Sujet Précédent Sujet Suivant

Virus

Résolu
jardiland88 -  
totobetourne Messages postés 5677 Statut Membre -
Bonjour,
je voudrais savoir comment ou sais si on a un virus ou un cheval de troye??

et aussi coment on peutles supprimer??

merci de vos rep d'avance
A voir également:

50 réponses

Précédent
Réponse 21 / 50
Utilisateur anonyme
 
quand t as fini avec spybot

refais un scan hijackthis et poste le rapport stp
0
Réponse 22 / 50
domael88 Messages postés 263 Statut Membre 1
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:50:22, on 27/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Windows\System32\V0230Mon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\christophe\AppData\Local\ckkdtwu.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\GigaTribe\gigatribe.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\Users\christophe\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [V0230Mon.exe] C:\Windows\System32\V0230Mon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [echovnc-service] "C:\Program Files\EchoVNC\winvnc.exe" -servicehelper
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [each roam] "C:\ProgramData\01 Bind Bind.02gm34"
O4 - HKCU\..\Run: [ROAD ITCH AMOK PING] "C:\ProgramData\Bits Vga Dvd.p1m90r"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [vomaxppsu] c:\users\christophe\appdata\local\vomaxppsu.exe vomaxppsu
O4 - HKCU\..\Run: [xxpjjlhps] c:\users\christophe\appdata\local\xxpjjlhps.exe xxpjjlhps
O4 - HKCU\..\Run: [ckkdtwu] c:\users\christophe\appdata\local\ckkdtwu.exe ckkdtwu
O4 - HKCU\..\Run: [pfececg] c:\users\christophe\appdata\local\pfececg.exe pfececg
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O13 - Gopher Prefix:
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
0
Réponse 23 / 50
Utilisateur anonyme
 
ecoute je vois que tu as beaucoup de difficultées

1) tu n as désinstallé avAst comme expliqué

2) java n est pas a jours

3) ton pc est gravement infecté

4) il y a des solutions mais je ne pense pas que tu es les connaissannces et les capacité pour les mettre en action

5) c est pourquoi il serait plus sage pour toi d enmener ton pc dans un magasin spécialisé

bon courage et bonnes chance

@+
0
domael88 Messages postés 263 Statut Membre 1
 
boui jes j'a oublir pour avaset pou java je n'ai rien cller alors dit moi ta solution et je vais me debrouile avec svp
0
Réponse 24 / 50
Utilisateur anonyme
 
1) désinatal avast comme expliqué plus haut

2) désinstal java et fais la mise a jours

3) refais un scan hijackthis et poste moi le rapport

4) si 1 et 2 non fais on ne contunuera pas
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 50
totobetourne Messages postés 5677 Statut Membre 65
 
chiquitine il faudrait pas s occuper des infections avant de lui faire enlever avast.on ne s occupe des programmes de securite qu a la fin.

si pb pour desinstaller avast va dans la section telechargement puis securite et enfin antivirus, la tu trouveras un petit utilitaire a telecharger et qui pourrait resoudre ton pb.
0
Réponse 26 / 50
domael88 Messages postés 263 Statut Membre 1
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:59:10, on 27/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Windows\System32\V0230Mon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\christophe\AppData\Local\ckkdtwu.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\GigaTribe\gigatribe.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
c:\Users\christophe\Downloads\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [V0230Mon.exe] C:\Windows\System32\V0230Mon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [echovnc-service] "C:\Program Files\EchoVNC\winvnc.exe" -servicehelper
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [each roam] "C:\ProgramData\01 Bind Bind.02gm34"
O4 - HKCU\..\Run: [ROAD ITCH AMOK PING] "C:\ProgramData\Bits Vga Dvd.p1m90r"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [vomaxppsu] c:\users\christophe\appdata\local\vomaxppsu.exe vomaxppsu
O4 - HKCU\..\Run: [xxpjjlhps] c:\users\christophe\appdata\local\xxpjjlhps.exe xxpjjlhps
O4 - HKCU\..\Run: [ckkdtwu] c:\users\christophe\appdata\local\ckkdtwu.exe ckkdtwu
O4 - HKCU\..\Run: [pfececg] c:\users\christophe\appdata\local\pfececg.exe pfececg
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
0
Réponse 27 / 50
Utilisateur anonyme
 
Parfait

Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

-> Double clique combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix
0
domael88 Messages postés 263 Statut Membre 1
 
d'acms comment on ais pour desactiver antivir
0
Réponse 28 / 50
Utilisateur anonyme
 
en bas a droite de l ecran

tu fais un clic droit sur l icone antivir l(e parapluie en rouge et blanc)
tu decoche antivir guard enable
0
Réponse 29 / 50
domael88 Messages postés 263 Statut Membre 1
 
ComboFix 08-05-26.2 - christophe 2008-05-27 16:15:14.1 - NTFSx86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6000.0.1252.1.1036.18.278 [GMT 2:00]
Endroit: C:\Users\christophe\Downloads\ComboFix.exe
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\CHRIST~1\AppData\Roaming\macromedia\Flash Player\#SharedObjects\5HBE5KRZ\iforex.com
C:\Users\CHRIST~1\AppData\Roaming\macromedia\Flash Player\#SharedObjects\5HBE5KRZ\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
C:\Users\CHRIST~1\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
C:\Users\CHRIST~1\AppData\Roaming\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol
C:\Users\christophe\AppData\Local\ckkdtwu.dat
c:\users\christophe\appdata\local\ckkdtwu.exe
c:\Users\christophe\AppData\Local\ckkdtwu_nav.dat
c:\Users\christophe\AppData\Local\ckkdtwu_navps.dat
C:\Users\christophe\AppData\Local\ecjtci.dat
C:\Users\christophe\AppData\Local\ecjtci.exe
C:\Users\christophe\AppData\Local\ecjtci_nav.dat
C:\Users\christophe\AppData\Local\ecjtci_navps.dat

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-04-27 to 2008-05-27 ))))))))))))))))))))))))))))))))))))
.

2008-05-27 15:38 . 2008-05-27 15:38 <REP> d-------- C:\Program Files\Sun
2008-05-27 15:24 . 2008-05-27 15:24 2,026,496 --a------ C:\Windows\System32\win32k.sys
2008-05-27 15:24 . 2008-05-27 15:24 633,856 --a------ C:\Windows\System32\user32.dll
2008-05-27 13:59 . 2008-05-27 13:59 <REP> d-------- C:\Users\All Users\Avira
2008-05-27 13:59 . 2008-05-27 13:59 <REP> d-------- C:\ProgramData\Avira
2008-05-27 13:59 . 2008-05-27 13:59 <REP> d-------- C:\Program Files\Avira
2008-05-27 13:23 . 2008-05-27 13:23 <REP> d-------- C:\Users\CHRIST~1\AppData\Roaming\Malwarebytes
2008-05-27 13:23 . 2008-05-27 13:23 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-05-27 13:23 . 2008-05-27 13:23 <REP> d-------- C:\ProgramData\Malwarebytes
2008-05-27 13:23 . 2008-05-27 13:23 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-27 13:23 . 2008-05-05 20:46 27,048 --a------ C:\Windows\System32\drivers\mbamcatchme.sys
2008-05-27 13:23 . 2008-05-05 20:46 15,864 --a------ C:\Windows\System32\drivers\mbam.sys
2008-05-26 20:02 . 2008-05-26 20:02 54,208 --a------ C:\Users\CHRIST~1\AppData\Roaming\GDIPFONTCACHEV1.DAT
2008-05-25 13:59 . 2008-05-25 13:59 <REP> d-------- C:\Program Files\Sony
2008-05-25 13:58 . 2008-05-25 13:58 <REP> d-------- C:\Program Files\Sony Setup
2008-05-24 12:45 . 2008-05-25 14:05 <REP> d-------- C:\Program Files\Panda Security
2008-05-24 12:41 . 2008-05-24 12:41 <REP> d-------- C:\Windows\BDOSCAN8
2008-05-13 20:45 . 2008-05-13 20:45 <REP> dr------- C:\Users\christophe\Music
2008-05-11 21:00 . 2008-05-11 21:00 <REP> dr------- C:\Windows\System32\config\systemprofile\Searches
2008-05-02 00:27 . 2008-05-02 00:27 <REP> d-------- C:\Users\CHRIST~1\AppData\Roaming\AWPTA
2008-05-02 00:05 . 2008-05-02 00:05 <REP> d-------- C:\Program Files\Atelier Web
2008-05-01 22:33 . 2008-05-01 22:33 <REP> d-------- C:\Program Files\CCleaner
2008-05-01 11:52 . 2008-05-01 11:52 <REP> d-------- C:\Program Files\DemoForge
2008-04-30 00:03 . 2008-04-30 00:09 <REP> d-------- C:\Program Files\adslTV
2008-04-28 20:17 . 2008-04-28 20:17 <REP> d-------- C:\Users\CHRIST~1\AppData\Roaming\SPAMfighter
2008-04-28 20:14 . 2008-05-27 15:57 <REP> d-------- C:\Program Files\SPAMfighter
2008-04-28 20:14 . 2008-04-28 20:14 <REP> d-------- C:\Program Files\Common Files\Application
2008-04-28 20:14 . 2008-04-28 20:14 <REP> d-------- C:\Program Files\Common Files\Ankiro
2008-04-27 21:17 . 2008-05-27 15:45 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-04-27 21:17 . 2008-05-27 15:45 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-04-27 21:17 . 2008-05-27 14:56 <REP> d-------- C:\Program Files\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-27 13:34 --------- d-----w C:\Program Files\Java
2008-05-27 13:08 --------- d-----w C:\ProgramData\Google Updater
2008-05-27 13:04 --------- d-----w C:\Program Files\Circle Developement
2008-05-25 19:25 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\uTorrent
2008-05-24 13:27 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\LimeWire
2008-05-17 12:31 --------- d-----w C:\Program Files\uTorrent
2008-05-02 12:03 --------- d-----w C:\ProgramData\pokeexitlog
2008-05-02 12:03 --------- d-----w C:\ProgramData\Long slow road itch
2008-04-24 09:21 --------- d-----w C:\ProgramData\eMule
2008-04-24 09:20 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\eMule
2008-04-24 09:20 --------- d-----w C:\Program Files\eMule
2008-04-21 09:27 --------- d-----w C:\Program Files\Windows Mail
2008-04-20 18:42 87,040 ----a-w C:\Windows\System32\msoert2.dll
2008-04-20 18:42 39,424 ----a-w C:\Windows\System32\ACCTRES.dll
2008-04-20 18:42 205,824 ----a-w C:\Windows\System32\msoeacct.dll
2008-04-20 18:41 84,480 ----a-w C:\Windows\System32\INETRES.dll
2008-04-20 18:41 737,792 ----a-w C:\Windows\System32\inetcomm.dll
2008-04-20 18:38 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-04-20 18:38 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-04-20 18:38 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-04-20 18:38 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-04-20 18:37 --------- d-----w C:\Program Files\MSXML 4.0
2008-04-17 14:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-17 14:17 --------- d-----w C:\Program Files\e-Carte Bleue Banque Populaire
2008-04-11 19:50 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\Ahead
2008-04-11 16:54 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\GigaTribe
2008-04-08 08:31 --------- d-----w C:\Program Files\LimeWire
2008-04-08 08:29 --------- d-----w C:\Program Files\Common Files\Java
2008-04-08 07:56 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\Sony
2008-04-08 07:56 --------- d-----w C:\ProgramData\Sony
2008-04-08 07:49 --------- d-----w C:\Program Files\Sony Ericsson
2008-04-08 07:47 --------- d-----w C:\Program Files\QuickTime
2008-04-08 07:46 --------- d-----w C:\ProgramData\Apple Computer
2008-04-08 07:45 --------- d-----w C:\ProgramData\Apple
2008-04-08 07:45 --------- d-----w C:\Program Files\Apple Software Update
2008-04-08 06:21 --------- d-----w C:\ProgramData\BVRP Software
2008-04-08 06:21 --------- d-----w C:\Program Files\Avanquest update
2008-04-08 06:18 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\InstallShield
2008-04-08 06:18 --------- d-----w C:\ProgramData\Sony Ericsson
2008-04-07 19:46 --------- d-----w C:\Program Files\Red Kawa
2008-04-07 16:58 --------- d-----w C:\ProgramData\Messenger Plus!
2008-04-07 16:40 --------- d-----w C:\Program Files\SiSoftware
2008-04-07 10:10 --------- d-----w C:\Program Files\GigaTribe
2008-04-07 09:50 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-07 09:48 --------- d-----w C:\Program Files\Google
2008-04-07 09:45 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\vlc
2008-04-07 09:44 --------- d-----w C:\Program Files\VideoLAN
2008-04-07 09:40 --------- d-----w C:\Program Files\VistaCodecPack
2008-04-07 09:19 --------- d-----w C:\Program Files\Common Files\Ahead
2008-04-07 09:16 --------- d-----w C:\ProgramData\Nero
2008-04-07 09:16 --------- d-----w C:\Program Files\Nero
2008-04-07 08:47 --------- d-----w C:\Users\CHRIST~1\AppData\Roaming\ma-config.com
2008-04-07 08:47 --------- d-----w C:\Program Files\ma-config.com
2008-04-06 15:48 --------- d-----w C:\Program Files\Microsoft Games
2008-04-06 15:37 53,080 ----a-w C:\Windows\System32\wuauclt.exe
2008-04-06 15:37 43,352 ----a-w C:\Windows\System32\wups2.dll
2008-04-06 15:37 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
2008-04-06 15:37 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
2008-04-06 15:36 80,896 ----a-w C:\Windows\System32\wudriver.dll
2008-04-06 15:36 549,720 ----a-w C:\Windows\System32\wuapi.dll
2008-04-06 15:36 33,624 ----a-w C:\Windows\System32\wups.dll
2008-04-06 15:36 31,232 ----a-w C:\Windows\System32\wuapp.exe
2008-04-06 15:36 163,000 ----a-w C:\Windows\System32\wuwebv.dll
2008-04-06 15:20 --------- d-----w C:\Program Files\Microsoft Visual Studio.NET
2008-04-06 14:49 --------- d-----r C:\Users\CHRIST~1\AppData\Roaming\Brother
2008-04-06 14:42 --------- d-----w C:\Program Files\Brother
2008-04-06 14:25 --------- d-----w C:\Program Files\Nuance
2008-04-06 14:24 --------- d-----w C:\ProgramData\ScanSoft
2008-04-06 14:24 --------- d-----w C:\ProgramData\InstallShield
2008-04-06 14:23 --------- d-----w C:\Program Files\ScanSoft
2008-04-06 14:23 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
2008-04-06 14:23 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-04-06 14:21 --------- d-----w C:\ProgramData\Brother
2008-04-06 13:07 --------- d-----w C:\Program Files\Alwil Software
2008-04-06 12:09 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-04-06 11:46 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-04-06 11:46 --------- d-----w C:\Program Files\Windows Live
2008-04-06 11:38 --------- d-----w C:\ProgramData\WLInstaller
2008-04-06 10:28 --------- d-sh--w C:\ProgramData\Modèles
2008-04-06 10:28 --------- d-sh--w C:\ProgramData\Menu Démarrer
2008-04-06 10:28 --------- d-sh--w C:\ProgramData\Favoris
2008-04-06 10:28 --------- d-sh--w C:\ProgramData\Bureau
2008-04-06 10:28 --------- d-sh--w C:\Program Files\Fichiers communs
2006-11-02 12:49 174 --sha-w C:\Program Files\desktop.ini
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 14:33 1196032]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"each roam"="C:\ProgramData\[u]0/u1 Bind Bind.02gm34" [2008-05-02 14:02 81936]
"ROAD ITCH AMOK PING"="C:\ProgramData\Bits Vga Dvd.p1m90r" [ ]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:33 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03 210472]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 21:12 30248]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 21:10 46632]
"PPort11reminder"="C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 13:46 255528]
"V0230Mon.exe"="C:\Windows\System32\V0230Mon.exe" [2006-07-19 19:00 36961]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24 286720]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2008-05-14 15:23 321160]
"echovnc-service"="C:\Program Files\EchoVNC\winvnc.exe" [ ]
"MSConfig"="C:\Windows\System32\msconfig.exe" [2006-11-02 11:45 222208]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-05-27 14:03 262401]

C:\Users\christophe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GigaTribe.lnk - C:\Program Files\GigaTribe\gigatribe.exe [2008-04-07 12:10:17 1077248]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-07 11:48:50 124400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{6A47245C-7014-4558-9A9C-A26B2C0ACA44}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{69FF00D8-6D68-4202-92EB-BE32E6055D8F}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"{1CA49CF7-0FF0-425D-A48B-E4211CCF0A9C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{EA70B070-E386-4D79-BA40-FB8DA02DEDF4}C:\\program files\\gigatribe\\gigatribe.exe"= UDP:C:\program files\gigatribe\gigatribe.exe:gigatribe
"UDP Query User{E36ECF5A-060A-449D-AF1B-875B279B50ED}C:\\program files\\gigatribe\\gigatribe.exe"= TCP:C:\program files\gigatribe\gigatribe.exe:gigatribe
"{2598D2DE-6C07-4190-B99B-5D94CBB9D0D3}"= UDP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:Sony Ericsson Media Manager 1.0
"{E7E9F00F-E299-4FA4-A905-9E3563365C7B}"= TCP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:Sony Ericsson Media Manager 1.0
"{2B0EB4E6-17A6-48CF-927E-CB6AAAC02527}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{D262D01E-7FAE-48F7-A01D-38E0FF49DA65}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{E0315C02-9789-49E6-A9B0-CF7B9F0CD982}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{9B6B2A3F-BF23-47E7-A545-FEB019B24D82}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{991CE4ED-0BAA-451B-8116-B2C6FD112729}C:\\program files\\videolan\\vlc\\vlc.exe"= UDP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{98864552-08C5-4766-9716-A93FDBEAA26F}C:\\program files\\videolan\\vlc\\vlc.exe"= TCP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"TCP Query User{58C2BE85-1ABA-41F3-8061-1D03146699FA}C:\\program files\\echovnc\\winvnc.exe"= UDP:C:\program files\echovnc\winvnc.exe:VNC server for Win32
"UDP Query User{24044065-9E3E-43A5-9C01-72E0A308EBBA}C:\\program files\\echovnc\\winvnc.exe"= TCP:C:\program files\echovnc\winvnc.exe:VNC server for Win32
"TCP Query User{8DD9277F-CF44-4EC2-8766-314B347D698A}C:\\users\\christophe\\desktop\\utorrent.exe"= UDP:C:\users\christophe\desktop\utorrent.exe:utorrent.exe
"UDP Query User{5A893358-E7D8-412D-B3EA-2E6E4E787734}C:\\users\\christophe\\desktop\\utorrent.exe"= TCP:C:\users\christophe\desktop\utorrent.exe:utorrent.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R3 dfmirage;dfmirage;C:\Windows\system32\DRIVERS\dfmirage.sys [2005-11-25 17:43]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
CORSvcs REG_MULTI_SZ CORRTSvc

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-05-26 18:32:26 C:\Windows\Tasks\User_Feed_Synchronization-{221B3664-1C0D-407C-B10C-906B16F45A7A}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-27 16:23:30
Windows 6.0.6000 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\System32\audiodg.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\SPAMfighter\sfus.exe
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\conime.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\dllhost.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-05-27 16:29:18 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-27 14:28:51

Pre-Run: 6,590,963,712 octets libres
Post-Run: 6,709,559,296 octets libres

234 --- E O F --- 2008-05-27 13:33:42
0
Réponse 30 / 50
Utilisateur anonyme
 
ok parfait

on continue refais un scan hijackthis et poste moi le rapport stp
0
domael88 Messages postés 263 Statut Membre 1
 
tes tjr la
0
Réponse 31 / 50
domael88 Messages postés 263 Statut Membre 1
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:56:25, on 27/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\conime.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Windows\System32\V0230Mon.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Explorer.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
c:\Users\christophe\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [V0230Mon.exe] C:\Windows\System32\V0230Mon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [echovnc-service] "C:\Program Files\EchoVNC\winvnc.exe" -servicehelper
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [each roam] "C:\ProgramData\01 Bind Bind.02gm34"
O4 - HKCU\..\Run: [ROAD ITCH AMOK PING] "C:\ProgramData\Bits Vga Dvd.p1m90r"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
0
Réponse 32 / 50
Utilisateur anonyme
 
oui j analyse tes rapport ............
0
domael88 Messages postés 263 Statut Membre 1
 
ok exelent merci j'avais peur que tu soie parti
0
Réponse 33 / 50
Utilisateur anonyme
 
Copie le texte ci-dessous :

File::

Folder::
C:\ProgramData\[u]0/u1 Bind Bind.02gm34
C:\ProgramData\Bits Vga Dvd.p1m90r
C:\ProgramData\pokeexitlog

Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un nouveau rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.
0
domael88 Messages postés 263 Statut Membre 1
 
ComboFix 08-05-26.2 - christophe 2008-05-27 18:24:12.2 - NTFSx86
Microsoft® Windows Vista™ Édition Intégrale 6.0.6000.0.1252.1.1036.18.330 [GMT 2:00]
Endroit: C:\Users\christophe\Downloads\ComboFix.exe
Command switches used :: C:\Users\christophe\Documents\CFScript.txt
* Création d'un nouveau point de restauration
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\ProgramData\pokeexitlog
C:\ProgramData\pokeexitlog\dzwmendv.exe
C:\ProgramData\pokeexitlog\funk size amok one.exe
C:\ProgramData\pokeexitlog\Interfragreal.exe
C:\ProgramData\pokeexitlog\wyfkkqtc.exe

.
((((((((((((((((((((((((((((( Fichiers créés 2008-04-27 to 2008-05-27 ))))))))))))))))))))))))))))))))))))
.

2008-05-27 15:38 . 2008-05-27 15:38 <REP> d-------- C:\Program Files\Sun
2008-05-27 15:24 . 2008-05-27 15:24 2,026,496 --a------ C:\Windows\System32\win32k.sys
2008-05-27 15:24 . 2008-05-27 15:24 633,856 --a------ C:\Windows\System32\user32.dll
2008-05-27 13:59 . 2008-05-27 13:59 <REP> d-------- C:\Users\All Users\Avira
2008-05-27 13:59 . 2008-05-27 13:59 <REP> d-------- C:\ProgramData\Avira
2008-05-27 13:59 . 2008-05-27 13:59 <REP> d-------- C:\Program Files\Avira
2008-05-27 13:23 . 2008-05-27 13:23 <REP> d-------- C:\Users\All Users\Malwarebytes
2008-05-27 13:23 . 2008-05-27 13:23 <REP> d-------- C:\ProgramData\Malwarebytes
2008-05-27 13:23 . 2008-05-27 13:23 <REP> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-05-27 13:23 . 2008-05-05 20:46 27,048 --a------ C:\Windows\System32\drivers\mbamcatchme.sys
2008-05-27 13:23 . 2008-05-05 20:46 15,864 --a------ C:\Windows\System32\drivers\mbam.sys
2008-05-25 13:59 . 2008-05-25 13:59 <REP> d-------- C:\Program Files\Sony
2008-05-25 13:58 . 2008-05-25 13:58 <REP> d-------- C:\Program Files\Sony Setup
2008-05-24 12:45 . 2008-05-25 14:05 <REP> d-------- C:\Program Files\Panda Security
2008-05-24 12:41 . 2008-05-24 12:41 <REP> d-------- C:\Windows\BDOSCAN8
2008-05-13 20:45 . 2008-05-13 20:45 <REP> dr------- C:\Users\christophe\Music
2008-05-11 21:00 . 2008-05-11 21:00 <REP> dr------- C:\Windows\System32\config\systemprofile\Searches
2008-05-02 00:05 . 2008-05-02 00:05 <REP> d-------- C:\Program Files\Atelier Web
2008-05-01 22:33 . 2008-05-01 22:33 <REP> d-------- C:\Program Files\CCleaner
2008-05-01 11:52 . 2008-05-01 11:52 <REP> d-------- C:\Program Files\DemoForge
2008-04-30 00:03 . 2008-04-30 00:09 <REP> d-------- C:\Program Files\adslTV
2008-04-28 20:14 . 2008-05-27 17:24 <REP> d-------- C:\Program Files\SPAMfighter
2008-04-28 20:14 . 2008-04-28 20:14 <REP> d-------- C:\Program Files\Common Files\Application
2008-04-28 20:14 . 2008-04-28 20:14 <REP> d-------- C:\Program Files\Common Files\Ankiro
2008-04-27 21:17 . 2008-05-27 15:45 <REP> d-------- C:\Users\All Users\Spybot - Search & Destroy
2008-04-27 21:17 . 2008-05-27 15:45 <REP> d-------- C:\ProgramData\Spybot - Search & Destroy
2008-04-27 21:17 . 2008-05-27 14:56 <REP> d-------- C:\Program Files\Spybot - Search & Destroy

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-27 13:34 --------- d-----w C:\Program Files\Java
2008-05-27 13:08 --------- d-----w C:\ProgramData\Google Updater
2008-05-27 13:04 --------- d-----w C:\Program Files\Circle Developement
2008-05-17 12:31 --------- d-----w C:\Program Files\uTorrent
2008-05-02 12:03 --------- d-----w C:\ProgramData\Long slow road itch
2008-04-24 09:21 --------- d-----w C:\ProgramData\eMule
2008-04-24 09:20 --------- d-----w C:\Program Files\eMule
2008-04-21 09:27 --------- d-----w C:\Program Files\Windows Mail
2008-04-20 18:42 87,040 ----a-w C:\Windows\System32\msoert2.dll
2008-04-20 18:42 39,424 ----a-w C:\Windows\System32\ACCTRES.dll
2008-04-20 18:42 205,824 ----a-w C:\Windows\System32\msoeacct.dll
2008-04-20 18:41 84,480 ----a-w C:\Windows\System32\INETRES.dll
2008-04-20 18:41 737,792 ----a-w C:\Windows\System32\inetcomm.dll
2008-04-20 18:38 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-04-20 18:38 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-04-20 18:38 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-04-20 18:38 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-04-20 18:37 --------- d-----w C:\Program Files\MSXML 4.0
2008-04-17 14:17 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-04-17 14:17 --------- d-----w C:\Program Files\e-Carte Bleue Banque Populaire
2008-04-08 08:31 --------- d-----w C:\Program Files\LimeWire
2008-04-08 08:29 --------- d-----w C:\Program Files\Common Files\Java
2008-04-08 07:56 --------- d-----w C:\ProgramData\Sony
2008-04-08 07:49 --------- d-----w C:\Program Files\Sony Ericsson
2008-04-08 07:47 --------- d-----w C:\Program Files\QuickTime
2008-04-08 07:46 --------- d-----w C:\ProgramData\Apple Computer
2008-04-08 07:45 --------- d-----w C:\ProgramData\Apple
2008-04-08 07:45 --------- d-----w C:\Program Files\Apple Software Update
2008-04-08 06:21 --------- d-----w C:\ProgramData\BVRP Software
2008-04-08 06:21 --------- d-----w C:\Program Files\Avanquest update
2008-04-08 06:18 --------- d-----w C:\ProgramData\Sony Ericsson
2008-04-07 19:46 --------- d-----w C:\Program Files\Red Kawa
2008-04-07 16:58 --------- d-----w C:\ProgramData\Messenger Plus!
2008-04-07 16:40 --------- d-----w C:\Program Files\SiSoftware
2008-04-07 10:10 --------- d-----w C:\Program Files\GigaTribe
2008-04-07 09:50 --------- d-----w C:\Program Files\Common Files\Adobe
2008-04-07 09:48 --------- d-----w C:\Program Files\Google
2008-04-07 09:44 --------- d-----w C:\Program Files\VideoLAN
2008-04-07 09:40 --------- d-----w C:\Program Files\VistaCodecPack
2008-04-07 09:19 --------- d-----w C:\Program Files\Common Files\Ahead
2008-04-07 09:16 --------- d-----w C:\ProgramData\Nero
2008-04-07 09:16 --------- d-----w C:\Program Files\Nero
2008-04-07 08:47 --------- d-----w C:\Program Files\ma-config.com
2008-04-06 15:48 --------- d-----w C:\Program Files\Microsoft Games
2008-04-06 15:37 53,080 ----a-w C:\Windows\System32\wuauclt.exe
2008-04-06 15:37 43,352 ----a-w C:\Windows\System32\wups2.dll
2008-04-06 15:37 1,712,984 ----a-w C:\Windows\System32\wuaueng.dll
2008-04-06 15:37 1,524,224 ----a-w C:\Windows\System32\wucltux.dll
2008-04-06 15:36 80,896 ----a-w C:\Windows\System32\wudriver.dll
2008-04-06 15:36 549,720 ----a-w C:\Windows\System32\wuapi.dll
2008-04-06 15:36 33,624 ----a-w C:\Windows\System32\wups.dll
2008-04-06 15:36 31,232 ----a-w C:\Windows\System32\wuapp.exe
2008-04-06 15:36 163,000 ----a-w C:\Windows\System32\wuwebv.dll
2008-04-06 15:20 --------- d-----w C:\Program Files\Microsoft Visual Studio.NET
2008-04-06 14:42 --------- d-----w C:\Program Files\Brother
2008-04-06 14:25 --------- d-----w C:\Program Files\Nuance
2008-04-06 14:24 --------- d-----w C:\ProgramData\ScanSoft
2008-04-06 14:24 --------- d-----w C:\ProgramData\InstallShield
2008-04-06 14:23 --------- d-----w C:\Program Files\ScanSoft
2008-04-06 14:23 --------- d-----w C:\Program Files\Common Files\ScanSoft Shared
2008-04-06 14:23 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-04-06 14:21 --------- d-----w C:\ProgramData\Brother
2008-04-06 13:07 --------- d-----w C:\Program Files\Alwil Software
2008-04-06 12:09 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-04-06 11:46 --------- dcsh--w C:\Program Files\Common Files\WindowsLiveInstaller
2008-04-06 11:46 --------- d-----w C:\Program Files\Windows Live
2008-04-06 11:38 --------- d-----w C:\ProgramData\WLInstaller
2008-04-06 10:28 --------- d-sh--w C:\ProgramData\Modèles
2008-04-06 10:28 --------- d-sh--w C:\ProgramData\Menu Démarrer
2008-04-06 10:28 --------- d-sh--w C:\ProgramData\Favoris
2008-04-06 10:28 --------- d-sh--w C:\ProgramData\Bureau
2008-04-06 10:28 --------- d-sh--w C:\Program Files\Fichiers communs
2006-11-02 12:49 174 --sha-w C:\Program Files\desktop.ini
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((( snapshot@2008-05-27_16.28.16.33 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-05-27 14:20:50 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-05-27 14:33:19 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-05-27 14:20:50 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-05-27 14:33:19 32,768 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-05-27 14:20:50 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-05-27 14:33:19 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-05-27 14:02:39 103,726 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-05-27 14:28:52 103,726 ----a-w C:\Windows\System32\perfc009.dat
- 2008-05-27 14:02:39 117,366 ----a-w C:\Windows\System32\perfc00C.dat
+ 2008-05-27 14:28:53 117,366 ----a-w C:\Windows\System32\perfc00C.dat
- 2008-05-27 14:02:39 609,944 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-05-27 14:28:53 609,944 ----a-w C:\Windows\System32\perfh009.dat
- 2008-05-27 14:02:39 690,594 ----a-w C:\Windows\System32\perfh00C.dat
+ 2008-05-27 14:28:53 690,594 ----a-w C:\Windows\System32\perfh00C.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2006-11-02 14:33 1196032]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 11:34 5724184]
"each roam"="C:\ProgramData\[u]0/u1 Bind Bind.02gm34" [2008-05-02 14:02 81936]
"ROAD ITCH AMOK PING"="C:\ProgramData\Bits Vga Dvd.p1m90r" [ ]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 14:33 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SSBkgdUpdate"="C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 09:03 210472]
"PaperPort PTD"="C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe" [2007-01-29 21:12 30248]
"IndexSearch"="C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe" [2007-01-29 21:10 46632]
"PPort11reminder"="C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" [2007-02-01 13:46 255528]
"V0230Mon.exe"="C:\Windows\System32\V0230Mon.exe" [2006-07-19 19:00 36961]
"NeroFilterCheck"="C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" [2006-01-12 15:40 155648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24 286720]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"SPAMfighter Agent"="C:\Program Files\SPAMfighter\SFAgent.exe" [2008-05-14 15:23 321160]
"echovnc-service"="C:\Program Files\EchoVNC\winvnc.exe" [ ]
"MSConfig"="C:\Windows\System32\msconfig.exe" [2006-11-02 11:45 222208]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-05-27 14:03 262401]

C:\Users\christophe\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
GigaTribe.lnk - C:\Program Files\GigaTribe\gigatribe.exe [2008-04-07 12:10:17 1077248]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE [2001-02-13 09:01:04 83360]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2008-04-07 11:48:50 124400]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{6A47245C-7014-4558-9A9C-A26B2C0ACA44}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{69FF00D8-6D68-4202-92EB-BE32E6055D8F}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"{1CA49CF7-0FF0-425D-A48B-E4211CCF0A9C}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{EA70B070-E386-4D79-BA40-FB8DA02DEDF4}C:\\program files\\gigatribe\\gigatribe.exe"= UDP:C:\program files\gigatribe\gigatribe.exe:gigatribe
"UDP Query User{E36ECF5A-060A-449D-AF1B-875B279B50ED}C:\\program files\\gigatribe\\gigatribe.exe"= TCP:C:\program files\gigatribe\gigatribe.exe:gigatribe
"{2598D2DE-6C07-4190-B99B-5D94CBB9D0D3}"= UDP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:Sony Ericsson Media Manager 1.0
"{E7E9F00F-E299-4FA4-A905-9E3563365C7B}"= TCP:C:\Program Files\Sony Ericsson\Sony Ericsson Media Manager 1.0\MediaManager.exe:Sony Ericsson Media Manager 1.0
"{2B0EB4E6-17A6-48CF-927E-CB6AAAC02527}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{D262D01E-7FAE-48F7-A01D-38E0FF49DA65}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"TCP Query User{E0315C02-9789-49E6-A9B0-CF7B9F0CD982}C:\\program files\\emule\\emule.exe"= UDP:C:\program files\emule\emule.exe:eMule
"UDP Query User{9B6B2A3F-BF23-47E7-A545-FEB019B24D82}C:\\program files\\emule\\emule.exe"= TCP:C:\program files\emule\emule.exe:eMule
"TCP Query User{991CE4ED-0BAA-451B-8116-B2C6FD112729}C:\\program files\\videolan\\vlc\\vlc.exe"= UDP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"UDP Query User{98864552-08C5-4766-9716-A93FDBEAA26F}C:\\program files\\videolan\\vlc\\vlc.exe"= TCP:C:\program files\videolan\vlc\vlc.exe:VLC media player
"TCP Query User{58C2BE85-1ABA-41F3-8061-1D03146699FA}C:\\program files\\echovnc\\winvnc.exe"= UDP:C:\program files\echovnc\winvnc.exe:VNC server for Win32
"UDP Query User{24044065-9E3E-43A5-9C01-72E0A308EBBA}C:\\program files\\echovnc\\winvnc.exe"= TCP:C:\program files\echovnc\winvnc.exe:VNC server for Win32
"TCP Query User{8DD9277F-CF44-4EC2-8766-314B347D698A}C:\\users\\christophe\\desktop\\utorrent.exe"= UDP:C:\users\christophe\desktop\utorrent.exe:utorrent.exe
"UDP Query User{5A893358-E7D8-412D-B3EA-2E6E4E787734}C:\\users\\christophe\\desktop\\utorrent.exe"= TCP:C:\users\christophe\desktop\utorrent.exe:utorrent.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

R2 SPAMfighter Update Service;SPAMfighter Update Service;"C:\Program Files\SPAMfighter\sfus.exe" [2008-05-14 15:24]
R3 dfmirage;dfmirage;C:\Windows\system32\DRIVERS\dfmirage.sys [2005-11-25 17:43]
R3 R300;R300;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-01-19 00:03]
S3 CORRTSvc;.NET Framework Support Service;C:\Windows\System32\svchost.exe [2006-11-02 11:45]
S3 V0230Vfx;V0230Vfx;C:\Windows\system32\DRIVERS\V0230Vfx.sys [2006-03-24 01:00]
S3 V0230VID;Live! Cam Video IM Pro;C:\Windows\system32\DRIVERS\V0230VID.sys [2007-08-07 01:03]
S4 echovnc-service;echovnc-service;"C:\Program Files\EchoVNC\winvnc.exe" -service []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
CORSvcs REG_MULTI_SZ CORRTSvc

.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-05-26 18:32:26 C:\Windows\Tasks\User_Feed_Synchronization-{221B3664-1C0D-407C-B10C-906B16F45A7A}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-27 18:26:40
Windows 6.0.6000 NTFS

Balayage processus cachés ...

Balayage caché autostart entries ...

Balayage des fichiers cachés ...

Scan terminé avec succès
Les fichiers cachés: 0

**************************************************************************
.
Temps d'accomplissement: 2008-05-27 18:28:13
ComboFix-quarantined-files.txt 2008-05-27 16:27:57
ComboFix2.txt 2008-05-27 14:29:19

Pre-Run: 9,126,113,280 octets libres
Post-Run: 9,474,080,768 octets libres

221 --- E O F --- 2008-05-27 13:33:42
0
Réponse 34 / 50
domael88 Messages postés 263 Statut Membre 1
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:32:10, on 27/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Windows\System32\V0230Mon.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\conime.exe
C:\Windows\system32\notepad.exe
C:\Windows\Explorer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Users\christophe\Downloads\HiJackThis.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [V0230Mon.exe] C:\Windows\System32\V0230Mon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [echovnc-service] "C:\Program Files\EchoVNC\winvnc.exe" -servicehelper
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [each roam] "C:\ProgramData\01 Bind Bind.02gm34"
O4 - HKCU\..\Run: [ROAD ITCH AMOK PING] "C:\ProgramData\Bits Vga Dvd.p1m90r"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
0
Réponse 35 / 50
Utilisateur anonyme
 
télécharge OTMoveIt http://download.bleepingcomputer.com/oldtimer/OTMoveIt2.exe (de Old_Timer) sur ton Bureau.
double-clique sur OTMoveIt.exe pour le lancer.
copie la liste qui se trouve en gras ci-dessous,
et colle-la dans le cadre de gauche de OTMoveIt :Paste List of Files/Folders to be moved.

C:\ProgramData\01 Bind Bind.02gm34
C:\ProgramData\Bits Vga Dvd.p1m90r

clique sur MoveIt! pour lancer la suppression.
le résultat apparaitra dans le cadre "Results".
clique sur Exit pour fermer.
poste le rapport situé dans C:\_OTMoveIt\MovedFiles.

il te sera peut-être demander de redémarrer le pc pour achever la suppression.si c'est le cas accepte par Yes.
0
domael88 Messages postés 263 Statut Membre 1
 
C:\ProgramData\01 Bind Bind.02gm34 moved successfully.
File/Folder C:\ProgramData\Bits Vga Dvd.p1m90r not found.

OTMoveIt2 by OldTimer - Version 1.0.4.2 log created on 05272008_184032
0
Réponse 36 / 50
Utilisateur anonyme
 
ok refais un scan hijackthis et poste le rapport stp
0
Réponse 37 / 50
domael88 Messages postés 263 Statut Membre 1
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:48:10, on 27/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Windows\System32\V0230Mon.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\SPAMfighter\SFAgent.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Windows\System32\mobsync.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\GigaTribe\gigatribe.exe
C:\Windows\system32\SearchFilterHost.exe
c:\Users\christophe\Downloads\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"
O4 - HKLM\..\Run: [IndexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"
O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini
O4 - HKLM\..\Run: [V0230Mon.exe] C:\Windows\System32\V0230Mon.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [echovnc-service] "C:\Program Files\EchoVNC\winvnc.exe" -servicehelper
O4 - HKLM\..\Run: [MSConfig] "C:\Windows\System32\msconfig.exe" /auto
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [each roam] "C:\ProgramData\01 Bind Bind.02gm34"
O4 - HKCU\..\Run: [ROAD ITCH AMOK PING] "C:\ProgramData\Bits Vga Dvd.p1m90r"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: SPAMfighter Update Service - SPAMfighter ApS - C:\Program Files\SPAMfighter\sfus.exe
0
Réponse 38 / 50
Utilisateur anonyme
 
dans ton rapport il y a ça :

O4 - HKCU\..\Run: [each roam] "C:\ProgramData\01 Bind Bind.02gm34"
O4 - HKCU\..\Run: [ROAD ITCH AMOK PING] "C:\ProgramData\Bits Vga Dvd.p1m90r"

va dans ordinateur

entre dans le disque C

entre dans programdata

supprime : 01 Bind Bind.02gm34 et

: Bits Vga Dvd.p1m90r

dis moi ce que ça donne
0
Réponse 39 / 50
domael88 Messages postés 263 Statut Membre 1
 
non ds le disque c je ne les trouve pasil faut que je le supprime par hijackthis ???
0
Réponse 40 / 50
domael88 Messages postés 263 Statut Membre 1
 
moi ces marquer 01 bind bind.0bs25 et 01 bind bind.i0edpe
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses