Sujet Précédent Sujet Suivant

Probleme avec Win32:Spyware-gen [Trj]

Fermé
remi59492 Messages postés 18 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 19 avril 2009 - 2 août 2008 à 10:23
 remi59492 - 3 août 2008 à 18:07
Bonjour,
Bonjour,
Voila je m'appelle remi est j'ai depuis un certain un probleme avec un cheval de troie qui ne veut pas partir malgré avast.

En surfant un peu sur le site chez telechargé hijacthis et dont voila le rapport

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:09:56, on 02/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Multimedia Keyboard Application\PS2USBKbdDrv.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Administrateur.TITANIUM\Mes documents\Sanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O2 - BHO: (no name) - {004F1507-98D8-43D1-B121-C44FA3840180} - C:\WINDOWS\system32\ljJDSMgG.dll (file missing)
O2 - BHO: (no name) - {02A1C949-C74A-4612-8541-B2E42B446D73} - C:\WINDOWS\system32\gebcb.dll (file missing)
O2 - BHO: (no name) - {036F86CD-5D84-4B72-804B-2E0E6A23054A} - C:\WINDOWS\system32\tuvTnnnO.dll (file missing)
O2 - BHO: (no name) - {36142690-3B49-4126-96EC-DA81E8B2DE57} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {67FF30C1-C180-4459-96F2-7C809EA32AB0} - C:\WINDOWS\system32\jkkHBQKb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9EBF5ACA-E344-45D2-8B2C-7E3ADA8C834D} - C:\WINDOWS\system32\vturr.dll (file missing)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Application\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DVD43] C:\PROGRA~1\DVD Region+CSS Free\DVDRegionFree.exe /hidden
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSI Configuration] msiconf.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O15 - Trusted Zone: *.amaena.com
O15 - Trusted Zone: *.avsystemcare.com
O15 - Trusted Zone: *.onerateld.com
O15 - Trusted Zone: *.safetydownload.com
O15 - Trusted Zone: *.trustedantivirus.com
O15 - Trusted Zone: *.virusschlacht.com
O15 - Trusted Zone: *.amaena.com (HKLM)
O15 - Trusted Zone: *.avsystemcare.com (HKLM)
O15 - Trusted Zone: *.onerateld.com (HKLM)
O15 - Trusted Zone: *.safetydownload.com (HKLM)
O15 - Trusted Zone: *.trustedantivirus.com (HKLM)
O15 - Trusted Zone: *.virusschlacht.com (HKLM)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O20 - Winlogon Notify: nnnmlll - nnnmlll.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe

15 réponses

Réponse 1 / 15
Utilisateur anonyme
2 août 2008 à 10:29
Salut Rémy,


Télécharge ce fichier sur le bureau :

http://downloads.malwareremoval.com/Nel/FixP.zip


Extrait et double clique sur Fix_Protocol_zones_ranges.reg.

Acceptes lorsqu'il te demande de fusionner avec le registre.



ensuite :


Telecharge malwarebytes

-> http://www.malwarebytes.org/mbam/program/mbam-setup.exe

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log
0
Réponse 2 / 15
afideg Messages postés 10517 Date d'inscription lundi 10 octobre 2005 Statut Contributeur sécurité Dernière intervention 12 avril 2022 602
2 août 2008 à 10:55
Bonjour
Juste pour suivre
Merci
Al.
0
Réponse 3 / 15
remi59492 Messages postés 18 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 19 avril 2009
2 août 2008 à 12:16
voila le rapport de malware

Malwarebytes' Anti-Malware 1.24
Version de la base de données: 1015
Windows 5.1.2600 Service Pack 2

12:06:37 02/08/2008
mbam-log-8-2-2008 (12-06-31).txt

Type de recherche: Examen complet (C:\|G:\|)
Eléments examinés: 120163
Temps écoulé: 1 hour(s), 7 minute(s), 53 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 9
Valeur(s) du Registre infectée(s): 7
Elément(s) de données du Registre infecté(s): 1
Dossier(s) infecté(s): 7
Fichier(s) infecté(s): 2747

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\xpre (Trojan.Downloader) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\dslcnnct (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{36142690-3b49-4126-96ec-da81e8b2de57} (Trojan.BHO) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IProxyProvider (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{36142690-3b49-4126-96ec-da81e8b2de57} (Trojan.BHO) -> Delete on reboot.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\mu (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\iu (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bk (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Settings\bf (Trojan.Agent) -> Delete on reboot.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{b69a9db4-d0a1-4722-b56b-f20757a29cdf} (Adware.Agent) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Dossier(s) infecté(s):
C:\Program Files\Live_TV\rss (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\RadioPlayer (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV (Adware.Agent) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\WINDOWS\system32\csseqch.dll (Trojan.BHO) -> Delete on reboot.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\pskt.ini (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM7f3ea235.xml (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\WINDOWS\BM7f3ea235.txt (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\update.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\toolbar.cfg (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\tbLive.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\tbLiv1.dll (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\tbLiv0.dll (Adware.Shopper) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___youtube_com_rss_global_top_rated_rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___youtube_com_rss_global_top_rated_rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___www_tv-fox_com_rss_php_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___www_tv-fox_com_rss_php_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___www_tv-fox_com_rss_php.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___tinyurl_com_27xlm8_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___tinyurl_com_27xlm8.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\UNWISE.EXE (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\ThirdPartyComponents.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer\User_Media_List.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\RadioPlayer\Predefined_Media_List.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\LocalSettings.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\LanguagePack.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Program Files\Live_TV\INSTALL.LOG (Adware.Agent) -> Quarantined and deleted successfully.
C:\INSTALL (Rogue.Multiple) -> Delete on reboot.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\update.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_viewed_today_rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_rated_rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_rated_rss_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___youtube_com_rss_global_top_rated_rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___www_tv-fox_com_rss_php_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___www_tv-fox_com_rss_php_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___www_tv-fox_com_rss_php.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___video_google_com_videofeed_type=top100new&num=20&output=rss.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___tinyurl_com_2u3tzj.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___tinyurl_com_27xlm8_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___tinyurl_com_27xlm8_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___tinyurl_com_27xlm8.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_structured.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps_history.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\http___feeds_feedburner_com_metacafe_TYps.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\rss\fmts=2&saprclo=150&sascs=2&saprchi=550&saaff=afepn&ftrv=8&fbfmt=1&ftrt=1&fcl=3&ft=1&frpp=50&customid=&nojspr=y&satitle=new&afmp=&sacat=293&saslop=1&fss=0.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\ThirdPartyComponents.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\RadioPlayer\User_Media_List.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\RadioPlayer\Predefined_Media_List.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\LocalSettings.txt (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\LanguagePack.xml (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_effectivebrand_com_BankImages_CommandComps_highlighter_icon_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_effectivebrand_com_BankImages_CommandComps_highlighter_dis_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633259244211325000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633259220488981250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633259219956950000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258729656062500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258729327312500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258716268406250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258546187781250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258536696531250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258535404656250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258534851375000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258533944968750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258533454031250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258532909187500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258532308875000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258531797937500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258529522468750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258527404500000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258526925125000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258526499031250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258526018406250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258525575906250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258525135281250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258523770125000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258522937781250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258522135125000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258521498406250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258521084187500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258520454812500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258519755750000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258519101687500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258518570281250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258518036218750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258517212000000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258516621687500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258514063406250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258513637625000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258511622468750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258510782781250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258510334343750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258509929968750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258506667000000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258506199187500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258505668718750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258505056687500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633258504057000000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257795579806250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257795269025000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257794403400000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257793212775000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257792717306250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257791083712500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257790694181250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257790332775000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257789664806250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257789196993750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257788730587500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257788276837500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257787873400000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257787387306250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257786796837500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257786363400000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257785893868750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257785207618750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257784573087500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257784086056250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257783668556250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257783141212500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257782199962500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257781624337500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257781054650000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257780311212500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257753921368750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257753518243750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257752766212500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257747451368750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257744145587500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257743749493750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257743336993750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257742984962500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257742528400000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257741868712500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257741385900000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257740797618750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257739956993750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257739462931250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257739018868750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257738469025000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257738022775000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257737049650000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257736467775000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257721901368750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257721456212500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257720175587500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257719821056250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257719196368750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257718274806250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257710538087500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257709997931250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257709358868750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257708904962500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257708440431250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257707446056250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257706778243750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257705887150000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257705355431250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257704919025000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257704165118750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257703648556250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257700781993750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257700306056250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257699755743750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257699289962500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257698794181250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257698039337500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257697373400000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257696781993750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257695220743750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257694440900000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257459634650000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257458984337500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257458462462500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257457064962500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257456272462500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257437962775000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257437276993750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257436546993750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257435742775000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257428393556250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257426158087500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257424923087500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257424372150000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257423829493750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257423413243750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257422397150000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257421245275000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257420799025000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257417361212500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257397790431250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257397133868750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257395029962500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633257394061525000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633256817855600000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633256815259193750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633255879116043750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633255875773387500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633255636576493750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633255634753681250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633255633497118750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633255632248681250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633255628863681250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250672668125000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250041272187500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250040300468750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250039917031250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250033055625000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250019590781250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250017288906250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250016619843750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250016125468750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250015789687500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250015425000000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250015005625000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250014613593750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250013324062500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250012549218750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250012155312500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250010519843750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250010070625000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250009302500000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250008899375000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250008054843750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250006500000000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250005891718750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250005523281250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250005047812500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250004442187500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250003864062500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633250003347343750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633249874294362500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633249873606393750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633249873136393750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633249872320143750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633249865831393750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633249865165456250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633249863806550000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633249863115768750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633249862699518750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633249850087643750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633249848194050000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633249847792643750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247907027431250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247393054962500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247392360431250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247388755743750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247388418243750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247387967462500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247387580431250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247384411525000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247383913712500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247383416993750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247380381212500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247379756368750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247379062150000_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247378502931250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247377450743750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247375015118750_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247374446837500_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit_com_storage_65_64_CT649865_Images_633247374023556250_gif.gif (Adware.Agent) -> Quarantined and deleted successfully.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Application Data\Live_TV\CacheIcons\http___www_conduit
0
Réponse 4 / 15
Utilisateur anonyme
2 août 2008 à 12:20
réouvre malewarebyte
va sur quarantaine
supprime tout


ensuite refais un scan hijackthis et post le rapport stp

PS : Salut Al.
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 15
remi59492 Messages postés 18 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 19 avril 2009
2 août 2008 à 21:24
Désolé pour le retard voila le resultat du sca,n

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:23:42, on 02/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Multimedia Keyboard Application\PS2USBKbdDrv.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\AlertModule.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Administrateur.TITANIUM\Mes documents\Sanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O2 - BHO: (no name) - {004F1507-98D8-43D1-B121-C44FA3840180} - C:\WINDOWS\system32\ljJDSMgG.dll (file missing)
O2 - BHO: (no name) - {02A1C949-C74A-4612-8541-B2E42B446D73} - C:\WINDOWS\system32\gebcb.dll (file missing)
O2 - BHO: (no name) - {036F86CD-5D84-4B72-804B-2E0E6A23054A} - C:\WINDOWS\system32\tuvTnnnO.dll (file missing)
O2 - BHO: (no name) - {36142690-3B49-4126-96EC-DA81E8B2DE57} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {67FF30C1-C180-4459-96F2-7C809EA32AB0} - C:\WINDOWS\system32\jkkHBQKb.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9EBF5ACA-E344-45D2-8B2C-7E3ADA8C834D} - C:\WINDOWS\system32\vturr.dll (file missing)
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Application\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DVD43] C:\PROGRA~1\DVD Region+CSS Free\DVDRegionFree.exe /hidden
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [avast!] "C:\Program Files\Alwil Software\Avast4\ashDisp.exe"
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [adiras] adiras.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [MSI Configuration] msiconf.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O20 - Winlogon Notify: nnnmlll - nnnmlll.dll (file missing)
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
0
Réponse 6 / 15
Utilisateur anonyme
2 août 2008 à 21:28
Télécharge combofix : http://download.bleepingcomputer.com/sUBs/ComboFix.exe




-> Double clique sur combofix.exe.
-> Tape sur la touche 1 (Yes) pour démarrer le scan.
-> Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

Avant d'utiliser ComboFix :

-> Déconnecte toi d'internet et referme les fenêtres de tous les programmes en cours.

-> Désactive provisoirement et seulement le temps de l'utilisation de ComboFix, la protection en temps réel de ton Antivirus et de tes Antispywares, qui peuvent géner fortement la procédure de recherche et de nettoyage de l'outil.

Une fois fait, sur ton bureau double-clic sur Combofix.exe.

- Répond oui au message d'avertissement, pour que le programme commence à procéder à l'analyse du pc.

/!\ Pendant la durée de cette étape, ne te sert pas du pc et n'ouvre aucun programmes.

- En fin de scan il est possible que ComboFix ait besoin de redemarrer le pc pour finaliser la désinfection\recherche, laisses-le faire.

- Un rapport s'ouvrira ensuite dans le bloc notes, ce fichier rapport Combofix.txt, est automatiquement sauvegardé et rangé à C:\Combofix.txt)

-> Réactive la protection en temps réel de ton Antivirus et de tes Antispywares, avant de te reconnecter à internet.

-> Reviens sur le forum, et copie et colle la totalité du contenu de C:\Combofix.txt dans ton prochain message.

-> Tutoriel https://www.bleepingcomputer.com/combofix/fr/comment-utiliser-combofix

0
Réponse 7 / 15
remi59492 Messages postés 18 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 19 avril 2009
3 août 2008 à 12:45
Voici le rapport,desolé pour le retard

ComboFix 08-08-01.05 - Administrateur 2008-08-03 12:07:34.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.629 [GMT 2:00]
Endroit: C:\Documents and Settings\Administrateur.TITANIUM\Mes documents\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\autorun.inf
C:\install\install.exe
C:\Temp\1cb
C:\Temp\1cb\syscheck.log
C:\WINDOWS\msettings.ini
C:\WINDOWS\system32\ajsxadca.ini
C:\WINDOWS\system32\bcbeg.ini
C:\WINDOWS\system32\bcbeg.ini2
C:\WINDOWS\system32\bKQBHkkj.ini
C:\WINDOWS\system32\bKQBHkkj.ini2
C:\WINDOWS\system32\eauqwgho.ini
C:\WINDOWS\system32\ensiljyp.ini
C:\WINDOWS\system32\exnvcump.ini
C:\WINDOWS\system32\ftgwaorr.ini
C:\WINDOWS\system32\GgMSDJjl.ini
C:\WINDOWS\system32\GgMSDJjl.ini2
C:\WINDOWS\system32\ghcaquad.ini
C:\WINDOWS\system32\ibltcxge.ini
C:\WINDOWS\system32\idurhwfo.ini
C:\WINDOWS\system32\jaiweerw.ini
C:\WINDOWS\system32\kuoqmxnr.ini
C:\WINDOWS\system32\lpommdad.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mjubesei.ini
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\naioslvs.ini
C:\WINDOWS\system32\nndmbpxg.ini
C:\WINDOWS\system32\nrybcnja.ini
C:\WINDOWS\system32\onhqehxs.ini
C:\WINDOWS\system32\OnnnTvut.ini
C:\WINDOWS\system32\OnnnTvut.ini2
C:\WINDOWS\system32\pgqvmcfo.ini
C:\WINDOWS\system32\pqdrmuah.ini
C:\WINDOWS\system32\pYyHgMoq.ini
C:\WINDOWS\system32\qcchyisc.ini
C:\WINDOWS\system32\rmkhbqiy.ini
C:\WINDOWS\system32\rrutv.ini
C:\WINDOWS\system32\rrutv.ini2
C:\WINDOWS\system32\ruwictrg.ini
C:\WINDOWS\system32\teuajseq.ini
C:\WINDOWS\system32\uicbogod.ini
C:\WINDOWS\system32\wl.exe
C:\WINDOWS\system32\xerprddi.ini
C:\WINDOWS\system32\xhdnekrk.ini
C:\WINDOWS\system32\xikmbiwg.ini
C:\WINDOWS\system32\xrocllql.ini
C:\WINDOWS\system32\csseqch.dll . . . . Echec de suppression

.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-07-03 to 2008-08-03 ))))))))))))))))))))))))))))))))))))
.

2008-08-02 10:35 . 2008-07-30 20:07 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-08-01 10:09 . 2008-08-03 12:26 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-08-01 10:09 . 2008-08-01 10:09 1,409 --a------ C:\WINDOWS\QTFont.for

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-03 10:28 --------- d-----w C:\Program Files\Wanadoo
2008-08-03 10:26 --------- d-----w C:\Program Files\Steam
2008-08-02 21:19 --------- d-----w C:\Documents and Settings\Administrateur.TITANIUM\Application Data\uTorrent
2008-08-02 19:26 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Google Updater
2008-08-02 08:38 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-08-01 20:18 --------- d-----w C:\Documents and Settings\Administrateur.TITANIUM\Application Data\teamspeak2
2008-07-30 18:07 17,144 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-07-30 16:16 35,296 ----a-w C:\WINDOWS\system32\drivers\Dvd43.sys
2008-06-27 16:35 --------- d-----w C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-06-27 15:35 --------- d-----w C:\Program Files\Spybot - Search & Destroy
2008-06-13 18:10 --------- d-----w C:\Program Files\Apple Software Update
2008-05-24 13:58 3,938 ----a-w C:\WINDOWS\system32\tmp.reg
2008-05-18 19:40 82,944 ----a-w C:\WINDOWS\system32\IEDFix.exe
2008-05-18 19:40 82,944 ----a-w C:\WINDOWS\system32\404Fix.exe
2008-05-15 21:22 86,528 ----a-w C:\WINDOWS\system32\VACFix.exe
2008-05-15 15:08 20,896 -c--a-w C:\Documents and Settings\Administrateur.TITANIUM\Application Data\GDIPFONTCACHEV1.DAT
.

------- Sigcheck -------

2004-08-18 13:22 359040 27a5959c94ee173a063ca06bd14f021a C:\WINDOWS\system32\drivers\tcpip.sys

2004-08-23 02:35 1036288 998f3f568f6074a35ab08cd3395a9dc2 C:\WINDOWS\explorer.exe
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{36142690-3B49-4126-96EC-DA81E8B2DE57}]
2008-03-05 20:27 98048 --a------ C:\WINDOWS\system32\csseqch.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe" [2005-09-03 15:18 94208]
"WOOKIT"="C:\PROGRA~1\Wanadoo\Shell.exe" [2004-08-23 15:50 122880]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 04:54 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-09-06 14:33 68856]
"Steam"="c:\program files\steam\steam.exe" [2008-04-05 14:37 1271032]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 11:34 5724184]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2008-01-28 11:43 2097488]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784]
"NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2005-11-09 10:38 69632]
"WireLessKeyboard"="C:\Program Files\Multimedia Keyboard Application\StartAutorun.exe" [2005-11-30 13:48 94208]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 18:41 45056]
"DVD43"="C:\PROGRA~1\DVD Region+CSS Free\DVDRegionFree.exe" [2006-05-27 07:44 370688]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 12:50 155648]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 15:49 20480]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 17:55 32768]
"lxcymon.exe"="C:\Program Files\Lexmark 3400 Series\lxcymon.exe" [2006-03-06 19:48 286720]
"EzPrint"="C:\Program Files\Lexmark 3400 Series\ezprint.exe" [2006-02-07 07:10 98304]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2006-02-02 10:11 290816]
"LXCYCATS"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll" [2006-02-24 13:54 65536]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 23:37 413696]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-03-30 10:36 267048]
"SoundMan"="SOUNDMAN.EXE" [2005-10-24 08:45 90112 C:\WINDOWS\soundman.exe]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"= "C:\PROGRA~1\DVD Region+CSS Free\DVDShell.dll" [2004-10-09 16:18 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"vidc.yv12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"OPTENET_FILTER"=2 (0x2)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Java\\j2re1.4.2_05\\bin\\javaw.exe"=
"C:\\Program Files\\emule0.47c-xtreme5.4\\emule.exe"=
"C:\\Program Files\\Nero\\Nero 7\\Nero ShowTime\\ShowTime.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\WINDOWS\\system32\\lxcycoms.exe"=
"C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Steam\\steam.exe"=
"C:\\Program Files\\SAGEM WiFi manager\\WLANUTL.EXE"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Steam\\SteamApps\\common\\red orchestra\\System\\RedOrchestra.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:@xpsp2res.dll,-22009
"135:TCP"= 135:TCP:TCP Port 135
"5000:TCP"= 5000:TCP:TCP Port 5000
"5001:TCP"= 5001:TCP:TCP Port 5001
"5002:TCP"= 5002:TCP:TCP Port 5002
"5003:TCP"= 5003:TCP:TCP Port 5003
"5004:TCP"= 5004:TCP:TCP Port 5004
"5005:TCP"= 5005:TCP:TCP Port 5005
"5006:TCP"= 5006:TCP:TCP Port 5006
"5007:TCP"= 5007:TCP:TCP Port 5007
"5008:TCP"= 5008:TCP:TCP Port 5008
"5009:TCP"= 5009:TCP:TCP Port 5009
"5010:TCP"= 5010:TCP:TCP Port 5010
"5011:TCP"= 5011:TCP:TCP Port 5011
"5012:TCP"= 5012:TCP:TCP Port 5012
"5013:TCP"= 5013:TCP:TCP Port 5013
"5014:TCP"= 5014:TCP:TCP Port 5014
"5015:TCP"= 5015:TCP:TCP Port 5015
"5016:TCP"= 5016:TCP:TCP Port 5016
"5017:TCP"= 5017:TCP:TCP Port 5017
"5018:TCP"= 5018:TCP:TCP Port 5018
"5019:TCP"= 5019:TCP:TCP Port 5019
"5020:TCP"= 5020:TCP:TCP Port 5020
"10523:TCP"= 10523:TCP:torrent

R0 rfhmmdtb;rfhmmdtb;C:\WINDOWS\system32\drivers\lxczpjco.dat []
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 16:35]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 16:37]
R3 Dvd43;Dvd43;C:\WINDOWS\system32\DRIVERS\Dvd43.sys [2008-07-30 18:16]
R3 lxcy_device;lxcy_device;C:\WINDOWS\system32\lxcycoms.exe [2006-02-20 21:23]
R3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2005-12-22 14:45]
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 23:58]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 03:08]
S3 PCASp50;PCASp50 NDIS Protocol Driver;C:\WINDOWS\system32\Drivers\PCASp50.sys [2004-10-25 15:40]
S3 RushTopDevice;RushTopDevice;C:\Program Files\MSI\Core Center\RushTop.sys [2005-12-20 18:10]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []
S4 OPTENET_FILTER;Control Parental;C:\Program Files\Controle Parental\bin\optproxy.exe [2006-03-02 18:10]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb873c31-90f0-11db-b574-806d6172696f}]
\Shell\AutoRun\command - D:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cb873c32-90f0-11db-b574-806d6172696f}]
\Shell\AutoRun\command - E:\autoplay.exe
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'

2008-07-10 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 17:57]
.
- - - - ORPHANS REMOVED - - - -

BHO-{004F1507-98D8-43D1-B121-C44FA3840180} - C:\WINDOWS\system32\ljJDSMgG.dll
BHO-{02A1C949-C74A-4612-8541-B2E42B446D73} - C:\WINDOWS\system32\gebcb.dll
BHO-{036F86CD-5D84-4B72-804B-2E0E6A23054A} - C:\WINDOWS\system32\tuvTnnnO.dll
BHO-{67FF30C1-C180-4459-96F2-7C809EA32AB0} - C:\WINDOWS\system32\jkkHBQKb.dll
BHO-{9EBF5ACA-E344-45D2-8B2C-7E3ADA8C834D} - C:\WINDOWS\system32\vturr.dll
HKCU-Run-MSI Configuration - msiconf.exe
HKLM-Run-autoclk - autoclk.exe
HKLM-Run-adiras - adiras.exe
Notify-nnnmlll - nnnmlll.dll


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Administrateur.TITANIUM\Application Data\Mozilla\Firefox\Profiles\unlbgh0y.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp://www.whynotsearchhere.com/start.php


**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-03 12:24:03
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet003\Services\rfhmmdtb]
"ImagePath"="system32\drivers\lxczpjco.dat"
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\Multimedia Keyboard Application\PS2USBKbdDrv.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.EXE
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-08-03 12:32:13 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-03 10:32:06

Pre-Run: 12,351,655,936 octets libres
Post-Run: 12,572,467,200 octets libres
et encore merci pour ton aide
0
Réponse 8 / 15
Utilisateur anonyme
3 août 2008 à 14:30
de rien


refais un scan hijakcthis et post le rapport stpp
0
Réponse 9 / 15
remi59492 Messages postés 18 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 19 avril 2009
3 août 2008 à 15:03
le voila

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:03, on 03/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Multimedia Keyboard Application\PS2USBKbdDrv.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\SAGEM WiFi manager\WLANUTL.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Steam\steam.exe
C:\Program Files\Crazy Browser\Crazy Browser.exe
C:\Program Files\uTorrent\utorrent.exe
C:\Documents and Settings\Administrateur.TITANIUM\Mes documents\Sanner.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O2 - BHO: (no name) - {36142690-3B49-4126-96EC-DA81E8B2DE57} - C:\WINDOWS\system32\csseqch.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Application\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DVD43] C:\PROGRA~1\DVD Region+CSS Free\DVDRegionFree.exe /hidden
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
0
Réponse 10 / 15
Utilisateur anonyme
3 août 2008 à 15:13
désactive le tea timer de spybot :

tuto désactiver le tea timer : http://www.safer-networking.org/fr/howto/disable.hs.html

Copie le texte ci-dessous :

File::
C:\WINDOWS\system32\drivers\lxczpjco.dat
C:\WINDOWS\system32\tmp.reg
C:\WINDOWS\system32\IEDFix.exe
C:\WINDOWS\system32\404Fix.exe
C:\WINDOWS\system32\VACFix.exe
C:\WINDOWS\system32\csseqch.dll

Registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{36142690-3B49-4126-96EC-DA81E8B2DE57}]

Driver::
rfhmmdtb



Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt

Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :

http://sd-1.archive-host.com/membres/up/1366464061/CFScript.gif

Cela va relancer Combofix,

Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.

Patiente le temps du scan.Le bureau va disparaître à plusieurs reprises: c'est normal!

Ne touche à rien tant que le scan n'est pas terminé.

Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.

S'il n'y a pas de rédémarrage, poste quand même les rapports.




0
Réponse 11 / 15
remi59492 Messages postés 18 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 19 avril 2009
3 août 2008 à 16:13
voila le rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:12, on 03/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Multimedia Keyboard Application\PS2USBKbdDrv.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\AlertModule.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Documents and Settings\Administrateur.TITANIUM\Mes documents\Sanner.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Application\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DVD43] C:\PROGRA~1\DVD Region+CSS Free\DVDRegionFree.exe /hidden
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O20 - Winlogon Notify: nnnmlll - C:\WINDOWS\
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
0
Réponse 12 / 15
Utilisateur anonyme
3 août 2008 à 16:22
désinstal java car pas a jours et telecharge et instal cette version :

https://sdlc-esd.oracle.com/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe?GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe&BHost=javadl.sun.com&File=jre-6u7-windows-i586-p-s.exe&AuthParam=1580978146_46494a57fbc0e7c89e79cfb72e28cd3a&ext=.exe


ensuite :


Fix.reg

Ouvre le bloc-notes (click droit sur le bureau > dans l´arborescence choisie nouveau et nouveau fichier texte) et fais un copier coller de ce qui est en citation ci-dessous (copie tout d'un trait-sans les barres(x)) :

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
REGEDIT4

[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\nnnmlll]

XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Note : Regedit4 est sur la premiere ligne dans le bloc note et il y a une ligne blanche a la fin.
Puis click sur "fichier"/"enregistrer sous" :
dans : sur le bureau
Nom du fichier : fix.reg
Type de fichier : "tous les fichiers"
clique sur "enregistrer"

ca doit ressembler a ca une fois enrregistré :

http://img520.imageshack.us/img520/4251/screenshot005ps2.png

double clique sur fix.reg => tu dois obligatoirement avoir un message "voulez-vous vraiment ajouter les informations contenues dans ce fichier .reg au registre ?"
Si c'est bien le cas, clique sur "oui"


ensuite refais un scan hijackthis et post le rapport stp
0
Réponse 13 / 15
remi59492 Messages postés 18 Date d'inscription samedi 2 août 2008 Statut Membre Dernière intervention 19 avril 2009
3 août 2008 à 16:38
et un rapport de plus

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:38, on 03/08/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Lexmark 3400 Series\lxcymon.exe
C:\Program Files\Lexmark 3400 Series\ezprint.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Multimedia Keyboard Application\PS2USBKbdDrv.exe
C:\WINDOWS\system32\lxcycoms.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\AlertModule.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Administrateur.TITANIUM\Mes documents\Sanner.exe.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
O4 - HKLM\..\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard Application\StartAutorun.exe PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [DVD43] C:\PROGRA~1\DVD Region+CSS Free\DVDRegionFree.exe /hidden
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [lxcymon.exe] "C:\Program Files\Lexmark 3400 Series\lxcymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 3400 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [LXCYCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCYtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\Microsoft Office\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Tout télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: Télécharger avec FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/...
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: lxcy_device - - C:\WINDOWS\system32\lxcycoms.exe
O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
0
Réponse 14 / 15
Utilisateur anonyme
3 août 2008 à 16:51
réouvre hijackthis
fais scan only
coches ces lignes :


R3 - URLSearchHook: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)
O3 - Toolbar: (no name) - {b69a9db4-d0a1-4722-b56b-f20757a29cdf} - (no file)

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by110fd.bay110.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupdate/v6/default.aspx



tu les coches et tu clic sur fix checked


ensuite désinstal adobe reader car pas a jours et telecharge et instal cette version :

http://ardownload.adobe.com/pub/adobe/reader/win/9.x/9.0/fra/AdbeRdr90_fr_FR.exe



ensuite :


-> Télécharge Ccleaner (n'installe pas la barre d'outil Yahoo):

https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

-> L´installer.

-> Une fois installé et lancé :

Dans la colonne de gauche, click sur :

->"registre" :

Coches toutes les cases sous"l´integrité du registre", puis click en bas sur "chercher des erreurs" une fois terminé, clic sur "reparer les erreurs", tu auras un message pour sauvegarder ta base de registre, tu click "oui" puis tu recommence jusqu'à ce qu'il ne trouve plus rien.

ps : les sauvegardes que tu auras faites, pourront etre supprimées ulterieurement si tout va bien.

->"nettoyeur"

quitte ton navigateur avant de le lancer, dans les propriétés du nettoyeur de l´onglet "windows" et "applications"décoche la derniere case (Avancé si elle est cochée) puis click sur "lancer le nettoyage" qunand il aura terminé le scan click en bas a droite sur "lancer le nettoyage" et accepte par oui.

-> Tutoriel en image :

https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php


ensuite :


Télecharge et instal AVG anti spyware:

http://www.commentcamarche.net/telecharger/telecharger 218 avg anti spyware


instal le et met le a jours

ensuite lance le scan et supprime

puis poste le rapport sur le forum stp

Tuto : https://kerio.probb.fr/t387-tuto-avg-anti-spyware-anti-spyware

Qu est ce que les cookies : https://kerio.probb.fr/t161-qu-est-ce-qu-un-cookie-tracking-cookie

ici un méchant cookie :http://accel12.mettre-put-idata.over-blog.com/0/20/00/95/cookies_de_l__enfer_004-1.jpg -;)


ensuite :


regarde ceci concernant avast :

antivir vs avast :

-> http://forum.malekal.com/ftopic3528.php


alors je te conseille de le desinstaller et d´installer antivir a la place

Telecharge et instales l'antivirus Antivir Personal Edition Classic :

->https://www.01net.com/telecharger/windows/Securite/antivirus-antitrojan/fiches/13198.html

tuto : http://www.swl1f.net/viewtopic.php?f=14&t=59

Pour désinstaller Avast telecharge cet outil

https://www.avast.com/fr-fr/uninstall-utility


ensuite tu n as pas de parefeu :


pare-feu gratuits




télécharger la version gratuite de Kerio
Kerio (parefeu)
https://www.clubic.com/telecharger-fiche11071-sunbelt-personal-firewall-ex-kerio.html
TUTO
https://kerio.probb.fr/
SITE de Kerio
https://kerio.probb.fr/

ou

ComodoFirewallPro 2.4 téléchargement
http://www.personalfirewall.comodo.com/
Tuto pour la 2.4
https://infomars.fr/forum/index.php?s=908072e48ff7cf0359366440cb26c93f&showtopic=389
Tuto pour la 2.4
http://www.nordicnature.net/tutorials/comodo/cf24wiz.htm
Attention la 3.0 est en anglais uniquement et est plus difficile a paramétrer
Tuto pour la 3.0
https://infomars.fr/forum/index.php?showtopic=1225

ou

OnlineArmor :
téléchargement:https://online-armor-free.fr.softonic.com/

tutoriels:https://forum.pcastuces.com/sujet.asp?f=25&s=35606
:https://www.malekal.com/tutorial-online-armor-free/



A lire :

https://www.commentcamarche.net/contents/992-firewall-pare-feu

puis un bonus :

spywareblaster :

http://www.brightfort.com/spywareblaster.html

c´est un resident, il suffit de le mettre a jour de temps en temps car la version gratuite ne le fait pas toute seul , une fois installé et mis a jour tu mets toutes les protections sur "enable"

tuto : https://www.malekal.com/tutorial-spywareblaster/


Pour completer spywareblaster rajoute spywareguard :

http://www.javacoolsoftware.net.nyud.net:8090/downloads/spywareguardsetup.exe


avis spywareblaster :

http://www.commentcamarche.net/telecharger/spyware blaster 226 avis opinions.php3#avis jalobservateur



avis spywareguard:

http://www.commentcamarche.net/telecharger/spywareguard 34055277 avis opinions.php3#avis jalobservateur


puis

pourquoi ne pas surfer avec firefox? = plus sur, tout en gardant ie 7.0 pour les mises a jour windows car impossible a effectuer sous firefox

http://www.mozilla-europe.org/fr/

plugins : ad block plus, no script ect...

https://www.hugedomains.com/domain_profile.cfm?d=geckozone&e=org


ensuite pour finir :


* pour supprimer les outils/fix utilisés :

Télécharge ToolsCleaner sur ton bureau.
-->
ftp://ftp.commentcamarche.com/download/ToolsCleaner2.exe
http://www.commentcamarche.net/telecharger/telecharger 34055291 toolscleaner
http://pc-system.fr/

# Clique sur Recherche et laisse le scan agir ...
# Clique sur Suppression pour finaliser.
# Tu peux, si tu le souhaites, te servir des Options facultatives.
# Clique sur Quitter pour obtenir le rapport.
# Poste le rapport (TCleaner.txt) qui se trouve à la racine de ton disque dur (C:\).

et fais ceci :


Désactive et réactive ta restauration system

Tuto xp : http://service1.symantec.com/support/inter/tsgeninfointl.Nsf/fr_docid/20020830101856924




0
Réponse 15 / 15
remi59492
3 août 2008 à 18:07
voila le rapport se AVG

VG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 18:05 03/08/2008

+ Résultat de l'analyse:



C:\Program Files\Firaxis Games\Sid Meier's Pirates!\piratestrn-064.exe.exe -> Hijacker.Small : Nettoyé.
C:\Documents and Settings\Administrateur.TITANIUM\Mes documents\SmitfraudFix.zip/SmitfraudFix/IEDFix.exe -> Trojan.Renos.vaoz : Nettoyé.
C:\Documents and Settings\Administrateur.TITANIUM\Mes documents\SmitfraudFix\SmitfraudFix\IEDFix.exe -> Trojan.Renos.vaoz : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\404Fix.exe.vir -> Trojan.Renos.vaoz : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\IEDFix.exe.vir -> Trojan.Renos.vaoz : Nettoyé.
C:\System Volume Information\_restore{A8D0A148-8123-4DE9-9B28-7E514161A4DF}\RP3\A0000176.exe -> Trojan.Renos.vaoz : Nettoyé.
C:\System Volume Information\_restore{A8D0A148-8123-4DE9-9B28-7E514161A4DF}\RP3\A0000177.exe -> Trojan.Renos.vaoz : Nettoyé.


Fin du rapport
0

Discussions similaires

Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
Menaces HackTool:Win32
LeMax5993 -
lisa4777 -

4 réponses
PUABundler:Win32/CandyOpen : dangereux ?
joubine -
bazfile -

2 réponses
Detection PUA: win32 Installcore
Nat -
bazfile -

13 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses