Bonjour, Ayant lu les autre posts j'ai téléchargé Navilog1 Et voici le rapport, merci de votre aide : Search Navipromo version 3.4.0 commencé le 11/01/2008 à 23:56:04,46 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Mise à jour le 09.01.2008 à 20h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.11 Système de fichiers : NTFS Executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 *** *** Recherche dossiers dans "C:\Documents and Settings\Gusanodx\application data" *** ...\MessengerSkinner trouvé ! *** Recherche dossiers dans "C:\Documents and Settings\Gusanodx\MENUDM~1\PROGRA~1" *** *** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Fichier(s) caché(s) : C:\Documents and Settings\Gusanodx\Local Settings\Application Data\paajsbenwg.dat C:\Documents and Settings\Gusanodx\Local Settings\Application Data\paajsbenwg.exe C:\Documents and Settings\Gusanodx\Local Settings\Application Data\paajsbenwg_nav.dat C:\Documents and Settings\Gusanodx\Local Settings\Application Data\paajsbenwg_navps.dat *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans C:\WINDOWS\system32 * * Recherche dans "C:\Documents and Settings\Gusanodx\local settings\application data" * Fichiers trouvés : paajsbenwg.exe trouvé ! *** Recherche fichiers *** C:\WINDOWS\system32\nvs2.inf trouvé ! *** Recherche clés spécifiques dans le Registre *** HKEY_CURRENT_USER\Software\Lanconfig trouvé ! *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans C:\WINDOWS\system32 : * Dans "C:\Documents and Settings\Gusanodx\local settings\application data" : paajsbenwg.dat trouvé ! 3)Recherche Certificats : Certificat Egroup trouvé ! 4)Recherche fichiers connus : *** Analyse terminée le 12/01/2008 à 0:15:12,77 *** Merci pour votre réponse

Ouverture de fenêtre intenpestive!!

Réponse 41 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
30 janv. 2008 à 23:27

Voici le rapport de combo! et je fais maintenat le scan en ligne.

ComboFix 07-08-09.3 - "Gusanodx" 2008-01-30 22:59:13.3 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.503 [GMT 1:00]
Command switches used :: C:\Documents and Settings\Gusanodx\Bureau\CFScript.txt
* Created a new restore point

((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-30 )))))))))))))))))))))))))))))))

2008-01-30 22:27 37,376 --a------ C:\WINDOWS\system32\xxyayxv.dll
2008-01-30 19:02 37,888 --a------ C:\WINDOWS\system32\ljjjife.dll
2008-01-30 18:47 37,888 --a------ C:\WINDOWS\system32\qommmjh.dll
2008-01-30 13:59 37,888 --a------ C:\WINDOWS\system32\fccayvv.dll
2008-01-30 13:31 37,888 --a------ C:\WINDOWS\system32\xxyayxy.dll
2008-01-30 12:23 37,888 --a------ C:\WINDOWS\system32\ljjklif.dll
2008-01-30 12:05 90,176 --a------ C:\WINDOWS\system32\tedghfgl.dll
2008-01-30 05:59 37,888 --a------ C:\WINDOWS\system32\ssqnmli.dll
2008-01-30 03:42 37,888 --a------ C:\WINDOWS\system32\vturrrr.dll
2008-01-29 23:59 399,902 --ahs---- C:\WINDOWS\system32\wxbay.ini2
2008-01-29 23:58 332,288 --a------ C:\WINDOWS\system32\yabxw.dll
2008-01-29 23:52 37,888 --a------ C:\WINDOWS\system32\urqqpol.dll
2008-01-29 20:59 37,888 --a------ C:\WINDOWS\system32\opnmlli.dll
2008-01-29 20:38 37,888 --a------ C:\WINDOWS\system32\iifgeeb.dll
2008-01-29 19:42 37,888 --a------ C:\WINDOWS\system32\byxywtt.dll
2008-01-29 18:45 88,640 --a------ C:\WINDOWS\system32\qiproebw.dll
2008-01-29 18:39 69,696 --a------ C:\WINDOWS\system32\iisnojkk.dll
2008-01-29 18:10 38,400 --a------ C:\WINDOWS\system32\xxyaxyy.dll
2008-01-29 16:43 38,400 --a------ C:\WINDOWS\system32\yayyxwt.dll
2008-01-29 04:34 51,200 --a------ C:\WINDOWS\nircmd.exe
2008-01-28 23:59 <REP> d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\vlc
2008-01-28 21:45 <REP> d-------- C:\VundoFix Backups
2008-01-28 11:33 <REP> d--h----- C:\Program Files\ntsecurity
2008-01-27 18:56 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-01-27 18:56 <REP> d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2008-01-27 18:33 <REP> d-------- C:\Program Files\VideoLAN
2008-01-24 10:21 352 --ah----- C:\WINDOWS\nod32fixtemdono.reg
2008-01-22 21:33 <REP> d-------- C:\Program Files\Trend Micro
2008-01-19 17:49 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-01-19 13:44 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
2008-01-19 00:12 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-01-16 22:13 <REP> d-------- C:\Program Files\SAGEM Wi-Fi 11g Cardbus adapter
2008-01-16 16:50 50,007 --a------ C:\WINDOWS\system32\drivers\adildr.sys
2008-01-16 16:50 46,892 --a------ C:\WINDOWS\system32\adadix16.dll
2008-01-16 16:50 4,981 --a------ C:\WINDOWS\system32\AdADIx2K.dll
2008-01-16 16:50 24,576 --a------ C:\WINDOWS\enddisk32.exe
2008-01-16 16:50 22,395 --a------ C:\WINDOWS\system32\drivers\fpga.bin
2008-01-16 16:50 155,648 --a------ C:\WINDOWS\system32\AdADIx32.dll
2008-01-16 16:50 143,360 --a------ C:\WINDOWS\autoclk.exe
2008-01-16 16:50 143,360 --a------ C:\WINDOWS\adiras.exe
2008-01-16 16:50 117,289 --a------ C:\WINDOWS\system32\drivers\adiusbae.sys
2008-01-16 16:50 114,688 --a------ C:\WINDOWS\system32\unaddrv.exe
2008-01-16 16:50 106,496 --a------ C:\WINDOWS\system32\coclassfast.dll
2008-01-16 16:49 <REP> d-------- C:\Program Files\SAGEM
2008-01-13 10:13 17,024 --a--c--- C:\WINDOWS\system32\dllcache\usbohci.sys
2008-01-13 10:13 17,024 --a------ C:\WINDOWS\system32\drivers\usbohci.sys
2008-01-11 23:52 <REP> d-------- C:\Program Files\Navilog1
2008-01-11 22:52 <REP> d-------- C:\Program Files\CCleaner
2007-12-30 11:24 <REP> d-------- C:\Program Files\%temp&
2007-12-27 19:40 43,136 --a--c--- C:\WINDOWS\system32\dllcache\sbp2port.sys
2007-12-27 19:40 43,136 --a------ C:\WINDOWS\system32\drivers\sbp2port.sys
2007-12-26 12:54 <REP> d-------- C:\WINDOWS\system32\NtmsData
2007-12-21 21:00 <REP> d-------- C:\Program Files\Fichiers communs\HP
2007-12-21 21:00 <REP> d-------- C:\bin
2007-12-21 20:58 <REP> d-------- C:\Program Files\Hewlett-Packard
2007-12-21 20:47 131,348 --a------ C:\WINDOWS\hpoins11.dat
2007-12-20 14:19 <REP> d-------- C:\Program Files\DAEMON Tools
2007-12-18 20:10 <REP> d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\SAA
2007-12-18 16:38 <REP> d-------- C:\Program Files\SAA
2007-12-18 15:13 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
2007-12-17 21:38 <REP> d-------- C:\Program Files\Windows Live Safety Center
2007-12-17 20:44 <REP> d-------- C:\Program Files\MediaCoder
2007-12-13 17:10 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
2007-12-05 22:05 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2007-12-05 22:05 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2007-12-05 18:38 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
2007-12-05 18:30 <REP> d-------- C:\Program Files\IVT Corporation
2007-12-02 14:47 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-12-02 04:23 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-12-02 04:23 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-12-01 15:24 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-12-01 15:21 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-12-01 15:07 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-01 15:05 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2008-01-30 16:34 --------- d-------- C:\Program Files\ods
2008-01-29 23:13 --------- d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\Skype
2008-01-29 22:50 --------- d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\Azureus
2008-01-29 17:46 --------- d-------- C:\Program Files\eMule
2008-01-29 17:44 --------- d-------- C:\Program Files\Diablo II
2008-01-28 23:03 93674 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-01-28 23:03 529968 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-01-27 19:13 40448 --a------ C:\WINDOWS\system32\NTSpool.exe
2008-01-16 22:13 --------- d--h----- C:\Program Files\InstallShield Installation Information
2008-01-16 22:09 --------- d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\U3
2008-01-16 16:50 23 --a------ C:\WINDOWS\system32\drivers\adidsl.cfg
2007-12-30 11:24 --------- d-------- C:\Program Files\%temp&
2007-12-27 23:20 --------- d-------- C:\Program Files\Azureus
2007-12-21 08:21 33800 --a------ C:\WINDOWS\system32\drivers\epfwtdir.sys
2007-12-21 08:20 30216 --a------ C:\WINDOWS\system32\drivers\easdrv.sys
2007-12-21 08:19 39944 --a------ C:\WINDOWS\system32\drivers\eamon.sys
2007-12-20 18:48 --------- d-------- C:\Program Files\Google
2007-12-20 14:58 --------- d-------- C:\Program Files\HP
2007-12-18 15:08 685816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-12-17 21:13 --------- d-------- C:\Program Files\Project64 1.6
2007-12-12 19:20 --------- d-------- C:\Program Files\adslTV
2007-12-07 14:50 --------- d-------- C:\Program Files\Microsoft Works
2007-12-07 14:49 --------- d-------- C:\Program Files\MSBuild
2007-12-01 15:23 --------- d-------- C:\Program Files\Windows Live
2007-11-29 16:26 --------- d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\Notepad++
2007-11-29 16:25 --------- d-------- C:\Program Files\Notepad++
2007-11-29 12:18 --------- d-------- C:\Program Files\MSXML 6.0
2007-11-29 12:00 --------- d-------- C:\Program Files\Reference Assemblies
2007-11-07 10:28 728576 --a--c--- C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-11-07 10:28 728576 --a------ C:\WINDOWS\system32\lsasrv.dll
2007-10-31 00:23 3590656 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-30 18:20 360064 --a--c--- C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-29 23:43 1293824 --a--c--- C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-29 23:43 1293824 --a------ C:\WINDOWS\system32\quartz.dll
2003-02-28 12:32 11776 --a------ C:\WINDOWS\inf\SetScardINF_wxp.exe

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{35468C33-B904-4260-9B8C-FFB953B2A270}]
2008-01-29 23:53 37888 --a------ C:\WINDOWS\system32\urqqpol.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{F1066123-33C3-4028-A8BB-BF15E3FE3712}]
2008-01-29 23:59 332288 --a------ C:\WINDOWS\system32\yabxw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="soundman.exe" [2001-05-28 19:02 C:\WINDOWS\soundman.exe]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 17:40]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 17:38]
"CHotkey"="mHotkey.exe" [2001-07-27 16:07 C:\WINDOWS\mHotkey.exe]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-10-05 22:11]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 14:57]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 15:06]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 15:02]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 08:21]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"384ff639"="C:\WINDOWS\system32\tedghfgl.dll" [2008-01-30 12:05]
"BM3b7cc5a5"="C:\WINDOWS\system32\iisnojkk.dll" [2008-01-29 18:39]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-11-21 18:14]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
"Polar Sync"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 12:24]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t

C:\Documents and Settings\Gusanodx\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-01-16 16:50:20]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-01-23 03:57:13]
SAGEM Wi-Fi 11g Cardbus adapter.lnk - C:\Program Files\SAGEM Wi-Fi 11g Cardbus adapter\Wificard.exe [2005-01-13 11:11:14]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2006-10-19 14:55:04]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
"NTSpool"=NTSpool.exe
"Windows Printing Driver"=WinPrint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-10-19 14:53 293888]
"{35468C33-B904-4260-9B8C-FFB953B2A270}"= C:\WINDOWS\system32\urqqpol.dll [2008-01-29 23:53 37888]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\urqqpol]
urqqpol.dll 2008-01-29 23:53 37888 C:\WINDOWS\system32\urqqpol.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\yabxw

R0 RecAgent;RecAgent;C:\WINDOWS\system32\DRIVERS\RecAgent.sys
R0 sbp2port;Pilote de bus de transport/protocole SBP-2;C:\WINDOWS\system32\DRIVERS\sbp2port.sys
R1 easdrv;easdrv;C:\WINDOWS\system32\DRIVERS\easdrv.sys
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
R2 eamon;EAMON;C:\WINDOWS\system32\DRIVERS\eamon.sys
R2 ekrn;Eset Service;"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
R2 WSearch;Recherche Windows;C:\WINDOWS\system32\SearchIndexer.exe /Embedding
R3 Afc;PPdus ASPI Shell;C:\WINDOWS\system32\drivers\Afc.sys
R3 Mtlmnt5;Mtlmnt5;C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys
R3 pepifilter;Volume Adapter;C:\WINDOWS\system32\DRIVERS\lv302af.sys
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI);C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
R3 Slntamr;Smart Link 56K Modem Driver;C:\WINDOWS\system32\DRIVERS\slntamr.sys
R3 SlWdmSup;SlWdmSup;C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys
R3 WBMS;Winbond Memory Stick Storage (MS) Device Driver;C:\WINDOWS\system32\Drivers\WBMS.SYS
S3 adiusbae;USB ADSL LAN Adapter;C:\WINDOWS\system32\DRIVERS\adiusbae.sys
S3 BTNetFilter;Bluetooth Network Filter;\??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys
S3 EhttpSrv;Eset HTTP Server;"C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe"
S3 idsvc;Windows CardSpace;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
S3 k750bus;Sony Ericsson 750 driver (WDM);C:\WINDOWS\system32\DRIVERS\k750bus.sys
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k750mdfl.sys
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k750mdm.sys
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k750mgmt.sys
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k750obex.sys
S3 MSIRCOMM;Microsoft IR Communications Driver;C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
S3 Mtlstrm;Mtlstrm;C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys
S3 NBXG7031;NB 802.11g XG703 SP1 Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys
S3 NtMtlFax;NtMtlFax;C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys
S3 PID_08A0;QuickCam IM(PID_08A0);C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS);C:\WINDOWS\system32\DRIVERS\se2End5.sys
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se2Eunic.sys
S3 SlNtHal;SlNtHal;C:\WINDOWS\system32\DRIVERS\Slnthal.sys
S3 Start BT in service;Start BT in service;C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
S3 VHidMinidrv;Bluetooth HID Device Service;C:\WINDOWS\system32\drivers\VHIDMini.sys
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da6d19e5-ff33-11db-8dd3-0090f50d29f9}]
AutoRun\command- J:\RunGame.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}]
C:\Program Files\ntsecurity\ntsecurity.exe s

Contents of the 'Scheduled Tasks' folder
2008-01-30 21:35:28 C:\WINDOWS\Tasks\MP Scheduled Scan.job - C:\Program Files\Windows Defender\MpCmdRun.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-30 23:10:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2008-01-30 23:20:00
C:\ComboFix-quarantined-files.txt ... 2008-01-30 23:19
C:\ComboFix2.txt ... 2008-01-29 23:44
C:\ComboFix3.txt ... 2008-01-29 11:06

--- E O F ---

Réponse 42 / 116

ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
30 janv. 2008 à 23:57

Une chose me dépasse je demande de l'aide
@+

Réponse 43 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
31 janv. 2008 à 02:37

J'arrive pas à poster le rapport de bit defender! Il doit être trop long!

Réponse 44 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
31 janv. 2008 à 03:14

J'ai fais une autre petite analyse avec bitdef car il me mettais qu'il n'arrivait pas à enlever qque choses, et quand je lui ai demandé de réanalyser uniquement le windows/system32: il trouve Trojan.Vundo.DXH!
Il ne peut pas le supprimer!!

Réponse 45 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
31 janv. 2008 à 03:15

Que faire?Merci.

Réponse 46 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
31 janv. 2008 à 15:33

Je suis arrivé à passer en mode sans échec et j'ai refait toutes les manipulations.

VundoFix V6.7.7

Checking Java version...

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 21:45:38 28/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\awtrspn.dll
C:\WINDOWS\system32\byxyaxw.dll
C:\WINDOWS\system32\lfdlugwv.dll
C:\WINDOWS\system32\nnnljjk.dll
C:\WINDOWS\system32\qomnnnm.dll
C:\WINDOWS\system32\ssqpmnn.dll
C:\WINDOWS\system32\tuvut.dll
C:\WINDOWS\system32\tuvut.ini
C:\WINDOWS\system32\tuvut.ini2
C:\WINDOWS\system32\tuvwvut.dll
C:\WINDOWS\system32\vtutsrp.dll
C:\WINDOWS\system32\vtuurro.dll
C:\WINDOWS\system32\vwguldfl.ini
C:\WINDOWS\system32\wvutsst.dll
C:\WINDOWS\system32\yayyvtt.dll
C:\WINDOWS\Temp\vid009.exe
C:\WINDOWS\Temp\vid00d.exe

Beginning removal...

Attempting to delete C:\WINDOWS\system32\awtrspn.dll
C:\WINDOWS\system32\awtrspn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\byxyaxw.dll
C:\WINDOWS\system32\byxyaxw.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\lfdlugwv.dll
C:\WINDOWS\system32\lfdlugwv.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\nnnljjk.dll
C:\WINDOWS\system32\nnnljjk.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qomnnnm.dll
C:\WINDOWS\system32\qomnnnm.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssqpmnn.dll
C:\WINDOWS\system32\ssqpmnn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\tuvut.dll
C:\WINDOWS\system32\tuvut.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\tuvut.ini
C:\WINDOWS\system32\tuvut.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\tuvut.ini2
C:\WINDOWS\system32\tuvut.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\tuvwvut.dll
C:\WINDOWS\system32\tuvwvut.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtutsrp.dll
C:\WINDOWS\system32\vtutsrp.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtuurro.dll
C:\WINDOWS\system32\vtuurro.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vwguldfl.ini
C:\WINDOWS\system32\vwguldfl.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\wvutsst.dll
C:\WINDOWS\system32\wvutsst.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yayyvtt.dll
C:\WINDOWS\system32\yayyvtt.dll Has been deleted!

Attempting to delete C:\WINDOWS\Temp\vid009.exe
C:\WINDOWS\Temp\vid009.exe Has been deleted!

Attempting to delete C:\WINDOWS\Temp\vid00d.exe
C:\WINDOWS\Temp\vid00d.exe Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\byxyaxw.dll
C:\WINDOWS\system32\byxyaxw.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\tuvut.dll
C:\WINDOWS\system32\tuvut.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\tuvut.ini
C:\WINDOWS\system32\tuvut.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\tuvut.ini2
C:\WINDOWS\system32\tuvut.ini2 Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

VundoFix V6.7.7

Checking Java version...

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 00:28:31 29/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\byxyaxw.dll
C:\WINDOWS\system32\ddabx.dll
C:\WINDOWS\system32\hgghgfe.dll
C:\WINDOWS\system32\vtustqq.dll
C:\WINDOWS\system32\xbadd.ini
C:\WINDOWS\system32\xbadd.ini2
C:\WINDOWS\Temp\vid00d.exe

Beginning removal...

Attempting to delete C:\WINDOWS\system32\byxyaxw.dll
C:\WINDOWS\system32\byxyaxw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ddabx.dll
C:\WINDOWS\system32\ddabx.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\hgghgfe.dll
C:\WINDOWS\system32\hgghgfe.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtustqq.dll
C:\WINDOWS\system32\vtustqq.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\xbadd.ini
C:\WINDOWS\system32\xbadd.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xbadd.ini2
C:\WINDOWS\system32\xbadd.ini2 Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\ddabx.dll
C:\WINDOWS\system32\ddabx.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\vtustqq.dll
C:\WINDOWS\system32\vtustqq.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\xbadd.ini
C:\WINDOWS\system32\xbadd.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xbadd.ini2
C:\WINDOWS\system32\xbadd.ini2 Has been deleted!

Performing Repairs to the registry.
Done!

VundoFix V6.7.7

Checking Java version...

Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.

Java version is 1.5.0.10

Scan started at 01:18:12 29/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\vtustqq.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\vtustqq.dll
C:\WINDOWS\system32\vtustqq.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\vtustqq.dll
C:\WINDOWS\system32\vtustqq.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

VundoFix V6.7.7

Checking Java version...

Java version is 1.5.0.10

Scan started at 03:19:35 29/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\cbaax.dll
C:\WINDOWS\system32\cbxuvvu.dll
C:\WINDOWS\system32\ljjgffg.dll
C:\WINDOWS\system32\opnkhhf.dll
C:\WINDOWS\system32\xaabc.ini
C:\WINDOWS\system32\xaabc.ini2
C:\WINDOWS\system32\yayvvww.dll
C:\WINDOWS\Temp\vid00d.exe

Beginning removal...

Attempting to delete C:\WINDOWS\system32\cbaax.dll
C:\WINDOWS\system32\cbaax.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\cbxuvvu.dll
C:\WINDOWS\system32\cbxuvvu.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ljjgffg.dll
C:\WINDOWS\system32\ljjgffg.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\opnkhhf.dll
C:\WINDOWS\system32\opnkhhf.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xaabc.ini
C:\WINDOWS\system32\xaabc.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xaabc.ini2
C:\WINDOWS\system32\xaabc.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\yayvvww.dll
C:\WINDOWS\system32\yayvvww.dll Has been deleted!

Attempting to delete C:\WINDOWS\Temp\vid00d.exe
C:\WINDOWS\Temp\vid00d.exe Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\cbaax.dll
C:\WINDOWS\system32\cbaax.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ljjgffg.dll
C:\WINDOWS\system32\ljjgffg.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\xaabc.ini
C:\WINDOWS\system32\xaabc.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xaabc.ini2
C:\WINDOWS\system32\xaabc.ini2 Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Beginning removal...

Performing Repairs to the registry.
Done!

VundoFix V6.7.7

Checking Java version...

Java version is 1.5.0.10

Scan started at 04:11:21 31/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\byxywtt.dll
C:\WINDOWS\system32\fccayvv.dll
C:\WINDOWS\system32\iifgeeb.dll
C:\WINDOWS\system32\iisnojkk.dll
C:\WINDOWS\system32\lgfhgdet.ini
C:\WINDOWS\system32\ljjjife.dll
C:\WINDOWS\system32\ljjklif.dll
C:\WINDOWS\system32\opnllmn.dll
C:\WINDOWS\system32\opnmlli.dll
C:\WINDOWS\system32\qiproebw.dll
C:\WINDOWS\system32\qommmjh.dll
C:\WINDOWS\system32\ssqnmli.dll
C:\WINDOWS\system32\tedghfgl.dll
C:\WINDOWS\system32\urqqpol.dll
C:\WINDOWS\system32\vturrrr.dll
C:\WINDOWS\system32\wbeorpiq.ini
C:\WINDOWS\system32\xxyayxv.dll
C:\WINDOWS\system32\xxyayxy.dll
C:\WINDOWS\system32\yabxw.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\byxywtt.dll
C:\WINDOWS\system32\byxywtt.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\fccayvv.dll
C:\WINDOWS\system32\fccayvv.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\iifgeeb.dll
C:\WINDOWS\system32\iifgeeb.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\iisnojkk.dll
C:\WINDOWS\system32\iisnojkk.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\lgfhgdet.ini
C:\WINDOWS\system32\lgfhgdet.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\ljjjife.dll
C:\WINDOWS\system32\ljjjife.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ljjklif.dll
C:\WINDOWS\system32\ljjklif.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\opnllmn.dll
C:\WINDOWS\system32\opnllmn.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\opnmlli.dll
C:\WINDOWS\system32\opnmlli.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qiproebw.dll
C:\WINDOWS\system32\qiproebw.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\qommmjh.dll
C:\WINDOWS\system32\qommmjh.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\ssqnmli.dll
C:\WINDOWS\system32\ssqnmli.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\tedghfgl.dll
C:\WINDOWS\system32\tedghfgl.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\urqqpol.dll
C:\WINDOWS\system32\urqqpol.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\vturrrr.dll
C:\WINDOWS\system32\vturrrr.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\wbeorpiq.ini
C:\WINDOWS\system32\wbeorpiq.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\xxyayxv.dll
C:\WINDOWS\system32\xxyayxv.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\xxyayxy.dll
C:\WINDOWS\system32\xxyayxy.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\yabxw.dll
C:\WINDOWS\system32\yabxw.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\iisnojkk.dll
C:\WINDOWS\system32\iisnojkk.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\urqqpol.dll
C:\WINDOWS\system32\urqqpol.dll Could not be deleted.

Attempting to delete C:\WINDOWS\system32\yabxw.dll
C:\WINDOWS\system32\yabxw.dll Has been deleted!

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete c:/windows/system32/urqqpol.dll
c:/windows/system32/urqqpol.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete c:/windows/system32/urqqpol.dll
c:/windows/system32/urqqpol.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Beginning removal...

Attempting to delete c:/windows/system32/urqqpol.dll
c:/windows/system32/urqqpol.dll Could not be deleted.

Attempting to delete c:/windows/system32/urqqpol.dll
c:/windows/system32/urqqpol.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete c:/windows/system32/urqqpol.dll
c:/windows/system32/urqqpol.dll Could not be deleted.

Attempting to delete c:/windows/system32/urqqpol.dll
c:/windows/system32/urqqpol.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

VundoFix V6.7.7

Checking Java version...

Java version is 1.5.0.10

Scan started at 11:38:50 31/01/2008

Listing files found while scanning....

C:\WINDOWS\system32\acbeg.ini
C:\WINDOWS\system32\acbeg.ini2
C:\WINDOWS\system32\gebca.dll
C:\WINDOWS\system32\urqqpol.dll

Beginning removal...

Attempting to delete C:\WINDOWS\system32\acbeg.ini
C:\WINDOWS\system32\acbeg.ini Has been deleted!

Attempting to delete C:\WINDOWS\system32\acbeg.ini2
C:\WINDOWS\system32\acbeg.ini2 Has been deleted!

Attempting to delete C:\WINDOWS\system32\gebca.dll
C:\WINDOWS\system32\gebca.dll Has been deleted!

Attempting to delete C:\WINDOWS\system32\urqqpol.dll
C:\WINDOWS\system32\urqqpol.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete C:\WINDOWS\system32\urqqpol.dll
C:\WINDOWS\system32\urqqpol.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete c:/windows/system32/urqqpol.dll
c:/windows/system32/urqqpol.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...

Attempting to delete c:/windows/system32/urqqpol.dll
c:/windows/system32/urqqpol.dll Could not be deleted.

Performing Repairs to the registry.
Done!

Beginning removal...
____________________________________________________________________________________________________________

ComboFix 07-08-09.3 - "Gusanodx" 2008-01-31 14:46:57.5 - NTFSx86 MINIMAL
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.787 [GMT 1:00]

((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-31 )))))))))))))))))))))))))))))))

2008-01-31 13:26 451 --ahs---- C:\WINDOWS\system32\rqtss.ini2
2008-01-31 13:26 336,896 --a------ C:\WINDOWS\system32\sstqr.dll
2008-01-31 00:09 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-01-29 23:59 410,789 --ahs---- C:\WINDOWS\system32\wxbay.ini2
2008-01-29 23:52 37,888 --------- C:\WINDOWS\system32\urqqpol.dll
2008-01-29 04:34 51,200 --a------ C:\WINDOWS\nircmd.exe
2008-01-28 23:59 <REP> d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\vlc
2008-01-28 21:45 <REP> d-------- C:\VundoFix Backups
2008-01-28 11:33 <REP> d--h----- C:\Program Files\ntsecurity
2008-01-27 18:56 37,888 --a------ C:\WINDOWS\system32\rar.exe
2008-01-27 18:56 <REP> d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2008-01-27 18:33 <REP> d-------- C:\Program Files\VideoLAN
2008-01-24 10:21 352 --ah----- C:\WINDOWS\nod32fixtemdono.reg
2008-01-22 21:33 <REP> d-------- C:\Program Files\Trend Micro
2008-01-19 17:49 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-01-19 13:44 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
2008-01-19 00:12 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-01-16 22:13 <REP> d-------- C:\Program Files\SAGEM Wi-Fi 11g Cardbus adapter
2008-01-16 16:50 50,007 --a------ C:\WINDOWS\system32\drivers\adildr.sys
2008-01-16 16:50 46,892 --a------ C:\WINDOWS\system32\adadix16.dll
2008-01-16 16:50 4,981 --a------ C:\WINDOWS\system32\AdADIx2K.dll
2008-01-16 16:50 24,576 --a------ C:\WINDOWS\enddisk32.exe
2008-01-16 16:50 22,395 --a------ C:\WINDOWS\system32\drivers\fpga.bin
2008-01-16 16:50 155,648 --a------ C:\WINDOWS\system32\AdADIx32.dll
2008-01-16 16:50 143,360 --a------ C:\WINDOWS\autoclk.exe
2008-01-16 16:50 143,360 --a------ C:\WINDOWS\adiras.exe
2008-01-16 16:50 117,289 --a------ C:\WINDOWS\system32\drivers\adiusbae.sys
2008-01-16 16:50 114,688 --a------ C:\WINDOWS\system32\unaddrv.exe
2008-01-16 16:50 106,496 --a------ C:\WINDOWS\system32\coclassfast.dll
2008-01-16 16:49 <REP> d-------- C:\Program Files\SAGEM
2008-01-13 10:13 17,024 --a--c--- C:\WINDOWS\system32\dllcache\usbohci.sys
2008-01-13 10:13 17,024 --a------ C:\WINDOWS\system32\drivers\usbohci.sys
2008-01-11 23:52 <REP> d-------- C:\Program Files\Navilog1
2008-01-11 22:52 <REP> d-------- C:\Program Files\CCleaner
2007-12-30 11:24 <REP> d-------- C:\Program Files\%temp&
2007-12-27 19:40 43,136 --a--c--- C:\WINDOWS\system32\dllcache\sbp2port.sys
2007-12-27 19:40 43,136 --a------ C:\WINDOWS\system32\drivers\sbp2port.sys
2007-12-26 12:54 <REP> d-------- C:\WINDOWS\system32\NtmsData
2007-12-21 21:00 <REP> d-------- C:\Program Files\Fichiers communs\HP
2007-12-21 21:00 <REP> d-------- C:\bin
2007-12-21 20:58 <REP> d-------- C:\Program Files\Hewlett-Packard
2007-12-21 20:47 131,348 --a------ C:\WINDOWS\hpoins11.dat
2007-12-20 14:19 <REP> d-------- C:\Program Files\DAEMON Tools
2007-12-18 20:10 <REP> d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\SAA
2007-12-18 16:38 <REP> d-------- C:\Program Files\SAA
2007-12-18 15:13 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
2007-12-17 21:38 <REP> d-------- C:\Program Files\Windows Live Safety Center
2007-12-17 20:44 <REP> d-------- C:\Program Files\MediaCoder
2007-12-13 17:10 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
2007-12-05 22:05 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2007-12-05 22:05 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2007-12-05 18:38 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
2007-12-05 18:30 <REP> d-------- C:\Program Files\IVT Corporation
2007-12-02 14:47 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-12-02 04:23 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-12-02 04:23 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-12-01 15:24 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-12-01 15:21 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-12-01 15:07 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-01 15:05 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2008-01-31 14:08 --------- d-------- C:\Program Files\Diablo II
2008-01-30 16:34 --------- d-------- C:\Program Files\ods
2008-01-29 23:13 --------- d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\Skype
2008-01-29 22:50 --------- d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\Azureus
2008-01-29 17:46 --------- d-------- C:\Program Files\eMule
2008-01-28 23:03 93674 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-01-28 23:03 529968 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-01-16 22:13 --------- d--h----- C:\Program Files\InstallShield Installation Information
2008-01-16 22:09 --------- d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\U3
2008-01-16 16:50 23 --a------ C:\WINDOWS\system32\drivers\adidsl.cfg
2007-12-30 11:24 --------- d-------- C:\Program Files\%temp&
2007-12-27 23:20 --------- d-------- C:\Program Files\Azureus
2007-12-21 08:21 33800 --a------ C:\WINDOWS\system32\drivers\epfwtdir.sys
2007-12-21 08:20 30216 --a------ C:\WINDOWS\system32\drivers\easdrv.sys
2007-12-21 08:19 39944 --a------ C:\WINDOWS\system32\drivers\eamon.sys
2007-12-20 18:48 --------- d-------- C:\Program Files\Google
2007-12-20 14:58 --------- d-------- C:\Program Files\HP
2007-12-18 15:08 685816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-12-17 21:13 --------- d-------- C:\Program Files\Project64 1.6
2007-12-12 19:20 --------- d-------- C:\Program Files\adslTV
2007-12-07 14:50 --------- d-------- C:\Program Files\Microsoft Works
2007-12-07 14:49 --------- d-------- C:\Program Files\MSBuild
2007-12-01 15:23 --------- d-------- C:\Program Files\Windows Live
2007-11-29 16:26 --------- d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\Notepad++
2007-11-29 16:25 --------- d-------- C:\Program Files\Notepad++
2007-11-29 12:18 --------- d-------- C:\Program Files\MSXML 6.0
2007-11-29 12:00 --------- d-------- C:\Program Files\Reference Assemblies
2007-11-07 10:28 728576 --a--c--- C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-11-07 10:28 728576 --a------ C:\WINDOWS\system32\lsasrv.dll
2007-10-31 00:23 3590656 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-30 18:20 360064 --a--c--- C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-29 23:43 1293824 --a--c--- C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-29 23:43 1293824 --a------ C:\WINDOWS\system32\quartz.dll
2003-02-28 12:32 11776 --a------ C:\WINDOWS\inf\SetScardINF_wxp.exe

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0218AB7E-A0A7-4FF9-9A81-7A6D0ABD297E}]
C:\WINDOWS\system32\yabxw.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0847F084-37D5-4C58-82FA-2BBB74F04986}]
2008-01-31 13:26 336896 --a------ C:\WINDOWS\system32\sstqr.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{35468C33-B904-4260-9B8C-FFB953B2A270}]
2008-01-29 23:53 37888 --------- C:\WINDOWS\system32\urqqpol.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3C51D889-0668-4EA1-A8C7-E6BB017906EB}]
C:\WINDOWS\system32\gebca.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="soundman.exe" [2001-05-28 19:02 C:\WINDOWS\soundman.exe]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 17:40]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 17:38]
"CHotkey"="mHotkey.exe" [2001-07-27 16:07 C:\WINDOWS\mHotkey.exe]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-10-05 22:11]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 14:57]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 15:06]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 15:02]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 08:21]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]
"BM3b7cc5a5"="C:\WINDOWS\system32\iisnojkk.dll" []
"384ff639"="C:\WINDOWS\system32\tedghfgl.dll" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-11-21 18:14]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
"Polar Sync"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 12:24]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t

C:\Documents and Settings\Gusanodx\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-01-16 16:50:20]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-01-23 03:57:13]
SAGEM Wi-Fi 11g Cardbus adapter.lnk - C:\Program Files\SAGEM Wi-Fi 11g Cardbus adapter\Wificard.exe [2005-01-13 11:11:14]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2006-10-19 14:55:04]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
"NTSpool"=NTSpool.exe
"Windows Printing Driver"=WinPrint.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-10-19 14:53 293888]
"{35468C33-B904-4260-9B8C-FFB953B2A270}"= C:\WINDOWS\system32\urqqpol.dll [2008-01-29 23:53 37888]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 C:\WINDOWS\system32\sstqr

R0 RecAgent;RecAgent;C:\WINDOWS\system32\DRIVERS\RecAgent.sys
R0 sbp2port;Pilote de bus de transport/protocole SBP-2;C:\WINDOWS\system32\DRIVERS\sbp2port.sys
R3 Afc;PPdus ASPI Shell;C:\WINDOWS\system32\drivers\Afc.sys
R3 WBMS;Winbond Memory Stick Storage (MS) Device Driver;C:\WINDOWS\system32\Drivers\WBMS.SYS
S1 easdrv;easdrv;C:\WINDOWS\system32\DRIVERS\easdrv.sys
S1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
S2 eamon;EAMON;C:\WINDOWS\system32\DRIVERS\eamon.sys
S2 ekrn;Eset Service;"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
S2 WSearch;Recherche Windows;C:\WINDOWS\system32\SearchIndexer.exe /Embedding
S3 adiusbae;USB ADSL LAN Adapter;C:\WINDOWS\system32\DRIVERS\adiusbae.sys
S3 BTNetFilter;Bluetooth Network Filter;\??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys
S3 EhttpSrv;Eset HTTP Server;"C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe"
S3 idsvc;Windows CardSpace;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
S3 k750bus;Sony Ericsson 750 driver (WDM);C:\WINDOWS\system32\DRIVERS\k750bus.sys
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k750mdfl.sys
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k750mdm.sys
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k750mgmt.sys
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k750obex.sys
S3 MSIRCOMM;Microsoft IR Communications Driver;C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
S3 Mtlmnt5;Mtlmnt5;C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys
S3 Mtlstrm;Mtlstrm;C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys
S3 NBXG7031;NB 802.11g XG703 SP1 Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys
S3 NtMtlFax;NtMtlFax;C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys
S3 pepifilter;Volume Adapter;C:\WINDOWS\system32\DRIVERS\lv302af.sys
S3 PID_08A0;QuickCam IM(PID_08A0);C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI);C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS);C:\WINDOWS\system32\DRIVERS\se2End5.sys
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se2Eunic.sys
S3 Slntamr;Smart Link 56K Modem Driver;C:\WINDOWS\system32\DRIVERS\slntamr.sys
S3 SlNtHal;SlNtHal;C:\WINDOWS\system32\DRIVERS\Slnthal.sys
S3 SlWdmSup;SlWdmSup;C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys
S3 Start BT in service;Start BT in service;C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
S3 VHidMinidrv;Bluetooth HID Device Service;C:\WINDOWS\system32\drivers\VHIDMini.sys
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da6d19e5-ff33-11db-8dd3-0090f50d29f9}]
AutoRun\command- J:\RunGame.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}]
C:\Program Files\ntsecurity\ntsecurity.exe s

Contents of the 'Scheduled Tasks' folder
2008-01-31 13:47:41 C:\WINDOWS\Tasks\MP Scheduled Scan.job - C:\Program Files\Windows Defender\MpCmdRun.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-31 14:54:38
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2008-01-31 14:58:48
C:\ComboFix-quarantined-files.txt ... 2008-01-31 14:57
C:\ComboFix2.txt ... 2008-01-31 05:51
C:\ComboFix3.txt ... 2008-01-30 23:20

--- E O F ---

____________________________________________________________________________________________________________
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:26:38, on 31/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\SAGEM Wi-Fi 11g Cardbus adapter\Wificard.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Trend Micro\HijackThis\Scanneur.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {0218AB7E-A0A7-4FF9-9A81-7A6D0ABD297E} - C:\WINDOWS\system32\yabxw.dll (file missing)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {27179C3E-676A-422C-BE40-046C078A151F} - C:\WINDOWS\system32\sstqr.dll
O2 - BHO: (no name) - {35468C33-B904-4260-9B8C-FFB953B2A270} - C:\WINDOWS\system32\urqqpol.dll
O2 - BHO: (no name) - {3C51D889-0668-4EA1-A8C7-E6BB017906EB} - C:\WINDOWS\system32\gebca.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [BM3b7cc5a5] Rundll32.exe "C:\WINDOWS\system32\iisnojkk.dll",s
O4 - HKLM\..\Run: [384ff639] rundll32.exe "C:\WINDOWS\system32\tedghfgl.dll",b
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Policies\Explorer\Run: [NTSpool] NTSpool.exe
O4 - HKCU\..\Policies\Explorer\Run: [Windows Printing Driver] WinPrint.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SAGEM Wi-Fi 11g Cardbus adapter.lnk = C:\Program Files\SAGEM Wi-Fi 11g Cardbus adapter\Wificard.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{192BFB49-9AB7-44BE-BAF6-3874CBACAD65}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8B834EE-BCC3-41E4-99CF-7A5441346EA9}: NameServer = 212.27.54.252,212.27.53.252
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = geca.cf.minaz.cu
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = geca.cf.minaz.cu
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = geca.cf.minaz.cu
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: SearchList = geca.cf.minaz.cu
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = geca.cf.minaz.cu
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe

Réponse 47 / 116

ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
31 janv. 2008 à 22:18

Bonsoir Dangmart,
désolé de ne pas avoir répondu plus tôt, mais j'étais dans l'attente d'une aide

selectionne ceci

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0218AB7E-A0A7-4FF9-9A81-7A6D0ABD297E}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{0847F084-37D5-4C58-82FA-2BBB74F04986}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{35468C33-B904-4260-9B8C-FFB953B2A270}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3C51D889-0668-4EA1-A8C7-E6BB017906EB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BM3b7cc5a5"=-
"384ff639"=-
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
"NTSpool"=-
"Windows Printing Driver"=-
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{35468C33-B904-4260-9B8C-FFB953B2A270}"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"Authentication Packages"=hex(7):6d,73,76,31,5f,30,00,00

File::
C:\WINDOWS\system32\rqtss.ini2
C:\WINDOWS\system32\sstqr.dll
C:\WINDOWS\system32\wxbay.ini2
C:\WINDOWS\system32\urqqpol.dll
C:\WINDOWS\system32\rar.exe

Folder::
C:\Program Files\\\%temp&
C:\bin

* Copie le texte sélectionné (CTRL+C).
* Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
* Colle le texte copié dans ce bloc-notes (CTRL+V).
* Sauvegarde ce fichier sous le nom de CFScript.txt
* Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe
* Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
* Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
* Une fois le scan achevé, un rapport va s'afficher : Poste son contenu.
* Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt

@+

Réponse 48 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
31 janv. 2008 à 22:22

Ok, je le fais!

Réponse 49 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
31 janv. 2008 à 22:59

ComboFix 07-08-09.3 - "Gusanodx" 2008-01-31 22:33:54.6 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.536 [GMT 1:00]
Command switches used :: C:\Documents and Settings\Gusanodx\Bureau\CFScript.txt
* Created a new restore point

FILE::
C:\WINDOWS\system32\rqtss.ini2
C:\WINDOWS\system32\sstqr.dll
C:\WINDOWS\system32\wxbay.ini2
C:\WINDOWS\system32\urqqpol.dll
C:\WINDOWS\system32\rar.exe

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\bin
C:\Program Files\\\%temp&
C:\Program Files\\\%temp&\bat.bat
C:\Program Files\\\%temp&\server.km92.reg
C:\WINDOWS\system32\rar.exe
C:\WINDOWS\system32\rqtss.ini2
C:\WINDOWS\system32\sstqr.dll
C:\WINDOWS\system32\urqqpol.dll
C:\WINDOWS\system32\wxbay.ini2

((((((((((((((((((((((((( Files Created from 2007-12-28 to 2008-01-31 )))))))))))))))))))))))))))))))

2008-01-31 00:09 <REP> d-------- C:\WINDOWS\BDOSCAN8
2008-01-29 04:34 51,200 --a------ C:\WINDOWS\nircmd.exe
2008-01-28 23:59 <REP> d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\vlc
2008-01-28 21:45 <REP> d-------- C:\VundoFix Backups
2008-01-28 11:33 <REP> d--h----- C:\Program Files\ntsecurity
2008-01-27 18:56 <REP> d-a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
2008-01-27 18:33 <REP> d-------- C:\Program Files\VideoLAN
2008-01-24 10:21 352 --ah----- C:\WINDOWS\nod32fixtemdono.reg
2008-01-22 21:33 <REP> d-------- C:\Program Files\Trend Micro
2008-01-19 17:49 12,288 --a------ C:\WINDOWS\system32\drivers\mouhid.sys
2008-01-19 13:44 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus!
2008-01-19 00:12 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-01-16 22:13 <REP> d-------- C:\Program Files\SAGEM Wi-Fi 11g Cardbus adapter
2008-01-16 16:50 50,007 --a------ C:\WINDOWS\system32\drivers\adildr.sys
2008-01-16 16:50 46,892 --a------ C:\WINDOWS\system32\adadix16.dll
2008-01-16 16:50 4,981 --a------ C:\WINDOWS\system32\AdADIx2K.dll
2008-01-16 16:50 24,576 --a------ C:\WINDOWS\enddisk32.exe
2008-01-16 16:50 22,395 --a------ C:\WINDOWS\system32\drivers\fpga.bin
2008-01-16 16:50 155,648 --a------ C:\WINDOWS\system32\AdADIx32.dll
2008-01-16 16:50 143,360 --a------ C:\WINDOWS\autoclk.exe
2008-01-16 16:50 143,360 --a------ C:\WINDOWS\adiras.exe
2008-01-16 16:50 117,289 --a------ C:\WINDOWS\system32\drivers\adiusbae.sys
2008-01-16 16:50 114,688 --a------ C:\WINDOWS\system32\unaddrv.exe
2008-01-16 16:50 106,496 --a------ C:\WINDOWS\system32\coclassfast.dll
2008-01-16 16:49 <REP> d-------- C:\Program Files\SAGEM
2008-01-13 10:13 17,024 --a--c--- C:\WINDOWS\system32\dllcache\usbohci.sys
2008-01-13 10:13 17,024 --a------ C:\WINDOWS\system32\drivers\usbohci.sys
2008-01-11 23:52 <REP> d-------- C:\Program Files\Navilog1
2008-01-11 22:52 <REP> d-------- C:\Program Files\CCleaner
2007-12-27 19:40 43,136 --a--c--- C:\WINDOWS\system32\dllcache\sbp2port.sys
2007-12-27 19:40 43,136 --a------ C:\WINDOWS\system32\drivers\sbp2port.sys
2007-12-26 12:54 <REP> d-------- C:\WINDOWS\system32\NtmsData
2007-12-21 21:00 <REP> d-------- C:\Program Files\Fichiers communs\HP
2007-12-21 20:58 <REP> d-------- C:\Program Files\Hewlett-Packard
2007-12-21 20:47 131,348 --a------ C:\WINDOWS\hpoins11.dat
2007-12-20 14:19 <REP> d-------- C:\Program Files\DAEMON Tools
2007-12-18 20:10 <REP> d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\SAA
2007-12-18 16:38 <REP> d-------- C:\Program Files\SAA
2007-12-18 15:13 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SlySoft
2007-12-17 21:38 <REP> d-------- C:\Program Files\Windows Live Safety Center
2007-12-17 20:44 <REP> d-------- C:\Program Files\MediaCoder
2007-12-13 17:10 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ESET
2007-12-05 22:05 14,848 --a--c--- C:\WINDOWS\system32\dllcache\kbdhid.sys
2007-12-05 22:05 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2007-12-05 18:38 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
2007-12-05 18:30 <REP> d-------- C:\Program Files\IVT Corporation
2007-12-02 14:47 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-12-02 04:23 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-12-02 04:23 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-12-01 15:24 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-12-01 15:21 <REP> d-------- C:\Program Files\Microsoft SQL Server Compact Edition
2007-12-01 15:07 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-01 15:05 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2008-01-31 20:49 --------- d-------- C:\Program Files\ods
2008-01-31 14:08 --------- d-------- C:\Program Files\Diablo II
2008-01-29 23:13 --------- d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\Skype
2008-01-29 22:50 --------- d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\Azureus
2008-01-29 17:46 --------- d-------- C:\Program Files\eMule
2008-01-28 23:03 93674 --a------ C:\WINDOWS\system32\perfc00C.dat
2008-01-28 23:03 529968 --a------ C:\WINDOWS\system32\perfh00C.dat
2008-01-16 22:13 --------- d--h----- C:\Program Files\InstallShield Installation Information
2008-01-16 22:09 --------- d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\U3
2008-01-16 16:50 23 --a------ C:\WINDOWS\system32\drivers\adidsl.cfg
2007-12-27 23:20 --------- d-------- C:\Program Files\Azureus
2007-12-21 08:21 33800 --a------ C:\WINDOWS\system32\drivers\epfwtdir.sys
2007-12-21 08:20 30216 --a------ C:\WINDOWS\system32\drivers\easdrv.sys
2007-12-21 08:19 39944 --a------ C:\WINDOWS\system32\drivers\eamon.sys
2007-12-20 18:48 --------- d-------- C:\Program Files\Google
2007-12-20 14:58 --------- d-------- C:\Program Files\HP
2007-12-18 15:08 685816 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-12-17 21:13 --------- d-------- C:\Program Files\Project64 1.6
2007-12-12 19:20 --------- d-------- C:\Program Files\adslTV
2007-12-07 14:50 --------- d-------- C:\Program Files\Microsoft Works
2007-12-07 14:49 --------- d-------- C:\Program Files\MSBuild
2007-12-01 15:23 --------- d-------- C:\Program Files\Windows Live
2007-11-29 16:26 --------- d-------- C:\DOCUME~1\Gusanodx\APPLIC~1\Notepad++
2007-11-29 16:25 --------- d-------- C:\Program Files\Notepad++
2007-11-29 12:18 --------- d-------- C:\Program Files\MSXML 6.0
2007-11-29 12:00 --------- d-------- C:\Program Files\Reference Assemblies
2007-11-07 10:28 728576 --a--c--- C:\WINDOWS\system32\dllcache\lsasrv.dll
2007-11-07 10:28 728576 --a------ C:\WINDOWS\system32\lsasrv.dll
2007-10-31 00:23 3590656 --a--c--- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-10-30 18:20 360064 --a--c--- C:\WINDOWS\system32\dllcache\tcpip.sys
2007-10-29 23:43 1293824 --a--c--- C:\WINDOWS\system32\dllcache\quartz.dll
2007-10-29 23:43 1293824 --a------ C:\WINDOWS\system32\quartz.dll
2003-02-28 12:32 11776 --a------ C:\WINDOWS\inf\SetScardINF_wxp.exe

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="soundman.exe" [2001-05-28 19:02 C:\WINDOWS\soundman.exe]
"SynTPLpr"="C:\Program Files\Synaptics\SynTP\SynTPLpr.exe" [2004-11-04 17:40]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2004-11-04 17:38]
"CHotkey"="mHotkey.exe" [2001-07-27 16:07 C:\WINDOWS\mHotkey.exe]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-10-05 22:11]
"Sony Ericsson PC Suite"="C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 17:17]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 00:47]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 14:57]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam\Quickcam.exe" [2007-07-25 15:06]
"LogitechCommunicationsManager"="C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe" [2007-07-25 15:02]
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" [2007-12-21 08:21]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 00:11]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AnyDVD"="C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe" [2007-11-21 18:14]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24]
"Polar Sync"="" []
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00]
"DAEMON Tools"="C:\Program Files\DAEMON Tools\daemon.exe" [2007-08-16 12:24]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"DWQueuedReporting"="C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe" -t

C:\Documents and Settings\Gusanodx\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2008-01-16 16:50:20]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 04:21:22]
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe [2007-01-23 03:57:13]
SAGEM Wi-Fi 11g Cardbus adapter.lnk - C:\Program Files\SAGEM Wi-Fi 11g Cardbus adapter\Wificard.exe [2005-01-13 11:11:14]
Windows Desktop Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe [2006-10-19 14:55:04]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2006-10-19 14:53 293888]

R0 RecAgent;RecAgent;C:\WINDOWS\system32\DRIVERS\RecAgent.sys
R0 sbp2port;Pilote de bus de transport/protocole SBP-2;C:\WINDOWS\system32\DRIVERS\sbp2port.sys
R1 easdrv;easdrv;C:\WINDOWS\system32\DRIVERS\easdrv.sys
R1 epfwtdir;epfwtdir;C:\WINDOWS\system32\DRIVERS\epfwtdir.sys
R2 eamon;EAMON;C:\WINDOWS\system32\DRIVERS\eamon.sys
R2 ekrn;Eset Service;"C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe"
R2 WSearch;Recherche Windows;C:\WINDOWS\system32\SearchIndexer.exe /Embedding
R3 Afc;PPdus ASPI Shell;C:\WINDOWS\system32\drivers\Afc.sys
R3 Mtlmnt5;Mtlmnt5;C:\WINDOWS\system32\DRIVERS\Mtlmnt5.sys
R3 pepifilter;Volume Adapter;C:\WINDOWS\system32\DRIVERS\lv302af.sys
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI);C:\WINDOWS\system32\DRIVERS\LV302V32.SYS
R3 Slntamr;Smart Link 56K Modem Driver;C:\WINDOWS\system32\DRIVERS\slntamr.sys
R3 SlWdmSup;SlWdmSup;C:\WINDOWS\system32\DRIVERS\SlWdmSup.sys
R3 WBMS;Winbond Memory Stick Storage (MS) Device Driver;C:\WINDOWS\system32\Drivers\WBMS.SYS
S3 adiusbae;USB ADSL LAN Adapter;C:\WINDOWS\system32\DRIVERS\adiusbae.sys
S3 BTNetFilter;Bluetooth Network Filter;\??\C:\Program Files\IVT Corporation\BlueSoleil\Device\Win2k\BTNetFilter.sys
S3 EhttpSrv;Eset HTTP Server;"C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe"
S3 idsvc;Windows CardSpace;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
S3 k750bus;Sony Ericsson 750 driver (WDM);C:\WINDOWS\system32\DRIVERS\k750bus.sys
S3 k750mdfl;Sony Ericsson 750 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\k750mdfl.sys
S3 k750mdm;Sony Ericsson 750 USB WMC Modem Drivers;C:\WINDOWS\system32\DRIVERS\k750mdm.sys
S3 k750mgmt;Sony Ericsson 750 USB WMC Device Management Drivers;C:\WINDOWS\system32\DRIVERS\k750mgmt.sys
S3 k750obex;Sony Ericsson 750 USB WMC OBEX Interface Drivers;C:\WINDOWS\system32\DRIVERS\k750obex.sys
S3 MSIRCOMM;Microsoft IR Communications Driver;C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
S3 Mtlstrm;Mtlstrm;C:\WINDOWS\system32\DRIVERS\Mtlstrm.sys
S3 NBXG7031;NB 802.11g XG703 SP1 Driver;C:\WINDOWS\system32\DRIVERS\WlanUIG.sys
S3 NtMtlFax;NtMtlFax;C:\WINDOWS\system32\DRIVERS\NtMtlFax.sys
S3 PID_08A0;QuickCam IM(PID_08A0);C:\WINDOWS\system32\DRIVERS\LV302AV.SYS
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS);C:\WINDOWS\system32\DRIVERS\se2End5.sys
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se2Eunic.sys
S3 SlNtHal;SlNtHal;C:\WINDOWS\system32\DRIVERS\Slnthal.sys
S3 Start BT in service;Start BT in service;C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
S3 VHidMinidrv;Bluetooth HID Device Service;C:\WINDOWS\system32\drivers\VHIDMini.sys
S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service;"C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{da6d19e5-ff33-11db-8dd3-0090f50d29f9}]
AutoRun\command- J:\RunGame.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{9B71D88C-C598-4935-C5D1-43AA4DB90836}]
C:\Program Files\ntsecurity\ntsecurity.exe s

Contents of the 'Scheduled Tasks' folder
2008-01-31 21:48:34 C:\WINDOWS\Tasks\MP Scheduled Scan.job - C:\Program Files\Windows Defender\MpCmdRun.exe

**************************************************************************

catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-31 22:47:52
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

C:\Program Files\Internet Explorer\iexplore.exe [3692] 0x8758A790

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2008-01-31 22:52:46 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2008-01-31 22:52
C:\ComboFix2.txt ... 2008-01-31 14:58
C:\ComboFix3.txt ... 2008-01-31 05:51

--- E O F ---
Et voilà!!

Réponse 50 / 116

ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
1 févr. 2008 à 20:48

Bonsoir refais un hijacvk stp
@+

Réponse 51 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
2 févr. 2008 à 00:20

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:18:30, on 02/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\mHotkey.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Fichiers communs\Teleca Shared\CapabilityManager.exe
C:\Program Files\Logitech\QuickCam\Quickcam.exe
C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\SAGEM Wi-Fi 11g Cardbus adapter\Wificard.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe
C:\Program Files\Fichiers communs\Teleca Shared\Generic.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\Scanneur.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam\Quickcam.exe" /hide
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: SAGEM Wi-Fi 11g Cardbus adapter.lnk = C:\Program Files\SAGEM Wi-Fi 11g Cardbus adapter\Wificard.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E5E167B-1566-4316-B27F-0DDAB3484CF7} (Image Uploader Control) - http://www.extrafilm.fr/ImageUploader4.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{192BFB49-9AB7-44BE-BAF6-3874CBACAD65}: NameServer = 212.30.96.108,213.203.124.146
O17 - HKLM\System\CCS\Services\Tcpip\..\{B8B834EE-BCC3-41E4-99CF-7A5441346EA9}: NameServer = 212.27.54.252,212.27.53.252
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = geca.cf.minaz.cu
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = geca.cf.minaz.cu
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: SearchList = geca.cf.minaz.cu
O17 - HKLM\System\CS4\Services\Tcpip\Parameters: SearchList = geca.cf.minaz.cu
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = geca.cf.minaz.cu
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - Smart Link - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe

Réponse 52 / 116

ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
2 févr. 2008 à 11:15

Bonjour

relance hijack et coche ceci
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
ensuite clic sur fix checked

ensuite
Télécharge:
http://www.grisoft.cz/filedir/inst/avgas-setup-7.5.1.43.exe AVG-AntiSpyware
= Installer
= Le lancer
= Clic : Mise à jour
------
= Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.

Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
-------
= Dans ANALYSE ( en forme de loupe )
==> Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine
==> Clic : Analyse complète du système
En fin de scan ( qui est assez long)
==> Clic Appliquer toutes les actions <== ceci Très important
==> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
-------
En mode normal
colle le rapport

dit moi aussi ou en sont tes soucis
@+

Réponse 53 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
2 févr. 2008 à 13:51

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 13:27:30 02/02/2008

+ Résultat de l'analyse:

C:\Documents and Settings\Gusanodx\Bureau\Download\EvID4226Patch.exe -> Not-A-Virus.Hacktool.EvID : Aucune action entreprise.
:mozilla.531:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.532:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@247realmedia[2].txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.310:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.311:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.312:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.313:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.316:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.317:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.318:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.319:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.320:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.321:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.322:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.323:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.324:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.325:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.326:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.327:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.328:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.329:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.330:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.331:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.332:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.333:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.334:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.335:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.336:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.337:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.338:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.339:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.340:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.341:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.342:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.343:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.344:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.345:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.346:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.347:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.740:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.817:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@112.2o7[2].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@2o7[2].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@arpu.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@msnservices.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@sonyeurope.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.453:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.454:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.455:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.800:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adjuggler : Aucune action entreprise.
:mozilla.801:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adjuggler : Aucune action entreprise.
:mozilla.484:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.485:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.486:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.488:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.489:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.490:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@adrevolver[1].txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@media.adrevolver[1].txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.201:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.202:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@adtech[2].txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.141:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.142:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.143:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.144:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.145:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@advertising[2].txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.106:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.74:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.682:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Dealtime : Aucune action entreprise.
:mozilla.88:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@doubleclick[2].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.230:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@estat[1].txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.130:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Euroclick : Aucune action entreprise.
:mozilla.131:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Euroclick : Aucune action entreprise.
:mozilla.132:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Euroclick : Aucune action entreprise.
:mozilla.133:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Euroclick : Aucune action entreprise.
:mozilla.134:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Euroclick : Aucune action entreprise.
:mozilla.296:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.297:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.298:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.299:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.300:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.301:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.699:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@ehg-citenumerique.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@ehg-neuftelecom.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@hitbox[2].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
:mozilla.314:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.315:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.386:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.388:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.637:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.100:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.98:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.99:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@mediaplex[1].txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.192:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise.
:mozilla.814:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@overture[1].txt -> TrackingCookie.Overture : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@questionmarket[2].txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@revsci[1].txt -> TrackingCookie.Revsci : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@edge.ru4[2].txt -> TrackingCookie.Ru4 : Aucune action entreprise.
:mozilla.493:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.494:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.495:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.496:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.497:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.498:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.499:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.10:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Skype : Aucune action entreprise.
:mozilla.11:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Skype : Aucune action entreprise.
:mozilla.12:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Skype : Aucune action entreprise.
:mozilla.734:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Skype : Aucune action entreprise.
:mozilla.744:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Skype : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@skype[2].txt -> TrackingCookie.Skype : Aucune action entreprise.
:mozilla.118:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.119:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.120:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.121:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.200:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.203:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.204:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.412:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.413:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.414:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.415:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.416:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.417:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.418:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.419:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.420:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.421:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.422:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.423:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.424:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.425:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.426:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.427:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.428:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.429:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.430:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.431:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.432:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.433:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.434:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.435:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.436:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.437:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.438:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.439:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.440:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.441:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.442:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.443:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.444:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.445:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.446:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.447:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.448:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@statcounter[2].txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.866:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.867:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@anad.tacoda[2].txt -> TrackingCookie.Tacoda : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@tacoda[2].txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.101:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.102:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.103:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.104:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.105:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.462:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.180:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.181:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.182:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@weborama[2].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.227:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Webtrends : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@m.webtrends[2].txt -> TrackingCookie.Webtrends : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.220:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.221:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.222:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.223:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.224:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.225:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.226:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.6:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.7:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.8:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.9:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
C:\System Volume Information\_restore{37896FD0-7BB9-49F2-8814-F6DABC9C6853}\RP422\A0094990.exe -> Trojan.Autoit.bg : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Bureau\TUTO-www.Jaxx21.com.rar/TUTO-www.Jaxx21.com\[TUTO] Downgrader 2.0 en 1.5\TEST-OK-JAXX21-DOWNGRADER1.50.rar/TEST-OK-JAXX21-DOWNGRADER1.50\PSP\PHOTO\overflow.tif -> Trojan.PSPBrick : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Bureau\TUTO-www.Jaxx21.com.rar/TUTO-www.Jaxx21.com\[TUTO] Downgrader 2.0 en 1.5\TEST-OK-JAXX21-DOWNGRADER1.50\TEST-OK-JAXX21-DOWNGRADER1.50\PSP\PHOTO\overflow.tif -> Trojan.PSPBrick : Aucune action entreprise.
C:\Documents and Settings\Gusanodx\Bureau\TUTO-www.Jaxx21.com.rar/TUTO-www.Jaxx21.com\[TUTO] MPH_SXT Downgrader 1.0\-MPH_SXT-Downgrader1.0.zip/PSP/PHOTO/overflow.tif -> Trojan.PSPBrick : Aucune action entreprise.

Fin du rapport

Voilà, dis moi si tout est bon maintenant!
Aurais tu un conseil à me donner pour prendre un firewall qui prend peu de ressource?
Qu'est ce que je fait d'AVG et de Windefender?

Réponse 54 / 116

ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
2 févr. 2008 à 14:31

regarde ton rapport tu as aucune action entreprise

tu dois le refaire et choisir supprimer
poste le rapport

Réponse 55 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
2 févr. 2008 à 14:45

Je me remet en mode sans échec et en mettant quarantaine ou directement supprimé?
Et je refais un scan?

Réponse 56 / 116

ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
2 févr. 2008 à 14:46

oui refais un scan
Dans ANALYSE ( en forme de loupe )
==> Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine

Réponse 57 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
2 févr. 2008 à 14:55

ok
Merci

Réponse 58 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
2 févr. 2008 à 16:40

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 16:26:47 02/02/2008

+ Résultat de l'analyse:

C:\System Volume Information\_restore{37896FD0-7BB9-49F2-8814-F6DABC9C6853}\RP431\A0101795.exe -> Not-A-Virus.Hacktool.EvID : Nettoyé.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.33:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.30:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Gusanodx\Cookies\gusanodx@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.52:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.53:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.54:C:\Documents and Settings\Gusanodx\Application Data\Mozilla\Firefox\Profiles\uhjkhr94.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.

Fin du rapport

Voilà le nouveau, je viens de penser que tout à l'heure, j'ai sauvegardé le rapport avant d'appliquer les actions!!

Tu ne pas pas répondu pour mes autres questions?

Merci d'avance!

Réponse 59 / 116

ep44 Messages postés 7393 Date d'inscription samedi 10 novembre 2007 Statut Contributeur Dernière intervention 11 novembre 2010 3
2 févr. 2008 à 17:58

Désolé de ne pas t'avoir répondu :-)

pour le parefeu je te conseil zonealarm
https://www.malekal.com/tutoriel-zonealarm-firewall/

avg tu peux le garder
windefender pas besoin si tu garde avg

maintenant on va faire un scan en ligne

avec bitdefender et colle le rapport

https://www.bitdefender.com/toolbox/

un tuto
https://kerio.probb.fr/

@+

Réponse 60 / 116

Dangmart Messages postés 72 Date d'inscription vendredi 11 janvier 2008 Statut Membre Dernière intervention 25 avril 2009
2 févr. 2008 à 18:11

Ok très bien

Ouverture de fenêtre intenpestive!!

116 réponses

Discussions similaires