Aller au contenu

Charlie_Ness

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    7

  • Inscription

  • Dernière visite

Autres informations

  • Mes langues
    FR

Charlie_Ness's Achievements

Junior Member

Junior Member (3/12)

0

Réputation sur la communauté

  1. Charlie_Ness
    Bonjour Bruce Lee! Ben... justement c'est la lecture des résultats qui m'inquiète un peu : Mais tu me diras, que la suite est peut-être évidente, mais j'ai quand même un doute... ? ======================================= Sun Feb 25 01:04:48 2007 => Total Number of Virus(es) Found: 21 Sun Feb 25 01:04:48 2007 => Total Number of Disinfected Files: 0 Sun Feb 25 01:04:48 2007 => Total Number of Files Renamed: 17 Sun Feb 25 01:04:48 2007 => Total Number of Deleted Files: 1 ======================================= 21 virus trouvés et désinfectés : zéro (?) Est-ce à dire que la démarche à suivre est donc de suprimer tous les fichiers incriminés ? Quand aux fichiers renommés, tous ceux qui sont nommés "Renamed" sont toujours présents aux mêmes emplacements. (sans le dit fichier renommé...) Mais peut-etre est-il par la suite, placé ailleurs? Mille Merci d'avance pour ces éclaircissements ! Muchas Gracias Hombré !!!!!!!!
  2. Charlie_Ness
    Salut Bruce Lee ! ok c'est fait : Sat Feb 24 15:03:51 2007 => ********************************************************** Sat Feb 24 15:03:52 2007 => eScan AntiVirus Toolkit Utility. Sat Feb 24 15:03:52 2007 => Copyright © 2003-2004, MicroWorld Technologies Inc. Sat Feb 24 15:03:52 2007 => ********************************************************** Sat Feb 24 15:03:52 2007 => Version 4.4.7 Sat Feb 24 15:03:52 2007 => Log File: C:\KASPER~1\mwav.log Sat Feb 24 15:03:52 2007 => Latest Date of files inside MWAV: 23 Feb 2007 07:10:29. Sat Feb 24 15:03:54 2007 => AV Library Loaded... Sat Feb 24 15:03:54 2007 => Scanning File C:\KASPER~1\kavss.exe Sat Feb 24 15:03:54 2007 => Scanning File C:\KASPER~1\Getvlist.exe Sat Feb 24 15:03:54 2007 => Scanning File C:\KASPER~1\kavss.dll Sat Feb 24 15:03:54 2007 => Scanning File C:\KASPER~1\kavssdi.dll Sat Feb 24 15:03:54 2007 => Scanning File C:\KASPER~1\kavssi.dll Sat Feb 24 15:03:54 2007 => Scanning File C:\KASPER~1\kavvlg.dll Sat Feb 24 15:03:54 2007 => Scanning File C:\KASPER~1\msvlclnt.dll Sat Feb 24 15:03:54 2007 => Scanning File C:\KASPER~1\ipc.dll Sat Feb 24 15:03:54 2007 => Scanning File C:\KASPER~1\main.avi Sat Feb 24 15:03:54 2007 => Scanning File C:\KASPER~1\virus.avi Sat Feb 24 15:03:55 2007 => Virus Database Date: 2007/02/23 Sat Feb 24 15:03:55 2007 => Virus Database Count: 272614 Sat Feb 24 15:04:07 2007 => AV Library Unloaded (3)... Sat Feb 24 15:56:49 2007 => ********************************************************** Sat Feb 24 15:56:49 2007 => eScan AntiVirus Toolkit Utility. Sat Feb 24 15:56:49 2007 => Copyright © 2003-2004, MicroWorld Technologies Inc. Sat Feb 24 15:56:49 2007 => ********************************************************** Sat Feb 24 15:56:49 2007 => Version 4.4.7 Sat Feb 24 15:56:49 2007 => Log File: C:\KASPER~1\mwav.log Sat Feb 24 15:56:52 2007 => Latest Date of files inside MWAV: 23 Feb 2007 07:10:29. Sat Feb 24 15:56:58 2007 => AV Library Loaded... Sat Feb 24 15:56:59 2007 => Scanning File C:\KASPER~1\kavss.exe Sat Feb 24 15:56:59 2007 => Scanning File C:\KASPER~1\Getvlist.exe Sat Feb 24 15:56:59 2007 => Scanning File C:\KASPER~1\kavss.dll Sat Feb 24 15:56:59 2007 => Scanning File C:\KASPER~1\kavssdi.dll Sat Feb 24 15:56:59 2007 => Scanning File C:\KASPER~1\kavssi.dll Sat Feb 24 15:56:59 2007 => Scanning File C:\KASPER~1\kavvlg.dll Sat Feb 24 15:56:59 2007 => Scanning File C:\KASPER~1\msvlclnt.dll Sat Feb 24 15:56:59 2007 => Scanning File C:\KASPER~1\ipc.dll Sat Feb 24 15:56:59 2007 => Scanning File C:\KASPER~1\main.avi Sat Feb 24 15:56:59 2007 => Scanning File C:\KASPER~1\virus.avi Sat Feb 24 15:56:59 2007 => Virus Database Date: 2007/02/23 Sat Feb 24 15:56:59 2007 => Virus Database Count: 272614 Sat Feb 24 15:57:50 2007 => ********************************************************** Sat Feb 24 15:57:50 2007 => eScan AntiVirus Toolkit Utility. Sat Feb 24 15:57:50 2007 => Copyright © 2003-2004, MicroWorld Technologies Inc. Sat Feb 24 15:57:50 2007 => Sat Feb 24 15:57:50 2007 => Support: [email protected] Sat Feb 24 15:57:50 2007 => Web: http://www.mwti.net Sat Feb 24 15:57:50 2007 => ********************************************************** Sat Feb 24 15:57:50 2007 => Version 4.4.7 Sat Feb 24 15:57:50 2007 => Log File: C:\KASPER~1\mwav.log Sat Feb 24 15:57:50 2007 => Latest Date of files inside MWAV: 23 Feb 2007 07:10:29. Sat Feb 24 15:57:50 2007 => Options Selected by User: Sat Feb 24 15:57:50 2007 => Memory Check: Enabled Sat Feb 24 15:57:50 2007 => Registry Check: Enabled Sat Feb 24 15:57:50 2007 => StartUp Folder Check: Enabled Sat Feb 24 15:57:50 2007 => System Folder Check: Enabled Sat Feb 24 15:57:50 2007 => System Area Check: Disabled Sat Feb 24 15:57:50 2007 => Services Check: Enabled Sat Feb 24 15:57:50 2007 => Drive Check: Disabled Sat Feb 24 15:57:50 2007 => All Drive Check :Enabled Sat Feb 24 15:57:50 2007 => Scanning Type: Scan And Clean Sat Feb 24 15:57:50 2007 => Folder Check: Disabled Sat Feb 24 15:57:51 2007 => ***** Scanning Registry Files ***** [ ... ] Sun Feb 25 01:04:48 2007 => ***** Scanning complete. ***** Sun Feb 25 01:04:48 2007 => Total Number of Files Scanned: 365299 Sun Feb 25 01:04:48 2007 => Total Number of Virus(es) Found: 21 Sun Feb 25 01:04:48 2007 => Total Number of Disinfected Files: 0 Sun Feb 25 01:04:48 2007 => Total Number of Files Renamed: 17 Sun Feb 25 01:04:48 2007 => Total Number of Deleted Files: 1 Sun Feb 25 01:04:48 2007 => Total Number of Errors: 58 Sun Feb 25 01:04:48 2007 => Time Elapsed: 04:28:18 Sun Feb 25 01:04:48 2007 => Virus Database Date: 2007/02/23 Sun Feb 25 01:04:48 2007 => Virus Database Count: 272614 Sun Feb 25 01:04:48 2007 => Scan Completed. Sun Feb 25 01:23:34 2007 => Virus Database Date: 2007/02/23 Sun Feb 25 01:23:34 2007 => Virus Database Count: 272614 Sun Feb 25 01:24:38 2007 => AV Library Unloaded (3)... ***** Virus trouvés ***** File C:\Documents and Settings\Charly\Favoris\Références\fonts\kers Design Web Site___Design Font (????·????) ¦ Maniackers Design Web Site___Design Font (????·????) ¦ Maniac.url infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\Documents and Settings\Charly\Favoris\Références\Nippon\??????? DESIO.url infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\Program Files\ESET\infected\41XO31DA.NQF tagged as not-a-virus:AdWare.Win32.Agent.at. No Action Taken. File C:\System Volume Information\_restore{8C6A8BEC-3180-4F5B-BFC7-F003AF0BFC77}\RP300\A0118012.exe infected by "Backdoor.Win32.HacDef.bo" Virus. Action Taken: File Renamed. File C:\System Volume Information\_restore{8C6A8BEC-3180-4F5B-BFC7-F003AF0BFC77}\RP300\A0118014.exe infected by "Backdoor.Win32.HacDef.bo" Virus. Action Taken: File Renamed. File C:\VundoFix Backups\yudvqemx.dll.bad infected by "Trojan.Win32.BHO.g" Virus. Action Taken: File Deleted. File C:\WINDOWS\FlyakiteOSX\Tools\wfpdisable.exe tagged as not-a-virus:RiskTool.Win32.WFPDisabler.a. No Action Taken. File F:\Bench-web\Galaxy_M21\www.asahi-net.or.jp\?????(???)-0421updated.htm infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Bench-web\Galaxy_M21\????=?????????.htm infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Musiques Partagées\Amadou & Mariam\Amadou et Mariam - Dimanche a` Bamako - 12 - Taxi Bamako.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Musiques Partagées\Bernard Lavillier\Bernard Lavilliers - 03 - L'e´te´.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Musiques Partagées\Purebrazil2 Maracatu Ato^mico.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Musiques Partagées\Purebrazil4 Flor de Maracuja´.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Musiques Partagées\Purebrazil6 Re´u Confesso.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Musiques Partagées\Purebrazil9 E´ Isso Ai´.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Musiques Partagées\Purebrazil\10 Os Alquimistas Esta~o Chegando Os Alquimistas.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Musiques Partagées\Purebrazil\11 A Beleza E´ Voce^, Menina.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Musiques Partagées\Purebrazil\12 Nega de Obaluae^.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Musiques Partagées\Purebrazil\13 Mane´ Joa~o.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\Musiques Partagées\Purebrazil\20 Balanc¸a Pema.mp3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File F:\System Volume Information\_restore{8C6A8BEC-3180-4F5B-BFC7-F003AF0BFC77}\RP300\A0118022.exe tagged as not-a-virus:AdWare.Win32.NewDotNet.d. No Action Taken.
  3. Charlie_Ness
    Salut Bruce Lee ! ^^ Le résultat n'est pas jolie jolie... Essentiellement du à des back-up mail spam inclu...y'a pas de doute ( Je les supprime? ou je peux encore les nettoyer? Saturday, February 24, 2007 1:14:39 AM Système d'exploitation : Microsoft Windows XP Professional, Service Pack 2 (Build 2600) Kaspersky On-line Scanner version : 5.0.83.0 Dernière mise à jour de la base antivirus Kaspersky : 23/02/2007 Enregistrements dans la base antivirus Kaspersky : 272752 Paramètres d'analyse Analyser avec la base antivirus suivante étendue Analyser les archives vrai Analyser les bases de messagerie vrai Cible de l'analyse Poste de travail C:\ D:\ E:\ F:\ Statistiques de l'analyse Total d'objets analysés 361066 Nombre de virus trouvés 25 Nombre d'objets infectés 116 / 0 Nombre d'objets suspects 1 Durée de l'analyse 04:29:48 Nom de l'objet infecté Nom du virus Dernière action C:\Program Files\ESET\infected\41XO31DA.NQF Infecté : not-a-virus:AdWare.Win32.Agent.at ignoré C:\Program Files\ESET\infected\AFLPAWCA.NQF Infecté : Email-Worm.Win32.Zhelatin.u ignoré C:\Program Files\ESET\infected\JZHMMJBA.NQF Infecté : Trojan.Win32.BHO.g ignoré C:\Program Files\ESET\infected\O3LEBNAA.NQF Infecté : Trojan-Spy.Win32.VBStat.j ignoré C:\Program Files\ESET\infected\OB2YF1BA.NQF Infecté : Trojan.Win32.BHO.g ignoré C:\Program Files\ESET\infected\RFC1JQDA.NQF Infecté : Trojan.Win32.BHO.g ignoré C:\Program Files\ESET\infected\UFWJISAA.NQF Infecté : Trojan-Spy.Win32.VBStat.j ignoré C:\Program Files\ESET\infected\VR0BVFBA.NQF Infecté : Trojan.Win32.BHO.g ignoré C:\Program Files\ESET\infected\YK1CJ1AA.NQF Infecté : Email-Worm.Win32.Zhelatin.o ignoré C:\Program Files\ESET\logs\virlog.dat L'objet est verrouillé ignoré C:\Program Files\ESET\logs\warnlog.dat L'objet est verrouillé ignoré C:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré C:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx L'objet est verrouillé ignoré C:\WINDOWS\$NtUninstallQ828026$\wmpcore.dll L'objet est verrouillé ignoré C:\WINDOWS\Debug\PASSWD.LOG L'objet est verrouillé ignoré C:\WINDOWS\FlyakiteOSX\Tools\wfpdisable.exe Infecté : not-a-virus:RiskTool.Win32.WFPDisabler.a ignoré C:\WINDOWS\SchedLgU.Txt L'objet est verrouillé ignoré C:\WINOWS\SoftwareDistribution\ReportingEvents.log L'objet est verrouillé ignoré C:\WINDOWS\Sti_Trace.log L'objet est verrouillé ignoré C:\WINDOWS\system32\config\AppEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default L'objet est verrouillé ignoré C:\WINDOWS\system32\config\default.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\Internet.evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SAM.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SecEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SECURITY.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software L'objet est verrouillé ignoré C:\WINDOWS\system32\config\software.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\config\SysEvent.Evt L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system L'objet est verrouillé ignoré C:\WINDOWS\system32\config\system.LOG L'objet est verrouillé ignoré C:\WINDOWS\system32\h323log.txt L'objet est verrouillé ignoré C:\WINDOWS\system32\irsinst.exe/data0006 Infecté : Backdoor.Win32.HacDef.bo ignoré C:\WINDOWS\system32\irsinst.exe NSIS: infecté - 1 ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA L'objet est verrouillé ignoré C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP L'objet est verrouillé ignoré C:\WINDOWS\wiadebug.log L'objet est verrouillé ignoré C:\WINDOWS\wiaservc.log L'objet est verrouillé ignoré C:\WINDOWS\WindowsUpdate.log L'objet est verrouillé ignoré F:\Exchange\charles_1.pst/.. Infecté : Net-Worm.Win32.Nimda ignoré F:\Exchange\charles_1.pst/.. Infecté : Net-Worm.Win32.Nimda ignoré F:\Exchange\charles_1.pst Mail MS Mail: infecté - 2 ignoré F:\Exchange\I-CHAPA.PST/Personal Folders/.. Infecté : Email-Worm.Win32.Mimail.txt ignoré F:\Exchange\I-CHAPA.PST/Personal Folders/.. Suspect : Exploit.HTML.Iframe.FileDownload ignoré F:\Exchange\I-CHAPA.PST Mail MS Mail: infecté - 1, suspect - 1 ignoré F:\Software\FlyakiteOSX\FlyakiteOSX v3.5.exe/stream/data0023 Infecté : not-a-virus:RiskTool.Win32.WFPDisabler.a ignoré F:\Software\FlyakiteOSX\FlyakiteOSX v3.5.exe/stream Infecté : not-a-virus:RiskTool.Win32.WFPDisabler.a ignoré F:\Softwae\FlyakiteOSX\FlyakiteOSX v3.5.exe NSIS: infecté - 2 ignoré F:\Software\imesh\iMeshV4.exe/WISE0018.BIN Infecté : not-a-virus:AdWare.Win32.NewDotNet.d ignoré F:\Software\imesh\iMeshV4.exe/WISE0019.BIN Infecté : not-a-virus:AdWare.Win32.Gator.4104 ignoré F:\Software\imesh\iMeshV4.exe/WISE0020.BIN/data0008/lsp_.dll Infecté : not-a-virus:AdWare.Win32.Sahat.av ignoré F:\Software\imesh\iMeshV4.exe/WISE0020.BIN/data0008/SAHAgent_.exe Infecté : not-a-virus:AdWare.Win32.Sahat.bb ignoré F:\Software\imesh\iMeshV4.exe/WISE0020.BIN/data0008/SAHDownloader_.exe Infecté : not-a-virus:AdWare.Win32.Sahat.e ignoré F:\Software\imesh\iMeshV4.exe/WISE0020.BIN/data0008 Infecté : not-a-virus:AdWare.Win32.Sahat.e ignoré F:\Software\imesh\iMeshV4.exe/WISE0020.BIN Infecté : not-a-virus:AdWare.Win32.Sahat.e ignoré F:\Software\imesh\iMeshV4.exe/WISE0023.BIN Infecté : not-a-virus:AdWare.Win32.MyWay.j ignoré F:\Software\imesh\iMeshV4.exe/WISE0024.BIN Infecté : not-a-virus:AdWare.Win32.Gator.4104 ignoré F:\Software\imesh\iMeshV4.exe WiseSFX: infecté - 9 ignoré F:\System Volume Information\MountPointManagerRemoteDatabase L'objet est verrouillé ignoré F:\.. Infecté : Email-Worm.Win32.Zhelatin.d ignoré F:\..Infecté : Email-Worm.Win32.Zhelatin.d ignoré F:\.. Infecté : Email-Worm.Win32.Zhelatin.d ignoré F:\.. Infecté : Email-Worm.Win32.Zhelatin.d ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.d ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gzInfecté : Email-Worm.Win32.Zhelatin.d ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz.. Infecté : Email-Worm.Win32.Banwarum.l ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\.. Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Zhelatin.h ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.gj ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.gj ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.gj ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.fb ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.fb ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.fb ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.fb ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.fb ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.fb ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.fb ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Worm.Win32.Feebs.gen ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.do ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.do ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Trojan-Downloader.Win32.Small.edn ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Trojan-Downloader.Win32.Small.edn ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Trojan-Downloader.Win32.Small.edn ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Trojan-Downloader.Win32.Small.edn ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Trojan-Downloader.Win32.Small.edn ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Trojan-Downloader.Win32.Small.edn ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Trojan-Downloader.Win32.Small.edn ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Trojan-Downloader.Win32.Small.edn ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gzInfecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.ev ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.gj ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.gj ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.gj ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.fb ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.fb ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.fb ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.do ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.do ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz Infecté : Email-Worm.Win32.Warezov.do ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gzInfecté : Email-Worm.Win32.Warezov.do ignoré F:\..\backup-2.6.2007_00-37-38_.tar.gz GZIP: infecté - 85 ignoré Analyse terminée.
  4. Charlie_Ness
    OOuups... voilà mon nouveau rapport de Hijackthis! Logfile of HijackThis v1.99.1 Scan saved at 16:32:04, on 16/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\S24EvMon.exe C:\Program Files\DigitalPersona\Bin\DPWinLct.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\DigitalPersona\Bin\DpHost.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\DigitalPersona\Bin\DPAgnt.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Eset\nod32kui.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\twain_32\c5twain\ScanTo.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\NEC-Mitsubishi\Brightness Controller\BrightnessController.exe C:\Program Files\Flock\flock\flock.exe C:\Program Files\Scansoft\PaperPort\pptd40nt.exe C:\DOCUME~1\Charly\LOCALS~1\Temp\MSID896.tmp C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Program Files\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [DPAgnt] C:\Program Files\DigitalPersona\Bin\DPAgnt.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [system Files Updater] C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe /S O4 - HKLM\..\Run: [scanTo] C:\WINDOWS\twain_32\c5twain\ScanTo.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\Scansoft\PaperPort\pptd40nt.exe O4 - HKLM\..\Run: [indexSearch] C:\Program Files\Scansoft\PaperPort\IndexSearch.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Adobe Gamma.lnk.disabled O4 - Startup: Brightness Controller.lnk = C:\Program Files\NEC-Mitsubishi\Brightness Controller\BrightnessController.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: XSLmaker: Make and View XML Web pages - {4C6EF9D8-A3D9-412b-811B-79A968BB3369} - C:\Documents and Settings\All Users\Documents\XslMaker\awareness\bin500\internetXslMaker.exe O9 - Extra 'Tools' menuitem: &XSLmaker: Make and View XML Web pages - {4C6EF9D8-A3D9-412b-811B-79A968BB3369} - C:\Documents and Settings\All Users\Documents\XslMaker\awareness\bin500\internetXslMaker.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://E:\content\include\XPPatchInstaller.CAB O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://pestpatrol.com/pestscan/pestscan.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1120743948250 O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab O16 - DPF: {87BF5318-D5F0-41F4-9D14-47967FA8C12B} - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://creator.amenworld.com/app/static/activex/msxml4.cab O16 - DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} (MSSecurityAdvisorCD Class) - file://E:\Content\include\msSecUcd.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: DPWLN - C:\WINDOWS\system32\DPWLEvHd.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AdapterSwitchService - Intel ® Corporation - C:\Program Files\Intel\AdapterSwitching\AdapterSwitchService.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Windows XP FUS Manager (DPFUSMgr) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe et pour l'executable : File: SGMF__MC.EXE Status: OK (Note: this file has been scanned before. Therefore, this file's scan results will not be stored in the database) MD5 b0cc46d35b1eb35b245a16c38694b59d Scanner results Scan taken on 16 Feb 2007 16:42:02 (GMT) ... Found nothing et voilà ! Merci à toi
  5. Charlie_Ness
    Merci Bruce Lee pour tes conseils; mon retour vers toi fut assez long... (qq problèmes comme le fait de redémarer en mode sans échec: mon clavier et souris sont en bluetooth, donc plus de driver ! mais j'ai enfin réussi à trouver une souris/clavier avec une entrée classique... Bref... Ci dessous les rapports de AVG & HijackThis: Logfile of HijackThis v1.99.1 Scan saved at 20:35:25, on 04/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\S24EvMon.exe C:\Program Files\DigitalPersona\Bin\DPWinLct.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\DigitalPersona\Bin\DpHost.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\DigitalPersona\Bin\DPAgnt.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Eset\nod32kui.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\NEC-Mitsubishi\Brightness Controller\BrightnessController.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {68D5CF1D-EC5C-4bdd-A9EF-F0E517565D50} - C:\WINDOWS\system32\yudvqemx.dll (file missing) O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {85035216-269E-4BF9-95F0-3AF66469A125} - C:\WINDOWS\java\classes\ndss.dll (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll O3 - Toolbar: (no name) - {A4246795-7981-42c9-966F-B83B706481E4} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - (no file) O3 - Toolbar: (no name) - {3FC3B053-3708-4F55-88B2-F40405F7930C} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [DPAgnt] C:\Program Files\DigitalPersona\Bin\DPAgnt.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Brightness Controller.lnk = C:\Program Files\NEC-Mitsubishi\Brightness Controller\BrightnessController.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: XSLmaker: Make and View XML Web pages - {4C6EF9D8-A3D9-412b-811B-79A968BB3369} - C:\Documents and Settings\All Users\Documents\XslMaker\awareness\bin500\internetXslMaker.exe O9 - Extra 'Tools' menuitem: &XSLmaker: Make and View XML Web pages - {4C6EF9D8-A3D9-412b-811B-79A968BB3369} - C:\Documents and Settings\All Users\Documents\XslMaker\awareness\bin500\internetXslMaker.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://E:\content\include\XPPatchInstaller.CAB O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://pestpatrol.com/pestscan/pestscan.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1120743948250 O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab O16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} (MrSIDI Control) - http://data6.archives.ca/mrsidi_cab/MrSIDI.cab O16 - DPF: {87BF5318-D5F0-41F4-9D14-47967FA8C12B} - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://creator.amenworld.com/app/static/activex/msxml4.cab O16 - DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} (MSSecurityAdvisorCD Class) - file://E:\Content\include\msSecUcd.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: DPWLN - C:\WINDOWS\system32\DPWLEvHd.dll O20 - Winlogon Notify: ndss - C:\WINDOWS\java\classes\ndss.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: winjks32 - winjks32.dll (file missing) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AdapterSwitchService - Intel ® Corporation - C:\Program Files\Intel\AdapterSwitching\AdapterSwitchService.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Windows XP FUS Manager (DPFUSMgr) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe --------------------------------------------------------- AVG Anti-Spyware - Rapport d'analyse --------------------------------------------------------- + Créé à: 17:06:09 11/02/2007 + Résultat de l'analyse: C:\WINDOWS\system32\unirimon.exe.tmp -> Hijacker.Pamia.b : Nettoyé. C:\System Volume Information\_restore{8C6A8BEC-3180-4F5B-BFC7-F003AF0BFC77}\RP246\A0098909.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Nettoyé. C:\System Volume Information\_restore{8C6A8BEC-3180-4F5B-BFC7-F003AF0BFC77}\RP246\A0098910.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : Nettoyé. C:\System Volume Information\_restore{8C6A8BEC-3180-4F5B-BFC7-F003AF0BFC77}\RP246\A0098903.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé. C:\System Volume Information\_restore{8C6A8BEC-3180-4F5B-BFC7-F003AF0BFC77}\RP246\A0098904.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé. C:\System Volume Information\_restore{8C6A8BEC-3180-4F5B-BFC7-F003AF0BFC77}\RP246\A0098905.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé. C:\System Volume Information\_restore{8C6A8BEC-3180-4F5B-BFC7-F003AF0BFC77}\RP246\A0098906.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé. C:\System Volume Information\_restore{8C6A8BEC-3180-4F5B-BFC7-F003AF0BFC77}\RP246\A0098907.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé. C:\System Volume Information\_restore{8C6A8BEC-3180-4F5B-BFC7-F003AF0BFC77}\RP246\A0098908.exe -> Not-A-Virus.Downloader.Win32.WinFixer.r : Nettoyé. :mozilla.245:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé. :mozilla.188:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.189:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.190:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.191:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.192:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.193:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.221:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.454:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé. :mozilla.389:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.390:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé. :mozilla.322:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.323:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé. :mozilla.497:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé. :mozilla.206:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé. :mozilla.109:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé. :mozilla.56:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé. :mozilla.47:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé. :mozilla.52:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé. :mozilla.53:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé. :mozilla.54:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé. :mozilla.194:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Com : Nettoyé. :mozilla.336:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.337:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.338:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé. :mozilla.111:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé. :mozilla.300:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Enhance : Nettoyé. :mozilla.301:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Enhance : Nettoyé. :mozilla.393:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Estat : Nettoyé. :mozilla.279:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Etracker : Nettoyé. :mozilla.249:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.250:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.251:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.252:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé. :mozilla.384:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé. :mozilla.466:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé. :mozilla.467:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé. :mozilla.498:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Hitslink : Nettoyé. :mozilla.484:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Information : Nettoyé. :mozilla.106:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé. :mozilla.351:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Nettoyé. :mozilla.152:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. :mozilla.423:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Overture : Nettoyé. :mozilla.204:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé. :mozilla.205:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé. :mozilla.483:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé. :mozilla.178:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.179:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.180:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.181:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.182:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.183:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé. :mozilla.361:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé. :mozilla.40:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.43:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.44:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé. :mozilla.81:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.82:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.83:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.84:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.85:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.86:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.87:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.88:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.89:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé. :mozilla.238:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.239:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.240:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.241:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé. :mozilla.479:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé. :mozilla.120:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.121:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.122:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé. C:\Documents and Settings\Charly\Cookies\charly@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé. :mozilla.379:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.380:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé. :mozilla.513:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé. :mozilla.514:C:\Documents and Settings\Charly\Application Data\Flock\Browser\Profiles\fydnetea.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé. Fin du rapport ======================== Aussi J'ai remarqué un .exe surprenant qui tourne sur mon PC: SGMF_MC.EXE j'ai tout de suite fait une recherche sur google et ils le présentaient alors comme une infection; maintenant plus aucun article ne sort avec cette requette (?) Voilà ! Encore Merci à toi BL Tchusss, Charlie
  6. Charlie_Ness
    Salut Bruce Lee !!! ...et tout d'abord un grand MERCI de m'accorder ton temps si précieux: You ROCK ! Les résultats : ================================================ VundoFix: C:\WINDOWS\java\classes\ndss.dll C:\WINDOWS\system32\owdnnyku.dll C:\WINDOWS\system32\yudvqemx.dll Beginning removal... Performing Repairs to the registry. Done! ================================================ Logfile of HijackThis v1.99.1 Scan saved at 20:35:25, on 04/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\S24EvMon.exe C:\Program Files\DigitalPersona\Bin\DPWinLct.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\DigitalPersona\Bin\DpHost.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\DigitalPersona\Bin\DPAgnt.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Eset\nod32kui.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Program Files\NEC-Mitsubishi\Brightness Controller\BrightnessController.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Program Files\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0 \ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {68D5CF1D-EC5C-4bdd-A9EF-F0E517565D50} - C:\WINDOWS\system32\yudvqemx.dll (file missing) O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {85035216-269E-4BF9-95F0-3AF66469A125} - C:\WINDOWS\java\classes\ndss.dll (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll O3 - Toolbar: (no name) - {A4246795-7981-42c9-966F-B83B706481E4} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - (no file) O3 - Toolbar: (no name) - {3FC3B053-3708-4F55-88B2-F40405F7930C} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [DPAgnt] C:\Program Files\DigitalPersona\Bin\DPAgnt.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Brightness Controller.lnk = C:\Program Files\NEC-Mitsubishi\Brightness Controller\BrightnessController.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0 \bin\npjpi160.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: XSLmaker: Make and View XML Web pages - {4C6EF9D8-A3D9-412b-811B-79A968BB3369} - C:\Documents and Settings\All Users\Documents\XslMaker\awareness\bin500\internetXslMaker.exe O9 - Extra 'Tools' menuitem: &XSLmaker: Make and View XML Web pages - {4C6EF9D8-A3D9-412b-811B-79A968BB3369} - C:\Documents and Settings\All Users\Documents\XslMaker\awareness\bin500\internetXslMaker.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://E:\content\include\XPPatchInstaller.CAB O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://pestpatrol.com/pestscan/pestscan.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1120743948250 O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor/virusinfo/webscan.cab O16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} (MrSIDI Control) - http://data6.archives.ca/mrsidi_cab/MrSIDI.cab O16 - DPF: {87BF5318-D5F0-41F4-9D14-47967FA8C12B} - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://creator.amenworld.com/app/static/activex/msxml4.cab O16 - DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} (MSSecurityAdvisorCD Class) - file://E:\Content\include\msSecUcd.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: DPWLN - C:\WINDOWS\system32\DPWLEvHd.dll O20 - Winlogon Notify: ndss - C:\WINDOWS\java\classes\ndss.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: winjks32 - winjks32.dll (file missing) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AdapterSwitchService - Intel ® Corporation - C:\Program Files\Intel\AdapterSwitching\AdapterSwitchService.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Windows XP FUS Manager (DPFUSMgr) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe ================================================
  7. Charlie_Ness
    Salut à tous ! Mon PC est infecté par plusieurs spy et autres saloperies... J'ai pourtant NOD32/ AVG Anti-Spyware 7.5/ Spybot - Search & Destroy/ Lavasoft Ad-Aware SE Personal/... rien n'y fait, je n'arrive pas a me débarraser de ces P.... de spy... Qq'un pourrait-il m'aider s'il vous plait? Je place ci-dessous mon analyse de Hijack (que j'ai renommé préalablement en Scanner_Hijack.exe) =============================== Logfile of HijackThis v1.99.1 Scan saved at 17:39:13, on 04/02/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\S24EvMon.exe C:\Program Files\DigitalPersona\Bin\DPWinLct.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\DigitalPersona\Bin\DpHost.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\Program Files\Eset\nod32krn.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\DigitalPersona\Bin\DPAgnt.exe C:\Program Files\Java\jre1.6.0\bin\jusched.exe C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE C:\Program Files\Eset\nod32kui.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\NEC-Mitsubishi\Brightness Controller\BrightnessController.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Flock\flock\flock.exe C:\Program Files\iTunes\iTunes.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\HijackThis\Scanner_Hijack.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {68D5CF1D-EC5C-4bdd-A9EF-F0E517565D50} - C:\WINDOWS\system32\yudvqemx.dll (file missing) O2 - BHO: Google Web Accelerator Helper - {69A87B7D-DE56-4136-9655-716BA50C19C7} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll O2 - BHO: (no name) - {85035216-269E-4BF9-95F0-3AF66469A125} - C:\WINDOWS\java\classes\ndss.dll (file missing) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: Google Web Accelerator - {DB87BFA2-A2E3-451E-8E5A-C89982D87CBF} - C:\Program Files\Google\Web Accelerator\GoogleWebAccToolbar.dll O3 - Toolbar: (no name) - {A4246795-7981-42c9-966F-B83B706481E4} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: (no name) - {71AAABE5-1F0F-11d7-BD6F-004854603DCE} - (no file) O3 - Toolbar: (no name) - {3FC3B053-3708-4F55-88B2-F40405F7930C} - (no file) O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [intelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [DPAgnt] C:\Program Files\DigitalPersona\Bin\DPAgnt.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe" O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Fichiers communs\Logitech\QCDriver\LVCOMS.EXE O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Startup: Brightness Controller.lnk = C:\Program Files\NEC-Mitsubishi\Brightness Controller\BrightnessController.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O8 - Extra context menu item: Tout télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Télécharger en utilisant FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll O9 - Extra button: XSLmaker: Make and View XML Web pages - {4C6EF9D8-A3D9-412b-811B-79A968BB3369} - C:\Documents and Settings\All Users\Documents\XslMaker\awareness\bin500\internetXslMaker.exe O9 - Extra 'Tools' menuitem: &XSLmaker: Make and View XML Web pages - {4C6EF9D8-A3D9-412b-811B-79A968BB3369} - C:\Documents and Settings\All Users\Documents\XslMaker\awareness\bin500\internetXslMaker.exe O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Logiciel Bluetooth\btsendto_ie.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Fichiers communs\SourceTec\SWF Catcher\InternetExplorer.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab O16 - DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} (asusTek_sysctrl Class) - http://support.asus.com/common/asusTek_sys_ctrl.cab O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://webscanner.kaspersky.fr/kavwebscan_unicode.cab O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6 [...] vSniff.cab O16 - DPF: {3AF4DACE-36ED-42EF-9DFC-ADC34DA30CFF} (PatchInstaller.Installer) - file://E:\content\include\XPPatchInstaller.CAB O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab O16 - DPF: {56393399-041A-4650-94C7-13DFCB1F4665} (PSFormX Control) - http://pestpatrol.com/pestscan/pestscan.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6 [...] /cabsa.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/micros [...] 0743948250 O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/securityadvisor [...] ebscan.cab O16 - DPF: {861DB4B6-3838-11D2-8E50-002018200E57} (MrSIDI Control) - http://data6.archives.ca/mrsidi_cab/MrSIDI.cab O16 - DPF: {87BF5318-D5F0-41F4-9D14-47967FA8C12B} - http://www.ipix.com/viewers/ipixx.cab O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - http://creator.amenworld.com/app/s [...] msxml4.cab O16 - DPF: {8B1BC605-C593-4865-8F5B-05517F0CD0BB} (MSSecurityAdvisorCD Class) - file://E:\Content\include\msSecUcd.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activ [...] asinst.cab O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: DPWLN - C:\WINDOWS\system32\DPWLEvHd.dll O20 - Winlogon Notify: ndss - C:\WINDOWS\java\classes\ndss.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: winjks32 - winjks32.dll (file missing) O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: AdapterSwitchService - Intel ® Corporation - C:\Program Files\Intel\AdapterSwitching\AdapterSwitchService.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Logiciel Bluetooth\bin\btwdins.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: Windows XP FUS Manager (DPFUSMgr) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DPFUSMgr.exe O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - C:\Program Files\DigitalPersona\Bin\DpHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\system32\S24EvMon.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe ============================= D'avance un GRAND MERCI !!!!
×
×
  • Créer...