Bonjour, lorsque je vais sur internet ou msn j'ai des fenetre de pub CID qui souvre toutes les 10 secondes pouvez vous m'aider à les arreter merci d'avance

Fenetre cid

Réponse 101 / 175

green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163

Effectivement, voici le nouveau lien :

http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe

++

Réponse 102 / 175

audrey17

C:\WINDOWS\system32\878A8F898E8E93 moved successfully.
C:\WINDOWS\awktmlhl moved successfully.
File move failed. C:\WINDOWS\system32\uiohej.log scheduled to be moved on reboot.
C:\WINDOWS\system32\drivers\fwdrv.err moved successfully.

OTMoveIt2 v1.0.17 log created on 02012008_173601

Réponse 103 / 175

green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163

très bien, fais à présent ce qui est indiqué ici stp :

http://www.commentcamarche.net/faq/sujet 3174 virus methode preliminaire de desinfection version fr

++

Réponse 104 / 175

audrey17

je me repète --- je fais en mode ss ech ?

Réponse 105 / 175

green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163

ccleaner, avg et bitdefender à faire en mode normal cette fois ci

++

Réponse 106 / 175

audrey17

merci jy vais
je fais ces 3

Réponse 107 / 175

audrey17

oooyyyeeee!!!!
c fini enfin

bon courage a toi

ComboFix 08-02.01.1 - utilisateur 2008-02-01 17:12:18.5 - NTFSx86 MINIMAL
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.768 [GMT 1:00]
Endroit: C:\Documents and Settings\utilisateur\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.

((((((((((((((((((((((((((((( Fichiers créés 2008-01-01 to 2008-02-01 ))))))))))))))))))))))))))))))))))))
.

2008-02-01 17:08 . 2008-02-01 17:08 268 --ah----- C:\sqmdata10.sqm
2008-02-01 17:08 . 2008-02-01 17:08 244 --ah----- C:\sqmnoopt10.sqm
2008-02-01 16:43 . 2008-02-01 16:43 <REP> d-------- C:\WINDOWS\ERUNT
2008-02-01 16:37 . 2008-02-01 16:37 268 --ah----- C:\sqmdata09.sqm
2008-02-01 16:37 . 2008-02-01 16:37 244 --ah----- C:\sqmnoopt09.sqm
2008-02-01 14:34 . 2008-02-01 14:34 268 --ah----- C:\sqmdata08.sqm
2008-02-01 14:34 . 2008-02-01 14:34 244 --ah----- C:\sqmnoopt08.sqm
2008-02-01 14:09 . 2008-02-01 14:09 268 --ah----- C:\sqmdata07.sqm
2008-02-01 14:09 . 2008-02-01 14:09 244 --ah----- C:\sqmnoopt07.sqm
2008-02-01 09:24 . 2008-02-01 09:24 268 --ah----- C:\sqmdata06.sqm
2008-02-01 09:24 . 2008-02-01 09:24 244 --ah----- C:\sqmnoopt06.sqm
2008-02-01 02:11 . 2008-02-01 02:11 268 --ah----- C:\sqmdata05.sqm
2008-02-01 02:11 . 2008-02-01 02:11 244 --ah----- C:\sqmnoopt05.sqm
2008-02-01 01:35 . 2008-02-01 01:35 268 --ah----- C:\sqmdata04.sqm
2008-02-01 01:35 . 2008-02-01 01:35 244 --ah----- C:\sqmnoopt04.sqm
2008-02-01 01:33 . 2008-02-01 01:33 19,952 --a------ C:\Documents and Settings\utilisateur\Application Data\GDIPFONTCACHEV1.DAT
2008-02-01 00:57 . 2008-02-01 00:57 268 --ah----- C:\sqmdata03.sqm
2008-02-01 00:57 . 2008-02-01 00:57 244 --ah----- C:\sqmnoopt03.sqm
2008-02-01 00:52 . 2008-02-01 00:55 <REP> d-------- C:\ComboFix[1]
2008-01-31 18:51 . 2008-02-01 17:10 1,222 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
2008-01-31 18:32 . 2008-01-31 18:32 <REP> d-------- C:\Documents and Settings\utilisateur\Application Data\Grisoft
2008-01-31 18:32 . 2008-01-31 18:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-31 18:32 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-31 17:28 . 2008-01-31 17:28 <REP> d-------- C:\Program Files\Trend Micro
2008-01-31 00:07 . 2008-01-31 23:18 <REP> d-------- C:\Program Files\Lopxp
2008-01-30 22:21 . 2008-01-31 22:31 <REP> d-------- C:\Program Files\Hijackthis Version Française
2008-01-30 21:16 . 2008-01-30 21:16 <REP> d-------- C:\Program Files\Sunbelt Software
2008-01-30 17:07 . 2008-01-30 17:07 <REP> d-------- C:\Program Files\CCleaner
2008-01-29 16:46 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-01-29 16:46 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-01-29 16:46 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-01-28 17:44 . 2006-03-29 15:05 32,768 --------- C:\WINDOWS\system32\IJRMF.exe
2008-01-27 14:53 . 2008-01-27 14:53 <REP> d-------- C:\Documents and Settings\Invité\Application Data\Search Settings
2008-01-27 14:52 . 2004-08-03 22:59 34,688 --a------ C:\WINDOWS\system32\drivers\lbrtfdc.sys
2008-01-27 14:52 . 2004-08-03 22:59 34,688 --a--c--- C:\WINDOWS\system32\dllcache\lbrtfdc.sys
2008-01-27 14:52 . 2004-08-03 23:00 8,192 --a------ C:\WINDOWS\system32\drivers\i2omgmt.sys
2008-01-27 14:52 . 2004-08-03 23:00 8,192 --a------ C:\WINDOWS\system32\drivers\changer.sys
2008-01-27 14:52 . 2004-08-03 23:00 8,192 --a--c--- C:\WINDOWS\system32\dllcache\i2omgmt.sys
2008-01-27 14:52 . 2004-08-03 23:00 8,192 --a--c--- C:\WINDOWS\system32\dllcache\changer.sys
2008-01-23 07:56 . 2008-01-23 07:56 <REP> d-------- C:\WINDOWS\system32\878A8F898E8E93
2008-01-22 09:11 . 2008-02-01 16:47 <REP> d-------- C:\WINDOWS\awktmlhl
2008-01-20 14:51 . 2008-01-20 14:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-20 12:03 . 2008-01-22 09:21 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-01-18 22:24 . 2008-01-18 22:24 <REP> d-------- C:\Program Files\Realtek AC97
2008-01-18 22:24 . 2006-11-17 05:40 18,804,736 --a------ C:\WINDOWS\system32\alsndmgr.cpl
2008-01-18 22:24 . 2006-12-08 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2008-01-18 22:24 . 2007-03-08 14:34 4,027,840 -ra------ C:\WINDOWS\system32\drivers\alcxwdm.sys
2008-01-18 22:24 . 2006-11-17 05:42 577,536 --a------ C:\WINDOWS\soundman.exe
2008-01-18 22:24 . 2006-07-31 11:19 315,392 --a------ C:\WINDOWS\alcupd.exe
2008-01-18 22:24 . 2006-07-31 11:27 217,088 --a------ C:\WINDOWS\Alcrmv.exe
2008-01-18 22:24 . 2006-10-18 02:53 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2008-01-18 22:24 . 2002-02-05 13:54 141,016 --a------ C:\WINDOWS\system32\alsndmgr.wav
2008-01-18 19:40 . 2007-06-07 12:25 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-01-18 19:40 . 2007-06-07 12:25 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-01-18 19:40 . 2007-06-07 14:02 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-01-18 19:40 . 2007-06-07 12:25 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-01-18 19:40 . 2007-06-07 12:25 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-01-18 19:40 . 2007-06-07 12:25 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-01-18 19:40 . 2007-06-07 12:25 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-01-14 18:32 . 2008-02-01 16:56 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-14 18:32 . 2008-01-14 18:32 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-14 18:02 . 2007-06-07 12:25 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage réseau
2008-01-14 18:02 . 2007-06-07 12:25 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage réseau
2008-01-14 18:02 . 2007-06-07 12:25 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage d'impression
2008-01-14 18:02 . 2007-06-07 12:25 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage d'impression
2008-01-14 18:02 . 2007-06-07 14:02 <REP> d--h----- C:\Documents and Settings\Invité\Modèles
2008-01-14 18:02 . 2007-06-07 14:02 <REP> d--h----- C:\Documents and Settings\Invité\Modèles
2008-01-14 18:02 . 2008-01-14 18:03 <REP> dr------- C:\Documents and Settings\Invité\Mes documents
2008-01-14 18:02 . 2008-01-14 18:03 <REP> dr------- C:\Documents and Settings\Invité\Mes documents
2008-01-14 18:02 . 2007-06-07 12:25 <REP> dr------- C:\Documents and Settings\Invité\Menu Démarrer
2008-01-14 18:02 . 2007-06-07 12:25 <REP> dr------- C:\Documents and Settings\Invité\Menu Démarrer
2008-01-14 18:02 . 2008-01-14 18:03 <REP> dr------- C:\Documents and Settings\Invité\Favoris
2008-01-14 18:02 . 2008-01-14 18:03 <REP> dr------- C:\Documents and Settings\Invité\Favoris
2008-01-14 18:02 . 2007-06-07 12:25 <REP> d-------- C:\Documents and Settings\Invité\Bureau
2008-01-14 18:02 . 2007-06-07 12:25 <REP> d-------- C:\Documents and Settings\Invité\Bureau
2008-01-03 13:17 . 2008-01-03 18:09 <REP> d-------- C:\Program Files\Fichiers communs\AVSMedia
2008-01-03 13:17 . 2008-01-03 18:08 <REP> d-------- C:\Program Files\AVSMedia

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-29 22:54 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-28 17:09 --------- d-----w C:\Program Files\eMule
2008-01-27 20:50 14,336 ----a-w C:\WINDOWS\system32\svchost.exe
2008-01-27 14:36 --------- d-----w C:\Program Files\MSN Messenger
2008-01-27 14:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-18 21:54 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-18 21:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-14 18:02 --------- d-----w C:\Program Files\GIMP-2.0
2008-01-14 17:58 --------- d-----w C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-01-14 17:49 --------- d-----w C:\Program Files\Videora
2008-01-14 17:43 --------- d-----w C:\Program Files\BitComet
2008-01-14 17:40 --------- d-----w C:\Program Files\IncrediMail
2007-12-28 19:22 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-12-28 19:13 --------- d-----w C:\Program Files\Windows Live
2007-12-28 19:06 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-19 21:08 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\Gestion Commerciale
2007-12-18 22:00 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\Comptabilité
2007-12-13 18:05 --------- d-----w C:\Program Files\Sony
2007-12-13 18:05 --------- d-----w C:\Program Files\Fichiers communs\Sony Shared
2007-12-13 18:05 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-12-13 18:01 --------- d-----w C:\Program Files\Common Files
2007-12-08 15:02 272,721 ----a-w C:\setup_Winrar_eo.exe
2007-12-08 13:52 80,648 ----a-w C:\install_Winrar_.exe
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-12-01 22:38 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\Dealio
2007-12-01 20:08 --------- d-----w C:\Program Files\Ipod Video Converter
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-01-12 13:23 3,956,736 ----a-w C:\Program Files\FoxitReader.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-10-10 20:49 7286784]
"nwiz"="nwiz.exe" [2005-10-10 20:49 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-10-10 20:49 86016]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-14 23:43 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 13:11 267048]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 05:42 577536 C:\WINDOWS\soundman.exe]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

C:\Documents and Settings\utilisateur\Menu D‚marrer\Programmes\D‚marrage\
Pervasive.SQL Workgroup Engine.lnk - C:\PVSW\Bin\w3dbsmgr.exe [2004-11-26 18:31:32 106546]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04 83360]

R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 10:21]
S1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 10:21]
S1 uiohej;uiohej;C:\WINDOWS\system32\uiohej.log [2008-01-22 12:10]
S2 NVSvcMSDTC;NVIDIA Display Driver Service NVSvcMSDTC;C:\WINDOWS\system32\alsndmgrj.exe srv []
S2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]
S2 SwPrvAudioSrv;MS Software Shadow Copy Provider SwPrvAudioSrv;C:\WINDOWS\system32\alsndmgrx.exe srv []

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-11 18:52:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-01 17:14:43
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

**************************************************************************
.
Temps d'accomplissement: 2008-02-01 17:15:59
ComboFix-quarantined-files.txt 2008-02-01 16:15:08
ComboFix2.txt 2008-02-01 13:39:36
ComboFix3.txt 2008-02-01 13:15:02
ComboFix4.txt 2008-02-01 00:48:50
.
2008-01-10 02:02:03 --- E O F ---

BitDefender Online Scanner

Scan report generated at: Fri, Feb 01, 2008 - 19:41:34

Scan path: A:\;C:\;D:\;E:\;F:\;

Statistics

Time
00:41:39

Files
150812

Folders
5376

Boot Sectors
3

Archives
1862

Packed Files
8949

Results

Identified Viruses
6

Infected Files
58

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
58

Engines Info

Virus Definitions
978586

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
16

Archive plugins
41

Unpack plugins
7

E-mail plugins
6

System plugins
5

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\QooBox\Quarantine\C\blhhjtpx.exe.vir
Infected with: Trojan.Peed.Gen

C:\QooBox\Quarantine\C\blhhjtpx.exe.vir
Disinfection failed

C:\QooBox\Quarantine\C\blhhjtpx.exe.vir
Deleted

C:\QooBox\Quarantine\C\kxhacvkl.exe.vir
Infected with: Trojan.DNSChanger.BX

C:\QooBox\Quarantine\C\kxhacvkl.exe.vir
Disinfection failed

C:\QooBox\Quarantine\C\kxhacvkl.exe.vir
Deleted

C:\QooBox\Quarantine\C\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe.vir
Detected with: Adware.Purityscan.JA

C:\QooBox\Quarantine\C\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe.vir
Disinfection failed

C:\QooBox\Quarantine\C\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe.vir
Deleted

C:\QooBox\Quarantine\C\Program Files\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe.vir
Infected with: Dropped:Trojan.Generic.78149

C:\QooBox\Quarantine\C\Program Files\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe.vir
Disinfection failed

C:\QooBox\Quarantine\C\Program Files\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe.vir
Deleted

C:\QooBox\Quarantine\C\Program Files\InetGet2\YazzleBundle-1560.exe.vir
Detected with: Adware.Purityscan.JA

C:\QooBox\Quarantine\C\Program Files\InetGet2\YazzleBundle-1560.exe.vir
Disinfection failed

C:\QooBox\Quarantine\C\Program Files\InetGet2\YazzleBundle-1560.exe.vir
Deleted

C:\QooBox\Quarantine\C\tuwwp.exe.vir
Infected with: Trojan.DNSChanger.BX

C:\QooBox\Quarantine\C\tuwwp.exe.vir
Disinfection failed

C:\QooBox\Quarantine\C\tuwwp.exe.vir
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP189\A0031958.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP189\A0031958.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP189\A0031958.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP190\A0031976.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP190\A0031976.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP190\A0031976.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP191\A0032006.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP191\A0032006.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP191\A0032006.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP192\A0032032.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP192\A0032032.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP192\A0032032.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP193\A0032042.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP193\A0032042.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP193\A0032042.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP194\A0032049.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP194\A0032049.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP194\A0032049.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP195\A0032058.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP195\A0032058.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP195\A0032058.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP195\A0032062.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP195\A0032062.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP195\A0032062.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP196\A0032069.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP196\A0032069.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP196\A0032069.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP197\A0032093.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP197\A0032093.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP197\A0032093.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP198\A0032100.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP198\A0032100.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP198\A0032100.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP199\A0032113.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP199\A0032113.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP199\A0032113.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP199\A0032147.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP199\A0032147.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP199\A0032147.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP200\A0032155.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP200\A0032155.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP200\A0032155.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP200\A0032203.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP200\A0032203.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP200\A0032203.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032209.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032209.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032209.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032235.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032235.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032235.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032245.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032245.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032245.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032315.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032315.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032315.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032344.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032344.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032344.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP202\A0032452.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP202\A0032452.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP202\A0032452.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP202\A0032694.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP202\A0032694.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP202\A0032694.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP203\A0032700.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP203\A0032700.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP203\A0032700.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP203\A0032710.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP203\A0032710.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP203\A0032710.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP204\A0032715.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP204\A0032715.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP204\A0032715.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP204\A0032725.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP204\A0032725.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP204\A0032725.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032732.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032732.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032732.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032753.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032753.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032753.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032894.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032894.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032894.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032906.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032906.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032906.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033988.exe
Infected with: Trojan.Peed.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033988.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033988.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033990.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033990.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033990.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033997.exe
Infected with: Trojan.Peed.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033997.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033997.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033999.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033999.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033999.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0034023.exe
Infected with: Trojan.Peed.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0034023.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0034023.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0034027.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0034027.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0034027.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP214\A0034144.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP214\A0034144.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP214\A0034144.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP217\A0034272.exe
Infected with: Trojan.Peed.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP217\A0034272.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP217\A0034272.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP218\A0034302.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP218\A0034302.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP218\A0034302.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP220\A0035360.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP220\A0035360.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP220\A0035360.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP221\A0036360.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP221\A0036360.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP221\A0036360.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP222\A0036399.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP222\A0036399.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP222\A0036399.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037530.exe
Infected with: Trojan.Peed.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037530.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037530.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037531.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037531.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037531.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037532.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037532.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037532.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037552.exe
Detected with: Adware.Wintouch.A

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037552.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037552.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039865.exe
Detected with: Adware.Purityscan.JA

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039865.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039865.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039873.exe
Infected with: Dropped:Trojan.Generic.78149

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039873.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039873.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039874.exe
Detected with: Adware.Purityscan.JA

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039874.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039874.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040063.exe
Infected with: Trojan.Peed.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040063.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040063.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040064.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040064.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040064.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040065.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040065.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040065.exe
Deleted

Réponse 108 / 175

audrey17

oooyyyeeee!!!!
c fini enfin

bon courage a toi

ComboFix 08-02.01.1 - utilisateur 2008-02-01 17:12:18.5 - NTFSx86 MINIMAL
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.768 [GMT 1:00]
Endroit: C:\Documents and Settings\utilisateur\Bureau\ComboFix.exe

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !!/b/color
.

((((((((((((((((((((((((((((( Fichiers créés 2008-01-01 to 2008-02-01 ))))))))))))))))))))))))))))))))))))
.

2008-02-01 17:08 . 2008-02-01 17:08 268 --ah----- C:\sqmdata10.sqm
2008-02-01 17:08 . 2008-02-01 17:08 244 --ah----- C:\sqmnoopt10.sqm
2008-02-01 16:43 . 2008-02-01 16:43 <REP> d-------- C:\WINDOWS\ERUNT
2008-02-01 16:37 . 2008-02-01 16:37 268 --ah----- C:\sqmdata09.sqm
2008-02-01 16:37 . 2008-02-01 16:37 244 --ah----- C:\sqmnoopt09.sqm
2008-02-01 14:34 . 2008-02-01 14:34 268 --ah----- C:\sqmdata08.sqm
2008-02-01 14:34 . 2008-02-01 14:34 244 --ah----- C:\sqmnoopt08.sqm
2008-02-01 14:09 . 2008-02-01 14:09 268 --ah----- C:\sqmdata07.sqm
2008-02-01 14:09 . 2008-02-01 14:09 244 --ah----- C:\sqmnoopt07.sqm
2008-02-01 09:24 . 2008-02-01 09:24 268 --ah----- C:\sqmdata06.sqm
2008-02-01 09:24 . 2008-02-01 09:24 244 --ah----- C:\sqmnoopt06.sqm
2008-02-01 02:11 . 2008-02-01 02:11 268 --ah----- C:\sqmdata05.sqm
2008-02-01 02:11 . 2008-02-01 02:11 244 --ah----- C:\sqmnoopt05.sqm
2008-02-01 01:35 . 2008-02-01 01:35 268 --ah----- C:\sqmdata04.sqm
2008-02-01 01:35 . 2008-02-01 01:35 244 --ah----- C:\sqmnoopt04.sqm
2008-02-01 01:33 . 2008-02-01 01:33 19,952 --a------ C:\Documents and Settings\utilisateur\Application Data\GDIPFONTCACHEV1.DAT
2008-02-01 00:57 . 2008-02-01 00:57 268 --ah----- C:\sqmdata03.sqm
2008-02-01 00:57 . 2008-02-01 00:57 244 --ah----- C:\sqmnoopt03.sqm
2008-02-01 00:52 . 2008-02-01 00:55 <REP> d-------- C:\ComboFix[1]
2008-01-31 18:51 . 2008-02-01 17:10 1,222 --a------ C:\WINDOWS\system32\drivers\fwdrv.err
2008-01-31 18:32 . 2008-01-31 18:32 <REP> d-------- C:\Documents and Settings\utilisateur\Application Data\Grisoft
2008-01-31 18:32 . 2008-01-31 18:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-01-31 18:32 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-01-31 17:28 . 2008-01-31 17:28 <REP> d-------- C:\Program Files\Trend Micro
2008-01-31 00:07 . 2008-01-31 23:18 <REP> d-------- C:\Program Files\Lopxp
2008-01-30 22:21 . 2008-01-31 22:31 <REP> d-------- C:\Program Files\Hijackthis Version Française
2008-01-30 21:16 . 2008-01-30 21:16 <REP> d-------- C:\Program Files\Sunbelt Software
2008-01-30 17:07 . 2008-01-30 17:07 <REP> d-------- C:\Program Files\CCleaner
2008-01-29 16:46 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-01-29 16:46 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-01-29 16:46 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-01-28 17:44 . 2006-03-29 15:05 32,768 --------- C:\WINDOWS\system32\IJRMF.exe
2008-01-27 14:53 . 2008-01-27 14:53 <REP> d-------- C:\Documents and Settings\Invité\Application Data\Search Settings
2008-01-27 14:52 . 2004-08-03 22:59 34,688 --a------ C:\WINDOWS\system32\drivers\lbrtfdc.sys
2008-01-27 14:52 . 2004-08-03 22:59 34,688 --a--c--- C:\WINDOWS\system32\dllcache\lbrtfdc.sys
2008-01-27 14:52 . 2004-08-03 23:00 8,192 --a------ C:\WINDOWS\system32\drivers\i2omgmt.sys
2008-01-27 14:52 . 2004-08-03 23:00 8,192 --a------ C:\WINDOWS\system32\drivers\changer.sys
2008-01-27 14:52 . 2004-08-03 23:00 8,192 --a--c--- C:\WINDOWS\system32\dllcache\i2omgmt.sys
2008-01-27 14:52 . 2004-08-03 23:00 8,192 --a--c--- C:\WINDOWS\system32\dllcache\changer.sys
2008-01-23 07:56 . 2008-01-23 07:56 <REP> d-------- C:\WINDOWS\system32\878A8F898E8E93
2008-01-22 09:11 . 2008-02-01 16:47 <REP> d-------- C:\WINDOWS\awktmlhl
2008-01-20 14:51 . 2008-01-20 14:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-01-20 12:03 . 2008-01-22 09:21 <REP> d-------- C:\Program Files\Messenger Plus! Live
2008-01-18 22:24 . 2008-01-18 22:24 <REP> d-------- C:\Program Files\Realtek AC97
2008-01-18 22:24 . 2006-11-17 05:40 18,804,736 --a------ C:\WINDOWS\system32\alsndmgr.cpl
2008-01-18 22:24 . 2006-12-08 15:20 10,528,768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2008-01-18 22:24 . 2007-03-08 14:34 4,027,840 -ra------ C:\WINDOWS\system32\drivers\alcxwdm.sys
2008-01-18 22:24 . 2006-11-17 05:42 577,536 --a------ C:\WINDOWS\soundman.exe
2008-01-18 22:24 . 2006-07-31 11:19 315,392 --a------ C:\WINDOWS\alcupd.exe
2008-01-18 22:24 . 2006-07-31 11:27 217,088 --a------ C:\WINDOWS\Alcrmv.exe
2008-01-18 22:24 . 2006-10-18 02:53 147,456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2008-01-18 22:24 . 2002-02-05 13:54 141,016 --a------ C:\WINDOWS\system32\alsndmgr.wav
2008-01-18 19:40 . 2007-06-07 12:25 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage réseau
2008-01-18 19:40 . 2007-06-07 12:25 <REP> d--h----- C:\Documents and Settings\Administrateur\Voisinage d'impression
2008-01-18 19:40 . 2007-06-07 14:02 <REP> d--h----- C:\Documents and Settings\Administrateur\Modèles
2008-01-18 19:40 . 2007-06-07 12:25 <REP> d-------- C:\Documents and Settings\Administrateur\Mes documents
2008-01-18 19:40 . 2007-06-07 12:25 <REP> dr------- C:\Documents and Settings\Administrateur\Menu Démarrer
2008-01-18 19:40 . 2007-06-07 12:25 <REP> d-------- C:\Documents and Settings\Administrateur\Favoris
2008-01-18 19:40 . 2007-06-07 12:25 <REP> d-------- C:\Documents and Settings\Administrateur\Bureau
2008-01-14 18:32 . 2008-02-01 16:56 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-01-14 18:32 . 2008-01-14 18:32 1,409 --a------ C:\WINDOWS\QTFont.for
2008-01-14 18:02 . 2007-06-07 12:25 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage réseau
2008-01-14 18:02 . 2007-06-07 12:25 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage réseau
2008-01-14 18:02 . 2007-06-07 12:25 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage d'impression
2008-01-14 18:02 . 2007-06-07 12:25 <REP> d--h----- C:\Documents and Settings\Invité\Voisinage d'impression
2008-01-14 18:02 . 2007-06-07 14:02 <REP> d--h----- C:\Documents and Settings\Invité\Modèles
2008-01-14 18:02 . 2007-06-07 14:02 <REP> d--h----- C:\Documents and Settings\Invité\Modèles
2008-01-14 18:02 . 2008-01-14 18:03 <REP> dr------- C:\Documents and Settings\Invité\Mes documents
2008-01-14 18:02 . 2008-01-14 18:03 <REP> dr------- C:\Documents and Settings\Invité\Mes documents
2008-01-14 18:02 . 2007-06-07 12:25 <REP> dr------- C:\Documents and Settings\Invité\Menu Démarrer
2008-01-14 18:02 . 2007-06-07 12:25 <REP> dr------- C:\Documents and Settings\Invité\Menu Démarrer
2008-01-14 18:02 . 2008-01-14 18:03 <REP> dr------- C:\Documents and Settings\Invité\Favoris
2008-01-14 18:02 . 2008-01-14 18:03 <REP> dr------- C:\Documents and Settings\Invité\Favoris
2008-01-14 18:02 . 2007-06-07 12:25 <REP> d-------- C:\Documents and Settings\Invité\Bureau
2008-01-14 18:02 . 2007-06-07 12:25 <REP> d-------- C:\Documents and Settings\Invité\Bureau
2008-01-03 13:17 . 2008-01-03 18:09 <REP> d-------- C:\Program Files\Fichiers communs\AVSMedia
2008-01-03 13:17 . 2008-01-03 18:08 <REP> d-------- C:\Program Files\AVSMedia

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-29 22:54 --------- d---a-w C:\Documents and Settings\All Users\Application Data\TEMP
2008-01-28 17:09 --------- d-----w C:\Program Files\eMule
2008-01-27 20:50 14,336 ----a-w C:\WINDOWS\system32\svchost.exe
2008-01-27 14:36 --------- d-----w C:\Program Files\MSN Messenger
2008-01-27 14:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-01-18 21:54 --------- d-----w C:\Program Files\Windows Live Safety Center
2008-01-18 21:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-14 18:02 --------- d-----w C:\Program Files\GIMP-2.0
2008-01-14 17:58 --------- d-----w C:\Program Files\ABBYY FineReader 6.0 Sprint
2008-01-14 17:49 --------- d-----w C:\Program Files\Videora
2008-01-14 17:43 --------- d-----w C:\Program Files\BitComet
2008-01-14 17:40 --------- d-----w C:\Program Files\IncrediMail
2007-12-28 19:22 --------- d-----w C:\Program Files\Windows Live Toolbar
2007-12-28 19:13 --------- d-----w C:\Program Files\Windows Live
2007-12-28 19:06 --------- dcsh--w C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-12-19 21:08 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\Gestion Commerciale
2007-12-18 22:00 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\Comptabilité
2007-12-13 18:05 --------- d-----w C:\Program Files\Sony
2007-12-13 18:05 --------- d-----w C:\Program Files\Fichiers communs\Sony Shared
2007-12-13 18:05 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-12-13 18:01 --------- d-----w C:\Program Files\Common Files
2007-12-08 15:02 272,721 ----a-w C:\setup_Winrar_eo.exe
2007-12-08 13:52 80,648 ----a-w C:\install_Winrar_.exe
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AvastSS.scr
2007-12-01 22:38 --------- d-----w C:\Documents and Settings\utilisateur\Application Data\Dealio
2007-12-01 20:08 --------- d-----w C:\Program Files\Ipod Video Converter
2007-11-07 09:28 728,576 ----a-w C:\WINDOWS\system32\lsasrv.dll
2007-01-12 13:23 3,956,736 ----a-w C:\Program Files\FoxitReader.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 13:00 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 17:24 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-10-10 20:49 7286784]
"nwiz"="nwiz.exe" [2005-10-10 20:49 1519616 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-10-10 20:49 86016]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-11-14 23:43 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-11-15 13:11 267048]
"SoundMan"="SOUNDMAN.EXE" [2006-11-17 05:42 577536 C:\WINDOWS\soundman.exe]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-05 13:00 15360]

C:\Documents and Settings\utilisateur\Menu D‚marrer\Programmes\D‚marrage\
Pervasive.SQL Workgroup Engine.lnk - C:\PVSW\Bin\w3dbsmgr.exe [2004-11-26 18:31:32 106546]

C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 08:01:04 83360]

R1 fwdrv;Firewall Driver;C:\WINDOWS\system32\drivers\fwdrv.sys [2007-04-26 10:21]
S1 khips;Kerio HIPS Driver;C:\WINDOWS\system32\drivers\khips.sys [2007-04-26 10:21]
S1 uiohej;uiohej;C:\WINDOWS\system32\uiohej.log [2008-01-22 12:10]
S2 NVSvcMSDTC;NVIDIA Display Driver Service NVSvcMSDTC;C:\WINDOWS\system32\alsndmgrj.exe srv []
S2 SPF4;Sunbelt Personal Firewall 4;"C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe" [2007-04-26 10:21]
S2 SwPrvAudioSrv;MS Software Shadow Copy Provider SwPrvAudioSrv;C:\WINDOWS\system32\alsndmgrx.exe srv []

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-11 18:52:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-01 17:14:43
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

**************************************************************************
.
Temps d'accomplissement: 2008-02-01 17:15:59
ComboFix-quarantined-files.txt 2008-02-01 16:15:08
ComboFix2.txt 2008-02-01 13:39:36
ComboFix3.txt 2008-02-01 13:15:02
ComboFix4.txt 2008-02-01 00:48:50
.
2008-01-10 02:02:03 --- E O F ---

BitDefender Online Scanner

Scan report generated at: Fri, Feb 01, 2008 - 19:41:34

Scan path: A:\;C:\;D:\;E:\;F:\;

Statistics

Time
00:41:39

Files
150812

Folders
5376

Boot Sectors
3

Archives
1862

Packed Files
8949

Results

Identified Viruses
6

Infected Files
58

Suspect Files
0

Warnings
0

Disinfected
0

Deleted Files
58

Engines Info

Virus Definitions
978586

Engine build
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)

Scan plugins
16

Archive plugins
41

Unpack plugins
7

E-mail plugins
6

System plugins
5

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\QooBox\Quarantine\C\blhhjtpx.exe.vir
Infected with: Trojan.Peed.Gen

C:\QooBox\Quarantine\C\blhhjtpx.exe.vir
Disinfection failed

C:\QooBox\Quarantine\C\blhhjtpx.exe.vir
Deleted

C:\QooBox\Quarantine\C\kxhacvkl.exe.vir
Infected with: Trojan.DNSChanger.BX

C:\QooBox\Quarantine\C\kxhacvkl.exe.vir
Disinfection failed

C:\QooBox\Quarantine\C\kxhacvkl.exe.vir
Deleted

C:\QooBox\Quarantine\C\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe.vir
Detected with: Adware.Purityscan.JA

C:\QooBox\Quarantine\C\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe.vir
Disinfection failed

C:\QooBox\Quarantine\C\Program Files\Fichiers communs\Yazzle1560OinAdmin.exe.vir
Deleted

C:\QooBox\Quarantine\C\Program Files\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe.vir
Infected with: Dropped:Trojan.Generic.78149

C:\QooBox\Quarantine\C\Program Files\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe.vir
Disinfection failed

C:\QooBox\Quarantine\C\Program Files\InetGet2\FINAL -- Fort 5.6_MST-ONLY.exe.vir
Deleted

C:\QooBox\Quarantine\C\Program Files\InetGet2\YazzleBundle-1560.exe.vir
Detected with: Adware.Purityscan.JA

C:\QooBox\Quarantine\C\Program Files\InetGet2\YazzleBundle-1560.exe.vir
Disinfection failed

C:\QooBox\Quarantine\C\Program Files\InetGet2\YazzleBundle-1560.exe.vir
Deleted

C:\QooBox\Quarantine\C\tuwwp.exe.vir
Infected with: Trojan.DNSChanger.BX

C:\QooBox\Quarantine\C\tuwwp.exe.vir
Disinfection failed

C:\QooBox\Quarantine\C\tuwwp.exe.vir
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP189\A0031958.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP189\A0031958.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP189\A0031958.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP190\A0031976.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP190\A0031976.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP190\A0031976.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP191\A0032006.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP191\A0032006.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP191\A0032006.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP192\A0032032.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP192\A0032032.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP192\A0032032.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP193\A0032042.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP193\A0032042.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP193\A0032042.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP194\A0032049.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP194\A0032049.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP194\A0032049.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP195\A0032058.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP195\A0032058.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP195\A0032058.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP195\A0032062.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP195\A0032062.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP195\A0032062.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP196\A0032069.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP196\A0032069.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP196\A0032069.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP197\A0032093.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP197\A0032093.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP197\A0032093.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP198\A0032100.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP198\A0032100.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP198\A0032100.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP199\A0032113.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP199\A0032113.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP199\A0032113.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP199\A0032147.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP199\A0032147.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP199\A0032147.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP200\A0032155.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP200\A0032155.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP200\A0032155.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP200\A0032203.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP200\A0032203.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP200\A0032203.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032209.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032209.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032209.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032235.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032235.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032235.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032245.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032245.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032245.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032315.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032315.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032315.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032344.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032344.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP201\A0032344.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP202\A0032452.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP202\A0032452.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP202\A0032452.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP202\A0032694.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP202\A0032694.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP202\A0032694.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP203\A0032700.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP203\A0032700.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP203\A0032700.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP203\A0032710.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP203\A0032710.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP203\A0032710.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP204\A0032715.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP204\A0032715.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP204\A0032715.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP204\A0032725.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP204\A0032725.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP204\A0032725.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032732.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032732.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032732.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032753.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032753.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032753.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032894.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032894.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032894.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032906.exe
Infected with: Trojan.Obfus.6.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032906.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP205\A0032906.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033988.exe
Infected with: Trojan.Peed.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033988.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033988.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033990.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033990.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033990.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033997.exe
Infected with: Trojan.Peed.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033997.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033997.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033999.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033999.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0033999.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0034023.exe
Infected with: Trojan.Peed.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0034023.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0034023.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0034027.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0034027.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP208\A0034027.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP214\A0034144.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP214\A0034144.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP214\A0034144.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP217\A0034272.exe
Infected with: Trojan.Peed.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP217\A0034272.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP217\A0034272.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP218\A0034302.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP218\A0034302.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP218\A0034302.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP220\A0035360.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP220\A0035360.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP220\A0035360.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP221\A0036360.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP221\A0036360.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP221\A0036360.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP222\A0036399.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP222\A0036399.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP222\A0036399.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037530.exe
Infected with: Trojan.Peed.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037530.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037530.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037531.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037531.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037531.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037532.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037532.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037532.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037552.exe
Detected with: Adware.Wintouch.A

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037552.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP223\A0037552.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039865.exe
Detected with: Adware.Purityscan.JA

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039865.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039865.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039873.exe
Infected with: Dropped:Trojan.Generic.78149

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039873.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039873.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039874.exe
Detected with: Adware.Purityscan.JA

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039874.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP226\A0039874.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040063.exe
Infected with: Trojan.Peed.Gen

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040063.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040063.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040064.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040064.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040064.exe
Deleted

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040065.exe
Infected with: Trojan.DNSChanger.BX

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040065.exe
Disinfection failed

C:\System Volume Information\_restore{7EA0A1BF-4602-48A4-A189-DBE351C23264}\RP227\A0040065.exe
Deleted

Réponse 109 / 175

green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163

ok, as tu fais le scan avec avg ??

où en sont tes soucis ??

++

Réponse 110 / 175

audrey17

excuse moi mais je ne sais plus ou jen suis
il te manque quoi
jai fait scan cclenear
avg et bitdenter
dis moi merci

Réponse 111 / 175

audrey17

le voila

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 18:25:21 01/02/2008

+ Résultat de l'analyse:

Rien à signaler.

Fin du rapport

Réponse 112 / 175

green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163

ok, vu très bien

dis moi à présent où en sont tes soucis ??
++

audrey17

c quoi soucis ???? lol

je me lache

Utilisateur anonyme > audrey17

Coucou...
Excellent Audrey...:D))

A+

Réponse 113 / 175

green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163

où en sont tes problèmes d'infection ??? :))

++

Réponse 114 / 175

audrey17

mes soucis du départ je présume

sur internet je nai plus de pub
avast nai mplus en alerte
par contre je ne suis pas aller sur msn depuis notre echange
jy vias voir

a++

Réponse 115 / 175

audrey17

sur mon msn pas de soucis
par contre ma fille arrive tout a lheure et la on va savoir
car c ds un de ses courriers qun des gros virus est arrivé (je pense)

est ce quil y a une manip a faire avant ????
merci

Réponse 116 / 175

green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163

ok, une dernière verif :

Télécharge MSNFix.zip (de !aur3n7) http://sosvirus.changelog.fr/MSNFix.zip et décompresse-le sur le Bureau.
Lance le fichier MSNFix.bat qui se trouve dans le dossier MSNfix, sur le bureau.
Exécute l'option R.
Si l'infection est détectée, un message apparaitra
Pour lancer le nettoyage, il suffit d'appuyer sur n'importe quelle lettre du clavier puis valider par Entrée
Sauvegarde ce rapport sur ton bureau.

Poste moi ce rapport dans ta prochaine réponse ainsi qu'un nouveau log hijackthis

++

audrey17

et voila !!!!!!

MSNFix 1.650

C:\Documents and Settings\utilisateur\Bureau\MSNFix\MSNFix
Fix exécuté le 01/02/2008 - 21:03:10,14 By utilisateur
mode normal

************************ Recherche les fichiers présents

Aucun Fichier trouvé

************************ Recherche les dossiers présents

Aucun dossier trouvé

************************ Fichiers suspects

/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention

[C:\install_Winrar_.exe] 19F6B1D21BE085BC69B02924A349A21B
[C:\setup_Winrar_eo.exe] 124CAED4BCF270A7E8BDAD4FE8A3E63C

[color=#FF0000][b]==>/b/color SVP merci d'envoyer le fichier [b] C:\DOCUME~1\UTILIS~1\Bureau\Upload_Me.zip /b sur http://upload.changelog.fr

Information ...... Information ...... Information ......

/!\ /!\ MSNFix n'est pas affilié a livekill CleanMessenger /!\ /!\

/!\ /!\ MSNFix is not affiliated with Livekill CleanMessenger /!\ /!\

------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------

--------------------------------------------- END ---------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:08:27, on 01/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\installer\WLSetupSvc.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PVSW\Bin\w3dbsmgr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Pervasive.SQL Workgroup Engine.lnk = C:\PVSW\Bin\w3dbsmgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Compare Prices with &Dealio - C:\Documents and Settings\utilisateur\Application Data\Dealio\kb125\res\DealioSearch.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: NVIDIA Display Driver Service NVSvcMSDTC (NVSvcMSDTC) - Unknown owner - C:\WINDOWS\system32\alsndmgrj.exe (file missing)
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: MS Software Shadow Copy Provider SwPrvAudioSrv (SwPrvAudioSrv) - Unknown owner - C:\WINDOWS\system32\alsndmgrx.exe (file missing)

Réponse 117 / 175

green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163

Ouf ! tout est bien qui fini bien ! :-)

un début un peu difficile mais ensuite tu t'en es très très bien sortie : bravo !

je pense qu'à présent c'est tout propre !

il ne te reste plus qu'à installer un parefeu !

voir ici : http://www.commentcamarche.net/faq/sujet 2432 securite proteger un ordinateur contre les malwares d internet

bonne route !

++

Réponse 118 / 175

audrey17

merci beaucoup a toi (et aux autres aussi) vs etes des champions!!!!
je pense que le lien correspond a une protection dont tu as confiance

par contre jaurais dautre question a poser

comme : quesce que je fais de tous les log (antivirus et autres )que jai telechargé ; comment je les ote ? et lesquels je garde ?

pour internet que pense tu de firefox ? ou lequel dois je mettre ?

je garde l'antivir de windows et pare feu ?

merci encore !!!

bonne soirée jai ma petite famille qui arrive

Réponse 119 / 175

green day Messages postés 26722 Statut Modérateur, Contributeur sécurité 2 163

tu peux supprimer tous les petit programme : combo, sdfix, msnfix OTMoveIt , lopxp ... ainsi que tous les rapports !

tu gardes avg antispy et ccleaner c'est tout !

tu as avast antivirus, garde le et installe ZoneAlarme comme parefeu, il y a un tuto dans le lien que je t'ai donné pour l'installation

firefox : très bien !

@+

;-)

audrey17

merci pour tes conseil je les appliquerai demain
......

mais .........

ma fille est rentree et a ouvert sa cession -- car oui en effet nous avons plusieurs cession (oups )

et des quelle a ouvert ca a clignoté tt rouge!!!!

ca veut dire ........

Réponse 120 / 175

Utilisateur anonyme

Hello,
bien joué à vous deux....;-))
Juste en complément..la cerise sur le gateau...

> Peux-tu vérifier ta console JAVA ici : https://www.java.com/fr/download/uninstalltool.jsp, et installer la nouvelle version au besoin (dans ce cas désinstalle avant l'ancienne version). Dis moi ce qu'il en est stp.

> Tu peux aussi vider ta corbeille.

> Desactive et réactive la restauration de systeme, pour cela : suis les instructions de ce lien : http://service1.symantec.com/SUPPORT/INTER/tsgeninfointl.nsf/fr_docid/20020830101856924

> Passe un coup d'AGV et de Ccleaner de temps en temps (1 fois par semaine à 1 fois par mois, suivant l'utilisation que tu fais de ton PC). Utilise aussi tes autres logiciels de protection (scannes antivirus, antispywares...). N'oublie pas de faire les mises à jour avant de les utiliser. Pense aussi à faire une défragmentation de tes disques durs de temps en temps (garde suffisamment d'espace sur C:\ (1/3 de libre pour être alaise))

> Pour bien protéger ton PC :
[1 Antivirus] + [1 Pare feu] + [Quelques Antispywares] + [Mises à Jour réscentes Windows et Logiciels de Protection] + [Utilisation de Firefox -ou autres- (Internet Explorer présente des failles de sécurité qui mettent lontemps avant d'être corrigées)] + [Utilisation du PC en mode Invité (= limité). Lors d'une infection en mode administrateur le PC est beaucoup plus vulnérable]

> Quelques liens bien utiles :
- http://www.commentcamarche.net/faq/sujet 2432 securite proteger un ordinateur contre les malwares d internet
- https://sebsauvage.net/safehex.html

Voila,
Bonne lecture et bonne continuation....

A+++

:)

audrey17

merci pour tes derniers conseils

je vais installer firefox et suivre vos instructions

mmmaiiiss..

tout n'est pas fini comme indiqué dernier poste de green day

Fenetre cid

175 réponses

Votre réponse

Discussions similaires

Newsletters