ssdpapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\rasdlg.dll
c:\windows\system32\msxml3.dll
c:\windows\system32\catsrvut.dll
c:\windows\system32\authz.dll
c:\windows\system32\catsrv.dll
c:\windows\system32\mfcsubs.dll
c:\windows\system32\mpr.dll
c:\windows\system32\urlmon.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\mlang.dll
c:\windows\system32\xmlprovi.dll
c:\windows\system32\wbem\wbemcons.dll
C:\PROGRAM FILES\TGTSOFT\STYLEXP\STYLEXPSERVICE.EXE
c:\program files\tgtsoft\stylexp\stylexpservice.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\version.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\rsaenh.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\wudfsvc.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\wudfplatform.dll
c:\windows\system32\secur32.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\EVTENG.EXE
c:\program files\intel\wireless\bin\evteng.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\intel\wireless\bin\pfmgrapi.dll
c:\program files\intel\wireless\bin\traceapi.dll
c:\program files\intel\wireless\bin\psregapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\version.dll
c:\program files\intel\wireless\bin\dbengine.dll
c:\program files\intel\wireless\bin\libeay32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\program files\intel\wireless\bin\intstngs.dll
c:\program files\intel\wireless\bin\murocapi.dll
c:\program files\intel\wireless\bin\s24mudll.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\program files\fichiers communs\system\ado\msado15.dll
c:\windows\system32\msdart.dll
c:\program files\fichiers communs\system\ole db\oledb32.dll
c:\program files\fichiers communs\system\ole db\oledb32r.dll
c:\program files\fichiers communs\system\ole db\msdasql.dll
c:\program files\fichiers communs\system\ole db\msdatl3.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\odbcint.dll
c:\program files\fichiers communs\system\ole db\msdasqlr.dll
c:\windows\system32\mswstr10.dll
c:\windows\system32\comsvcs.dll
c:\windows\system32\colbact.dll
c:\windows\system32\mtxclu.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\clusapi.dll
c:\windows\system32\resutils.dll
c:\windows\system32\userenv.dll
c:\windows\system32\odbcjt32.dll
c:\windows\system32\msjet40.dll
c:\windows\system32\odbcji32.dll
c:\windows\system32\msjter40.dll
c:\windows\system32\msjint40.dll
c:\windows\system32\odbccp32.dll
c:\program files\fichiers communs\system\msadc\msadce.dll
c:\program files\fichiers communs\system\msadc\msadcer.dll
c:\windows\system32\wbem\wbemprox.dll
c:\windows\system32\wbem\wbemcomn.dll
c:\windows\system32\wbem\wbemsvc.dll
c:\windows\system32\wbem\fastprox.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\wldap32.dll
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\S24EVMON.EXE
c:\program files\intel\wireless\bin\s24evmon.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\program files\intel\wireless\bin\traceapi.dll
c:\program files\intel\wireless\bin\psregapi.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\winspool.drv
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\secur32.dll
c:\windows\system32\oleacc.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\netapi32.dll
c:\program files\intel\wireless\bin\libeay32.dll
c:\windows\system32\wsock32.dll
c:\program files\intel\wireless\bin\intstngs.dll
c:\windows\system32\version.dll
c:\program files\intel\wireless\bin\iwmsprov.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\netcfgx.dll
c:\windows\system32\clusapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\msctfime.ime
c:\program files\fichiers communs\system\ado\msado15.dll
c:\windows\system32\msdart.dll
c:\windows\system32\xpsp2res.dll
c:\program files\alwil software\avast4\ahjsctns.dll
c:\program files\fichiers communs\system\ole db\oledb32.dll
c:\program files\fichiers communs\system\ole db\oledb32r.dll
c:\program files\fichiers communs\system\ole db\msdasql.dll
c:\program files\fichiers communs\system\ole db\msdatl3.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\odbcint.dll
c:\program files\fichiers communs\system\ole db\msdasqlr.dll
c:\windows\system32\mswstr10.dll
c:\windows\system32\comsvcs.dll
c:\windows\system32\colbact.dll
c:\windows\system32\mtxclu.dll
c:\windows\system32\resutils.dll
c:\windows\system32\userenv.dll
c:\windows\system32\odbcjt32.dll
c:\windows\system32\msjet40.dll
c:\windows\system32\odbcji32.dll
c:\windows\system32\msjter40.dll
c:\windows\system32\msjint40.dll
c:\windows\system32\odbccp32.dll
c:\program files\fichiers communs\system\msadc\msadce.dll
c:\program files\fichiers communs\system\msadc\msadcer.dll
C:\WINDOWS\SYSTEM32\SVCHOST.EXE
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\dnsrslvr.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\svchost.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\lmhsvc.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\webclnt.dll
c:\windows\system32\wininet.dll
c:\windows\system32\normaliz.dll
c:\windows\system32\iertutil.dll
c:\windows\system32\secur32.dll
c:\windows\system32\regsvc.dll
c:\windows\system32\ssdpsrv.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\wshtcpip.dll
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE
c:\program files\alwil software\avast4\aswupdsv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\program files\alwil software\avast4\aswcmns.dll
c:\program files\alwil software\avast4\aswcmnos.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\msvcp71.dll
c:\windows\system32\msvcr71.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\program files\alwil software\avast4\aswcmnb.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
c:\program files\alwil software\avast4\ashserv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\program files\alwil software\avast4\aswaux.dll
c:\windows\system32\msvcp71.dll
c:\windows\system32\msvcr71.dll
c:\program files\alwil software\avast4\aswcmnb.dll
c:\program files\alwil software\avast4\aswcmnos.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2help.dll
c:\program files\alwil software\avast4\aswengin.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\ole32.dll
c:\program files\alwil software\avast4\aswscan.dll
c:\program files\alwil software\avast4\aswcmns.dll
c:\windows\system32\oleaut32.dll
c:\program files\alwil software\avast4\ashbase.dll
c:\windows\system32\version.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\program files\alwil software\avast4\ashtask.dll
c:\program files\alwil software\avast4\aswinteg.dll
c:\program files\alwil software\avast4\aswidle.dll
c:\program files\alwil software\avast4\aavm4h.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\dbghelp.dll
c:\program files\alwil software\avast4\french\base.dll
c:\program files\alwil software\avast4\unacev2.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\program files\alwil software\avast4\ahresmai.dll
c:\program files\alwil software\avast4\ahresmes.dll
c:\program files\alwil software\avast4\ahresns.dll
c:\program files\alwil software\avast4\ahresout.dll
c:\program files\alwil software\avast4\ahresp2p.dll
c:\program files\alwil software\avast4\ahresstd.dll
c:\program files\alwil software\avast4\ahresws.dll
c:\program files\alwil software\avast4\ahresjs.dll
c:\program files\alwil software\avast4\ashssqlt.dll
c:\program files\alwil software\avast4\ahjsctns.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\rasapi32.dll
c:\windows\system32\rasman.dll
c:\windows\system32\tapi32.dll
c:\windows\system32\rtutils.dll
c:\windows\system32\winmm.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\perfos.dll
c:\program files\alwil software\avast4\aswres.dll
c:\windows\system32\secur32.dll
C:\WINDOWS\SYSTEM32\SPOOLSV.EXE
c:\windows\system32\spoolsv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\shimeng.dll
c:\windows\apppatch\acgenral.dll
c:\windows\system32\winmm.dll
c:\windows\system32\ole32.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\msacm32.dll
c:\windows\system32\version.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\userenv.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\spoolss.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\rasadhlp.dll
c:\windows\system32\localspl.dll
c:\windows\system32\secur32.dll
c:\windows\system32\sfc_os.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\winspool.drv
c:\windows\system32\netapi32.dll
c:\windows\system32\cnbjmon.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\mdimon.dll
c:\windows\system32\msi.dll
c:\windows\system32\pdfcmnnt.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\pjlmon.dll
c:\windows\system32\tcpmon.dll
c:\windows\system32\tbtmon.dll
c:\windows\system32\tosbthcrpapi.dll
c:\windows\system32\tosbtapi.dll
c:\windows\system32\tosbdapi.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\tbtmon98language.dll
c:\windows\system32\usbmon.dll
c:\windows\system32\spool\prtprocs\w32x86\mdippr.dll
c:\windows\system32\winrnr.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\win32spl.dll
c:\windows\system32\netrap.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\inetpp.dll
c:\windows\system32\xpsp2res.dll
C:\WINDOWS\SYSTEM32\E_S00RP1.EXE
c:\windows\system32\e_s00rp1.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcns4.dll
c:\windows\system32\winspool.drv
c:\windows\system32\msvcrt.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
C:\PROGRAM FILES\BORLAND\INTERBASE\BIN\IBGUARD.EXE
c:\program files\borland\interbase\bin\ibguard.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\gds32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\mpr.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\uxtheme.dll
c:\program files\alwil software\avast4\ahjsctns.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\ole32.dll
C:\PROGRAM FILES\FICHIERS COMMUNS\LIGHTSCRIBE\LSSRVC.EXE
c:\program files\fichiers communs\lightscribe\lssrvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\psapi.dll
c:\windows\system32\shell32.dll
c:\program files\fichiers communs\lightscribe\msvcr71.dll
c:\program files\fichiers communs\lightscribe\msvcp71.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
C:\PROGRAM FILES\FICHIERS COMMUNS\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
c:\program files\fichiers communs\microsoft shared\vs7debug\mdm.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\version.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\program files\fichiers communs\microsoft shared\vs7debug\1036\mdmui.dll
c:\windows\system32\psapi.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\program files\fichiers communs\microsoft shared\vs7debug\csm.dll
c:\program files\fichiers communs\microsoft shared\vs7debug\msdbg2.dll
C:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL.2\OLAP\BIN\MSMDSRV.EXE
c:\program files\microsoft sql server\mssql.2\olap\bin\msmdsrv.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\ole32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\psapi.dll
c:\windows\system32\secur32.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\pdh.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\odbc32.dll
c:\windows\system32\odbcbcp.dll
c:\windows\system32\version.dll
c:\windows\system32\winhttp.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\odbcint.dll
c:\program files\microsoft sql server\mssql.2\olap\bin\xmlrw.dll
c:\program files\microsoft sql server\mssql.2\olap\bin\xmlrwbin.dll
c:\windows\system32\security.dll
c:\windows\system32\mlang.dll
c:\program files\microsoft sql server\mssql.2\olap\bin\sqlboot.dll
c:\program files\microsoft sql server\90\shared\instapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
c:\windows\system32\msxml6.dll
c:\program files\microsoft sql server\mssql.2\olap\bin\resources\1036\msmdsrv.rll
c:\program files\microsoft sql server\mssql.2\olap\bin\msmgdsrv.dll
c:\windows\system32\mscoree.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcm80.dll
c:\windows\system32\rsaenh.dll
c:\windows\microsoft.net\framework\v2.0.50727\mscorwks.dll
c:\windows\assembly\nativeimages_v2.0.50727_32\mscorlib\34e52166e7c38a4bbfb8549ada71f8d0\mscorlib.ni.dll
c:\windows\assembly\nativeimages_v2.0.50727_32\system\ed95b6ca25d7584888b2efaf840b18ac\system.ni.dll
c:\windows\assembly\nativeimages_v2.0.50727_32\msmgdsrv\921e3103649b6241b44f4de57940ed75\msmgdsrv.ni.dll
c:\windows\microsoft.net\framework\v2.0.50727\mscorsec.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\softpub.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\uxtheme.dll
c:\windows\system32\userenv.dll
c:\windows\system32\cryptnet.dll
c:\windows\system32\sensapi.dll
c:\windows\microsoft.net\framework\v2.0.50727\mscorjit.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
C:\PROGRAM FILES\MICROSOFT SQL SERVER\MSSQL.1\MSSQL\BINN\SQLSERVR.EXE
c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlservr.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcr80.dll
c:\windows\system32\msvcrt.dll
c:\windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\msvcp80.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\secur32.dll
c:\windows\system32\mswsock.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\userenv.dll
c:\program files\microsoft sql server\mssql.1\mssql\binn\opends60.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\shell32.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\psapi.dll
c:\program files\microsoft sql server\90\shared\instapi.dll
c:\program files\microsoft sql server\mssql.1\mssql\binn\resources\1033\sqlevn70.rll
c:\program files\microsoft sql server\mssql.1\mssql\binn\resources\1036\sqlevn70.rll
c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlos.dll
c:\windows\system32\rsaenh.dll
c:\windows\system32\authz.dll
c:\windows\system32\mscoree.dll
c:\windows\system32\ole32.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\kerberos.dll
c:\windows\system32\cryptdll.dll
c:\windows\system32\schannel.dll
c:\windows\system32\comres.dll
c:\windows\system32\xolehlp.dll
c:\windows\system32\msdtcprx.dll
c:\windows\system32\msvcp60.dll
c:\windows\system32\mtxclu.dll
c:\windows\system32\version.dll
c:\windows\system32\wsock32.dll
c:\windows\system32\clusapi.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\resutils.dll
c:\windows\system32\security.dll
c:\program files\microsoft sql server\mssql.1\mssql\binn\msfte.dll
c:\program files\microsoft sql server\mssql.1\mssql\binn\dbghelp.dll
c:\windows\system32\wintrust.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\dssenh.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\hnetcfg.dll
c:\windows\system32\wshtcpip.dll
c:\windows\system32\ntdsapi.dll
c:\windows\system32\dnsapi.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\sqlncli.dll
c:\windows\system32\comdlg32.dll
c:\windows\system32\sqlnclir.rll
c:\program files\microsoft sql server\mssql.1\mssql\binn\msftepxy.dll
c:\program files\microsoft sql server\mssql.1\mssql\binn\xpsqlbot.dll
c:\program files\microsoft sql server\mssql.1\mssql\binn\xpstar90.dll
c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlscm90.dll
c:\windows\system32\odbc32.dll
c:\program files\microsoft sql server\mssql.1\mssql\binn\batchparser90.dll
c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlsvc90.dll
c:\program files\microsoft sql server\mssql.1\mssql\binn\sqlresourceloader.dll
c:\windows\winsxs\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.42_x-ww_6e805841\atl80.dll
c:\windows\system32\odbcint.dll
c:\program files\microsoft sql server\mssql.1\mssql\binn\resources\1036\sqlsvc90.rll
c:\program files\microsoft sql server\mssql.1\mssql\binn\resources\1036\xpstar90.rll
c:\program files\microsoft sql server\mssql.1\mssql\binn\xplog70.dll
c:\program files\microsoft sql server\mssql.1\mssql\binn\resources\1036\xplog70.rll
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
c:\windows\system32\nvsvc32.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\user32.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\userenv.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\powrprof.dll
c:\windows\system32\imm32.dll
c:\windows\system32\lpk.dll
c:\windows\system32\usp10.dll
c:\windows\system32\wtsapi32.dll
c:\windows\system32\winsta.dll
c:\windows\system32\netapi32.dll
c:\windows\system32\winmm.dll
c:\windows\system32\shlwapi.dll
c:\windows\system32\comctl32.dll
c:\windows\system32\serwvdrv.dll
c:\windows\system32\umdmxfrm.dll
c:\windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.2600.2982_x-ww_ac3f9c03\comctl32.dll
c:\windows\system32\ole32.dll
c:\windows\system32\uxtheme.dll
c:\program files\alwil software\avast4\ahjsctns.dll
c:\windows\system32\msctfime.ime
c:\windows\system32\wintrust.dll
c:\windows\system32\crypt32.dll
c:\windows\system32\msasn1.dll
c:\windows\system32\imagehlp.dll
c:\windows\system32\secur32.dll
c:\windows\system32\msv1_0.dll
c:\windows\system32\ws2_32.dll
c:\windows\system32\ws2help.dll
c:\windows\system32\iphlpapi.dll
c:\windows\system32\apphelp.dll
c:\windows\system32\version.dll
c:\windows\system32\ntmarta.dll
c:\windows\system32\wldap32.dll
c:\windows\system32\samlib.dll
c:\windows\system32\oleaut32.dll
c:\windows\system32\xpsp2res.dll
c:\windows\system32\clbcatq.dll
c:\windows\system32\comres.dll
C:\PROGRAM FILES\INTEL\WIRELESS\BIN\REGSRVC.EXE
c:\program files\intel\wireless\bin\regsrvc.exe
c:\windows\system32\ntdll.dll
c:\windows\system32\kernel32.dll
c:\windows\system32\setupapi.dll
c:\windows\system32\advapi32.dll
c:\windows\system32\rpcrt4.dll
c:\windows\system32\gdi32.dll
c:\windows\system32\user32.dll
c:\windows\system32\msvcrt.dll
c:\windows\system32\comdlg32.dll
c:\w
0
Réponse 15 / 19
Remart Messages postés 12 Date d'inscription dimanche 1 juillet 2007 Statut Membre Dernière intervention 2 juillet 2007
1 juil. 2007 à 23:06
Version - a-squared Free 3.0
Dernière mise à jour: 01/07/2007 22:22:37

Réglages Scan:

Objets: Mémoire, Traces, Cookies, C:\, D:\
Scan archives: Marche
Heuristiques: Marche
Scan ADS: Marche

Début du scan: 01/07/2007 22:23:52

c:\program files\anti-leech Détecter: Trace.Directory.AntiLeech
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:43 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:50 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:51 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:107 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:127 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:148 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:250 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:267 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:285 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:286 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:292 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:326 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:327 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:419 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:420 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:423 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:461 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:462 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:463 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:475 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:516 Détecter: Trace.TrackingCookie
C:\WINDOWS\system32\unlrbp.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\gcorxy.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\Documents and Settings\Remart\Bureau\MSNFix\MSNFix\incl\Process.exe Détecter: Riskware.RiskTool.Win32.Processor.20
C:\Program Files\DAEMON Tools\SetupDTSB.exe Détecter: Adware.SaveNow.bo
C:\Program Files\Navilog1\Process.exe Détecter: Riskware.RiskTool.Win32.Processor.20

Scanné

Fichiers: 208881
Traces: 264538
Cookies: 572
Processus: 42

Trouver

Fichiers: 5
Traces: 1
Cookies: 21
Processus: 0
Clés de Registre: 0

Fin du Scan: 01/07/2007 22:57:45
Temps du Scan: 00:33:53

C:\Program Files\DAEMON Tools\SetupDTSB.exe Supprimé Adware.SaveNow.bo
C:\Documents and Settings\Remart\Bureau\MSNFix\MSNFix\incl\Process.exe Supprimé Riskware.RiskTool.Win32.Processor.20
C:\Program Files\Navilog1\Process.exe Supprimé Riskware.RiskTool.Win32.Processor.20
C:\WINDOWS\system32\unlrbp.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\gcorxy.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:43 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:50 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:51 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:107 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:127 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:148 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:250 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:267 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:285 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:286 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:292 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:326 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:327 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:419 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:420 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:423 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:461 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:462 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:463 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:475 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:516 Supprimé Trace.TrackingCookie
c:\program files\anti-leech Supprimé Trace.Directory.AntiLeech

Supprimé

Fichiers: 5
Traces: 1
Cookies: 21
0
Réponse 16 / 19
Remart Messages postés 12 Date d'inscription dimanche 1 juillet 2007 Statut Membre Dernière intervention 2 juillet 2007
2 juil. 2007 à 00:03
BitDefender Online Scanner







Rapport d'analyse généré à: Sun, Jul 01, 2007 - 23:49:32









Voie d'analyse: C:\;D:\;E:\;F:\;G:\;I:\;















Statistiques

Temps


00:38:45

Fichiers


383801

Directoires


10005

Secteurs de boot


8

Archives


8576

Paquets programmes


19166







Résultats

Virus identifiés


4

Fichiers infectés


14

Fichiers suspects


0

Avertissements


0

Désinfectés


0

Fichiers effacés


14







Info sur les moteurs

Définition virus


636189

Version des moteurs


AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)

Analyse des plugins


14

Archive des plugins


38

Unpack des plugins


6

E-mail plugins


6

Système plugins


1







Paramètres d'analyse

Première action


Désinfecté

Seconde Action


Supprimé

Heuristique


Oui

Acceptez les avertissements


Oui

Extensions analysées


*;

Excludez les extensions




Analyse d'emails


Oui

Analyse des Archives


Oui

Analyser paquets programmes


Oui

Analyse des fichiers


Oui

Analyse de boot


Oui








Fichier analysé


Statut

C:\WINDOWS\system32\ctmctt.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\ctmctt.exe


Echec de la désinfection

C:\WINDOWS\system32\ctmctt.exe


Supprimé

C:\WINDOWS\system32\oyoqtm.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\WINDOWS\system32\oyoqtm.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\WINDOWS\system32\oyoqtm.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\WINDOWS\system32\oyoqtm.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\WINDOWS\system32\ejzgjs.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\ejzgjs.exe


Echec de la désinfection

C:\WINDOWS\system32\ejzgjs.exe


Supprimé

C:\WINDOWS\system32\wknnwx.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\WINDOWS\system32\wknnwx.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\WINDOWS\system32\wknnwx.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\WINDOWS\system32\wknnwx.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\WINDOWS\system32\newidx.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\newidx.exe


Echec de la désinfection

C:\WINDOWS\system32\newidx.exe


Supprimé

C:\WINDOWS\system32\qorbhy.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\qorbhy.exe


Echec de la désinfection

C:\WINDOWS\system32\qorbhy.exe


Supprimé

C:\WINDOWS\system32\ldfzij.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\ldfzij.exe


Echec de la désinfection

C:\WINDOWS\system32\ldfzij.exe


Supprimé

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\VNWUJ51V\addy[1].exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\VNWUJ51V\addy[1].exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\VNWUJ51V\addy[1].exe


Supprimé

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\PX7F87YT\addyt[1].exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\PX7F87YT\addyt[1].exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\PX7F87YT\addyt[1].exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\PX7F87YT\addyt[1].exe=>(RAR Sfx o)


Echec de la mise à jour

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\9ZKW9ZR3\addy[1].exe


Infecté par: Trojan.Downloader.JISG

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\9ZKW9ZR3\addy[1].exe


Echec de la désinfection

C:\Documents and Settings\Remart\Local Settings\Temporary Internet Files\Content.IE5\9ZKW9ZR3\addy[1].exe


Supprimé

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000017.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe


Infecté par: Generic.Adw.SaveNow.F5FEB660

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000017.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000017.exe=>(CAB Sfx r)=>DaemonTools_WhenUSave_Installer.exe


Supprimé

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000017.exe=>(CAB Sfx r)


Echec de la mise à jour

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000020.exe


Infecté par: Trojan.Downloader.JISG

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000020.exe


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000020.exe


Supprimé

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000027.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000027.exe


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000027.exe


Supprimé

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000028.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000028.exe


Echec de la désinfection

C:\System Volume Information\_restore{9971C7D4-D1BE-4EE8-924E-C8912FF87324}\RP2\A0000028.exe


Supprimé





















Logfile of HijackThis v1.99.1
Scan saved at 00:02:58, on 02/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\E_S00RP1.EXE
C:\Program Files\Borland\InterBase\bin\ibguard.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
C:\WINDOWS\system32\vmnat.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe
C:\WINDOWS\system32\vmnetdhcp.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Borland\InterBase\bin\ibserver.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\a-squared Free\a2service.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\UT2004\System\UT2004.exe
C:\Documents and Settings\Remart\Bureau\hijackthis\test.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://french.ircfast.com/index.php?rvs=hompag
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://runonce.msn.com/runonce3.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=explorer.exe C:\WINDOWS\system32\1049\svchost.exe
O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: IE Developer Toolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\Program Files\FlashGet\fgiebar.dll
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files\ASUS\ATK Media\DMEDIA.EXE
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [ACMON] C:\Program Files\ASUS\Splendid\ACMON.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Auto EPSON Stylus CX6600 Series sur GEGE] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EE.EXE /P40 "Auto EPSON Stylus CX6600 Series sur GEGE" /O13 "\\GEGE\EPSONS" /M "Stylus CX6600"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\SetPoint\SetPoint.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Program Files\Desktop Sidebar\sbhelp.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://remart.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Fichiers communs\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O21 - SSODL: system32 - {874F7323-C090-4B09-9CA4-FF6F91EDBC25} - sysprinters.dll (file missing)
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EPSON V3 Service2(03) (EPSON_PM_RPCV2_01) - SEIKO EPSON CORPORATION - C:\WINDOWS\system32\E_S00RP1.EXE
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InterBase Guardian (InterBaseGuardian) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibguard.exe
O23 - Service: InterBase Server (InterBaseServer) - Borland Software Corporation - C:\Program Files\Borland\InterBase\bin\ibserver.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: SQL Server FullText Search (WICKY) (msftesql$WICKY) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\msftesql.exe" -s:MSSQL.1 -f:WICKY (file missing)
O23 - Service: SQL Server Analysis Services (WICKY) (MSOLAP$WICKY) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\bin\msmdsrv.exe" -s "C:\Program Files\Microsoft SQL Server\MSSQL.2\OLAP\Config (file missing)
O23 - Service: SQL Server (WICKY) (MSSQL$WICKY) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" -sWICKY (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SQL Server Agent (WICKY) (SQLAgent$WICKY) - Unknown owner - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\SQLAGENT90.EXE" -i WICKY (file missing)
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Workstation\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Fichiers communs\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe




:s ya toujours des merdes qui trainent...
0
Réponse 17 / 19
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
2 juil. 2007 à 10:49
lance cwshredder (faire fix)

https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/27497.html
---------------
desactive la restauration systeme
puis scan avec

https://www.broadcom.com/support/security-center


-----------------------

refait un scana squared free et bitdefender en ligne


---------------


puis reactive la restauration systeme
0
Réponse 18 / 19
Remart Messages postés 12 Date d'inscription dimanche 1 juillet 2007 Statut Membre Dernière intervention 2 juillet 2007
2 juil. 2007 à 14:36
cwshrreder ne trouve absolument rien...

symantec non plus...

Version - a-squared Free 3.0
Dernière mise à jour: 02/07/2007 12:35:01

Réglages Scan:

Objets: Mémoire, Traces, Cookies, C:\, D:\
Scan archives: Marche
Heuristiques: Marche
Scan ADS: Marche

Début du scan: 02/07/2007 12:42:49

C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:46 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:51 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:55 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:56 Détecter: Trace.TrackingCookie
C:\WINDOWS\system32\xkrfzq.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\wtnigt.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\daxlal.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\unwafn.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\icfsls.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\qnamxj.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\kzrfjz.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\ntkytu.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\mktapq.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\qcwgdd.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\ztjece.exe Détecter: Trojan-Downloader.Win32.Agent.bls
C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe Détecter: Riskware.FraudTool.Win32.ErrorDoctor.a

Scanné

Fichiers: 209640
Traces: 269155
Cookies: 79
Processus: 59

Trouver

Fichiers: 12
Traces: 0
Cookies: 4
Processus: 0
Clés de Registre: 0

Fin du Scan: 02/07/2007 13:51:09
Temps du Scan: 01:08:20

C:\Program Files\InstallShield Installation Information\{2E8EAC71-BFE4-417A-88F0-5A1BDFBCF5D3}\setup.exe Supprimé Riskware.FraudTool.Win32.ErrorDoctor.a
C:\WINDOWS\system32\xkrfzq.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\wtnigt.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\daxlal.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\unwafn.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\icfsls.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\qnamxj.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\kzrfjz.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\ntkytu.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\mktapq.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\qcwgdd.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\WINDOWS\system32\ztjece.exe Supprimé Trojan-Downloader.Win32.Agent.bls
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:46 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:51 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:55 Supprimé Trace.TrackingCookie
C:\Documents and Settings\Remart\Application Data\Mozilla\Firefox\Profiles\q99fru39.default\cookies.txt:56 Supprimé Trace.TrackingCookie

Supprimé

Fichiers: 12
Traces: 0
Cookies: 4


BitDefender Online Scanner







Rapport d'analyse généré à: Mon, Jul 02, 2007 - 14:33:24









Voie d'analyse: C:\;D:\;E:\;F:\;G:\;I:\;















Statistiques

Temps


00:38:07

Fichiers


383324

Directoires


10000

Secteurs de boot


8

Archives


8564

Paquets programmes


19169







Résultats

Virus identifiés


2

Fichiers infectés


17

Fichiers suspects


0

Avertissements


0

Désinfectés


0

Fichiers effacés


17







Info sur les moteurs

Définition virus


636276

Version des moteurs


AVCORE v1.0 (build 2410) (i386) (Jun 12 2007 21:08:27)

Analyse des plugins


14

Archive des plugins


38

Unpack des plugins


6

E-mail plugins


6

Système plugins


1







Paramètres d'analyse

Première action


Désinfecté

Seconde Action


Supprimé

Heuristique


Oui

Acceptez les avertissements


Oui

Extensions analysées


*;

Excludez les extensions




Analyse d'emails


Oui

Analyse des Archives


Oui

Analyser paquets programmes


Oui

Analyse des fichiers


Oui

Analyse de boot


Oui








Fichier analysé


Statut

C:\WINDOWS\system32\zmgkuf.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\zmgkuf.exe


Echec de la désinfection

C:\WINDOWS\system32\zmgkuf.exe


Supprimé

C:\WINDOWS\system32\oyoqtm.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\WINDOWS\system32\oyoqtm.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\WINDOWS\system32\oyoqtm.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\WINDOWS\system32\oyoqtm.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\WINDOWS\system32\fqnmuy.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\fqnmuy.exe


Echec de la désinfection

C:\WINDOWS\system32\fqnmuy.exe


Supprimé

C:\WINDOWS\system32\wknnwx.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\WINDOWS\system32\wknnwx.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\WINDOWS\system32\wknnwx.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\WINDOWS\system32\wknnwx.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\WINDOWS\system32\qxcvje.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\qxcvje.exe


Echec de la désinfection

C:\WINDOWS\system32\qxcvje.exe


Supprimé

C:\WINDOWS\system32\fxovki.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\fxovki.exe


Echec de la désinfection

C:\WINDOWS\system32\fxovki.exe


Supprimé

C:\WINDOWS\system32\oknpak.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\WINDOWS\system32\oknpak.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\WINDOWS\system32\oknpak.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\WINDOWS\system32\oknpak.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\WINDOWS\system32\nvwnls.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\nvwnls.exe


Echec de la désinfection

C:\WINDOWS\system32\nvwnls.exe


Supprimé

C:\WINDOWS\system32\pbnjdm.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\pbnjdm.exe


Echec de la désinfection

C:\WINDOWS\system32\pbnjdm.exe


Supprimé

C:\WINDOWS\system32\mrvtyg.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\mrvtyg.exe


Echec de la désinfection

C:\WINDOWS\system32\mrvtyg.exe


Supprimé

C:\WINDOWS\system32\ylbjjs.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\ylbjjs.exe


Echec de la désinfection

C:\WINDOWS\system32\ylbjjs.exe


Supprimé

C:\WINDOWS\system32\rlpwjc.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\rlpwjc.exe


Echec de la désinfection

C:\WINDOWS\system32\rlpwjc.exe


Supprimé

C:\WINDOWS\system32\ubthwp.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\ubthwp.exe


Echec de la désinfection

C:\WINDOWS\system32\ubthwp.exe


Supprimé

C:\WINDOWS\system32\ztkwvs.exe


Infecté par: MemScan:Trojan.Downloader.JISG

C:\WINDOWS\system32\ztkwvs.exe


Echec de la désinfection

C:\WINDOWS\system32\ztkwvs.exe


Supprimé

C:\WINDOWS\system32\utcsqc.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\WINDOWS\system32\utcsqc.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\WINDOWS\system32\utcsqc.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\WINDOWS\system32\utcsqc.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\WINDOWS\system32\sgmlrl.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\WINDOWS\system32\sgmlrl.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\WINDOWS\system32\sgmlrl.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\WINDOWS\system32\sgmlrl.exe=>(RAR Sfx o)


Echec de la mise à jour

C:\WINDOWS\system32\jijlhd.exe=>(RAR Sfx o)=>ghost.exe


Infecté par: Generic.Istbar.C3985415

C:\WINDOWS\system32\jijlhd.exe=>(RAR Sfx o)=>ghost.exe


Echec de la désinfection

C:\WINDOWS\system32\jijlhd.exe=>(RAR Sfx o)=>ghost.exe


Supprimé

C:\WINDOWS\system32\jijlhd.exe=>(RAR Sfx o)


Echec de la mise à jour
0
Réponse 19 / 19
jlpjlp Messages postés 51580 Date d'inscription vendredi 18 mai 2007 Statut Contributeur sécurité Dernière intervention 3 mai 2022 5 040
2 juil. 2007 à 15:25
lance a squared et spybot en mode sans echec et supprime tout ce qui est trouvé

---------------
tu a les lien donc supprime manuellement tous les fichiers si present

C:\WINDOWS\system32\ jijlhd.exe ....

-------------
---------
telecharge et scan en mode sans echec avec bitdefender free

https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/29063.html

--------------
smit fraud fix

http://telechargement.zebulon.fr/smitfraudfix.html



2/ double clique sur smitfraudfix. puis selectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redemarre en mode sans echec (en appuyant sur F8 ou suppr, ou F5 au demarrage en général)

3/ puis refaire comme en 2/ mais selectionne l'option 2 et appuyer sur entrée pour commencer la desinfection. lorsque le programme demande si tu veut nettoyer le registre metsoui en tapant 0 et entrée

0

Discussions similaires

Est ce que le site tlauncher est dangereux ?
caribou -
bazfile -

1 réponse
Pix
Anyssa -
vibe -

4 réponses