Yoo
-
Compteur de contenus
39 -
Inscription
-
Dernière visite
Type de contenu
Profils
Forums
Blogs
Tout ce qui a été posté par Yoo
-
Désolé pour le caffouillage... Clean Navipromo version 3.6.8 commencé le 04/11/2008 à 19:52:14,93 Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Famille Canon" Mise à jour le 03.11.2008 à 18h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.13 Système de fichiers : NTFS Mode suppression automatique avec prise en charge résultats Catchme et GNS Nettoyage executé en mode sans échec *** fsbl1.txt non trouvé *** (Assurez-vous que Catchme n'avait rien trouvé lors de la recherche) *** Suppression avec sauvegardes résultats GenericNaviSearch *** * Suppression dans "C:\WINDOWS\System32" * * Suppression dans "C:\Documents and Settings\Famille Canon\locals~1\applic~1" * * Suppression dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" * *** Suppression dossiers dans "C:\WINDOWS" *** *** Suppression dossiers dans "C:\Program Files" *** ...\Instant Access ...suppression... ...\Instant Access supprimé ! *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Suppression dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Suppression dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Famille Canon\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Famille Canon\locals~1\applic~1" *** *** Suppression dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *** *** Suppression dossiers dans "C:\Documents and Settings\Famille Canon\menudm~1\progra~1" *** *** Suppression fichiers *** C:\WINDOWS\Downloaded Program Files\egdhtml_pack.inf supprimé ! C:\WINDOWS\tmlpcert2005 supprimé ! C:\WINDOWS\system32\EGCOMLIB_1035.dll supprimé ! C:\WINDOWS\system32\mseggrpid.dll supprimé ! *** Suppression fichiers temporaires *** Nettoyage contenu C:\WINDOWS\Temp effectué ! Nettoyage contenu C:\Documents and Settings\Famille Canon\locals~1\Temp effectué ! *** Traitement Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Suppression avec sauvegardes nouveaux fichiers Instant Access : 2)Recherche, création sauvegardes et suppression Heuristique : * Dans "C:\WINDOWS\system32" * * Dans "C:\Documents and Settings\Famille Canon\locals~1\applic~1" * * Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" * *** Sauvegarde du Registre vers dossier Safebackup *** sauvegarde du Registre réalisée avec succès ! *** Nettoyage Registre *** Nettoyage Registre Ok *** Certificats *** Certificat Egroup absent ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltdt absent ! *** Nettoyage terminé le 04/11/2008 à 19:55:53,60 ***
-
Donc jai lancé navilog, tapé sur 2, par contre il me dit que le mode sans echec est impératif pour le nettoyage... et que l'outil va etre interrompu!
-
donc la je lance navilog et t'envois le rapport
-
j'avais deja lancé le hijack avant que tu ai ecrit le post #20... donc j'ai publié l'analyse hijack et lancé la recherche du "claener "comme dans le message #18 mais mon pc a l'air de planter, je vais attendre pas voir si il ram juste. je te dis se qu'il en est avant de passer a se que tu a écrit dans le message #20 Décolé pour le décalage, je n'avais pas pensé a actualiser!
-
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:16:56, on 04/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\SYSTEM32\acs.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\system32\crypserv.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\AntivirusFirewall\Common\FCH32.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\tcpsvcs.exe C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\system32\fxssvc.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Garmin\ANT Agent\ANT Agent.exe C:\Program Files\Antivirus 2009\av2009.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\TRENDnet\TEW-441PC_443PI\TRENDnet.exe C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe C:\Documents and Settings\Famille Canon\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ANT Agent] C:\Garmin\ANT Agent\ANT Agent.exe O4 - HKCU\..\Run: [00454626659751581232958135953661] C:\Program Files\Antivirus 2009\av2009.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: 108Mbps Wireless LAN Adapte.lnk = C:\Program Files\TRENDnet\TEW-441PC_443PI\TRENDnet.exe O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\maxspeed.exe (file missing) O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\maxspeed.exe (file missing) O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.fr O15 - Trusted Zone: *.canalplay.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file:///C:/Documents%20and%20Settings/Famille%20Canon/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader5.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photos.wanadoo.fr/al/presentation/p...ivex/Ephoto.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/gameshell/onl...mjolauncher.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://boumer74.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/R...rod/DownMan.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab O16 - DPF: {92ABACFE-EF6E-42C7-A824-D50A914B5B70} (MastaCash Loader Class) - http://dx.mastacash.com/loader.cab O16 - DPF: {983AB2CC-3D50-11D9-ADFE-00062919A34C} (ActiveXUpload.UserCtrl) - http://www.photoservice.com/activeX/newUpload.CAB O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/...sh.1.0.0.58.cab O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeuxentelechargement.orange.fr/onli...gamesloader.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...950/mcfscan.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredimail.com/contents/setup...er/imloader.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab30149.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EB891084-D9A4-4E29-A06C-9D74B0F56A76}: NameServer = 192.168.1.1 O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\SYSTEM32\acs.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe -- End of file - 12925 bytes
-
mode sans echec? oups... je ny suis pas! il faut que je redemare le pc?
-
Search Navipromo version 3.6.8 commencé le 04/11/2008 à 19:07:49,32 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Postez ce rapport sur le forum pour le faire analyser !!! !!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!! Outil exécuté depuis C:\Program Files\navilog1 Session actuelle : "Famille Canon" Mise à jour le 03.11.2008 à 18h00 par IL-MAFIOSO Microsoft Windows XP [version 5.1.2600] Internet Explorer : 7.0.5730.13 Système de fichiers : NTFS Recherche executé en mode normal *** Recherche Programmes installés *** *** Recherche dossiers dans "C:\WINDOWS" *** *** Recherche dossiers dans "C:\Program Files" *** ...\Instant Access trouvé ! *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1\progra~1" *** *** Recherche dossiers dans "C:\Documents and Settings\All Users\menudm~1" *** *** Recherche dossiers dans "c:\docume~1\alluse~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Famille Canon\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Famille Canon\locals~1\applic~1" *** *** Recherche dossiers dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" *** *** Recherche dossiers dans "C:\Documents and Settings\Famille Canon\menudm~1\progra~1" *** *** Recherche avec Catchme-rootkit/stealth malware detector par gmer *** pour + d'infos : http://www.gmer.net Scan Catchme non réalisé. Droits limités sur la session actuelle. *** Recherche avec GenericNaviSearch *** !!! Tous ces résultats peuvent révéler des fichiers légitimes !!! !!! A vérifier impérativement avant toute suppression manuelle !!! * Recherche dans "C:\WINDOWS\system32" * * Recherche dans "C:\Documents and Settings\Famille Canon\locals~1\applic~1" * * Recherche dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" * *** Recherche fichiers *** C:\WINDOWS\Downloaded Program Files\egdhtml_pack.inf trouvé ! C:\WINDOWS\tmlpcert2005 trouvé ! C:\WINDOWS\system32\EGCOMLIB_1035.dll trouvé ! C:\WINDOWS\system32\mseggrpid.dll trouvé ! *** Recherche clés spécifiques dans le Registre *** *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche nouveaux fichiers Instant Access : 2)Recherche Heuristique : * Dans "C:\WINDOWS\system32" : * Dans "C:\Documents and Settings\Famille Canon\locals~1\applic~1" : * Dans "C:\DOCUME~1\PROPRI~1\locals~1\applic~1" : 3)Recherche Certificats : Certificat Egroup absent ! Certificat Electronic-Group absent ! Certificat Montorgueil absent ! Certificat OOO-Favorit absent ! Certificat Sunny-Day-Design-Ltd absent ! 4)Recherche fichiers connus : C:\WINDOWS\system32\OnoXFfhk.ini2 trouvé ! infection Vundo possible non traitée par cet outil ! *** Analyse terminée le 04/11/2008 à 19:10:07,93 *** Je lance le nettoyage?
-
ca ne veux pas marcher, jai toujours le message d'erreur: windows ne trouve pas CFxxxxx.exe (le nom change tout le temps!). verfifiez que vous avez entré le nom correctement et essayé a nouveau. Pour rechercher un fichier, cliquez sur le bouton démarrer, puis sur Rechercher. Je relance navilog...
-
putain, quelle merde, j ai telment de message d'erreur! (la je suis sur un autre pc a coté) quand je lance combofix, unmessage d'erreur apparait: windows ne trouve pas CF10764. Verfiez que vs avez entré le nom correctement.... Je tente de réinstaller?
-
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:27:55, on 04/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\SYSTEM32\acs.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\system32\crypserv.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\AntivirusFirewall\Common\FCH32.EXE C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\tcpsvcs.exe C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\WINDOWS\system32\fxssvc.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Garmin\ANT Agent\ANT Agent.exe C:\Program Files\Antivirus 2009\av2009.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\TRENDnet\TEW-441PC_443PI\TRENDnet.exe C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Documents and Settings\Famille Canon\Bureau\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ANT Agent] C:\Garmin\ANT Agent\ANT Agent.exe O4 - HKCU\..\Run: [00454626659751581232958135953661] C:\Program Files\Antivirus 2009\av2009.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: 108Mbps Wireless LAN Adapte.lnk = C:\Program Files\TRENDnet\TEW-441PC_443PI\TRENDnet.exe O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\maxspeed.exe (file missing) O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\maxspeed.exe (file missing) O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.fr O15 - Trusted Zone: *.canalplay.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file:///C:/Documents%20and%20Settings/Famille%20Canon/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader5.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photos.wanadoo.fr/al/presentation/p...ivex/Ephoto.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/gameshell/onl...mjolauncher.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://boumer74.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/R...rod/DownMan.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab O16 - DPF: {92ABACFE-EF6E-42C7-A824-D50A914B5B70} (MastaCash Loader Class) - http://dx.mastacash.com/loader.cab O16 - DPF: {983AB2CC-3D50-11D9-ADFE-00062919A34C} (ActiveXUpload.UserCtrl) - http://www.photoservice.com/activeX/newUpload.CAB O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/...sh.1.0.0.58.cab O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeuxentelechargement.orange.fr/onli...gamesloader.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...950/mcfscan.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredimail.com/contents/setup...er/imloader.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab30149.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EB891084-D9A4-4E29-A06C-9D74B0F56A76}: NameServer = 192.168.1.1 O20 - AppInit_DLLs: xgpnne.dll O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\SYSTEM32\acs.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe -- End of file - 13014 bytes
-
--------------------\\ Lop S&D 4.2.4-9c XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.40GHz ) BIOS : BIOS Date: 07/18/02 13:31:28 Ver: 08.00.00 USER : Famille Canon ( Administrator ) BOOT : Normal boot Antivirus : AntiVirus Firewall 6.15 6.15 (Activated) Firewall : AntiVirus Firewall 6.15 6.15 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:111 Go (Free:57 Go) D:\ (CD or DVD) E:\ (CD or DVD) F:\ (Local Disk) - FAT - Total:0 Go (Free:0 Go) "C:\Lop SD" ( MAJ : 01-11-2008|16:30 ) Option : [2] ( 03/11/2008|22:08 ) \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ SUPPRESSION Supprime! - C:\DOCUME~1\FAMILL~1\LOCALS~1\Temp\nsz98.tmp Supprime! - C:\Program Files\BitDownload\readme.bat Supprime! - C:\WINDOWS\Prefetch\BITDOWNLOAD.EXE-135D623F.pf Supprime! - C:\WINDOWS\Tasks\81825C069075C312.job Supprime! - C:\WINDOWS\Tasks\BDD2129790A9B6D3.job Supprime! - C:\Program Files\boresh~1 Supprime! - C:\Program Files\BitDownload \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ --------------------\\ Listing des dossiers dans APPLIC~1 [16/05/2008|17:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [28/12/2007|16:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [28/12/2007|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [23/04/2006|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk [02/11/2008|13:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache [05/12/2006|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software [23/07/2008|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative [17/12/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure [03/11/2008|13:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [14/09/2008|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Meal ace base bone [09/10/2005|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [19/08/2002|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGI [23/12/2006|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [23/12/2006|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\mpDRM [23/08/2002|16:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [20/07/2007|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [26/07/2006|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberongames [20/01/2005|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm [02/09/2007|11:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [21/12/2007|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap [29/09/2002|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [28/10/2005|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Samsung [19/08/2002|10:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [17/12/2006|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [19/08/2002|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [05/12/2006|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VCOM [10/08/2005|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vidctrl [28/10/2005|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vidmon [23/12/2006|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [26/08/2006|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [11/12/2007|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [02/12/2005|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\wsxs [19/08/2002|09:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [19/08/2002|09:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [19/08/2002|10:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [18/01/2007|22:22] C:\DOCUME~1\FAMILL~1\APPLIC~1\ACD Systems [26/01/2008|21:04] C:\DOCUME~1\FAMILL~1\APPLIC~1\Adobe [16/05/2008|17:24] C:\DOCUME~1\FAMILL~1\APPLIC~1\AdobeUM [29/12/2007|19:10] C:\DOCUME~1\FAMILL~1\APPLIC~1\Apple Computer [01/01/2007|13:21] C:\DOCUME~1\FAMILL~1\APPLIC~1\Corel [06/11/2006|19:07] C:\DOCUME~1\FAMILL~1\APPLIC~1\Creative [17/02/2007|19:42] C:\DOCUME~1\FAMILL~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web [26/01/2008|21:01] C:\DOCUME~1\FAMILL~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web [05/06/2008|16:44] C:\DOCUME~1\FAMILL~1\APPLIC~1\dvdcss [18/12/2006|19:09] C:\DOCUME~1\FAMILL~1\APPLIC~1\F-Secure [04/07/2008|15:36] C:\DOCUME~1\FAMILL~1\APPLIC~1\GARMIN [15/10/2006|15:30] C:\DOCUME~1\FAMILL~1\APPLIC~1\Help [03/08/2008|16:05] C:\DOCUME~1\FAMILL~1\APPLIC~1\Identities [15/10/2006|12:47] C:\DOCUME~1\FAMILL~1\APPLIC~1\ispnews [19/08/2007|09:20] C:\DOCUME~1\FAMILL~1\APPLIC~1\Jasc [03/12/2006|21:20] C:\DOCUME~1\FAMILL~1\APPLIC~1\Leadertech [24/12/2006|15:18] C:\DOCUME~1\FAMILL~1\APPLIC~1\Macromedia [11/07/2007|13:38] C:\DOCUME~1\FAMILL~1\APPLIC~1\Microsoft [17/01/2007|15:26] C:\DOCUME~1\FAMILL~1\APPLIC~1\Mozilla [26/05/2007|10:16] C:\DOCUME~1\FAMILL~1\APPLIC~1\MSN6 [10/12/2006|21:06] C:\DOCUME~1\FAMILL~1\APPLIC~1\OfficeUpdate12 [17/12/2006|17:38] C:\DOCUME~1\FAMILL~1\APPLIC~1\PEX [02/09/2007|11:07] C:\DOCUME~1\FAMILL~1\APPLIC~1\PlayFirst [10/08/2008|14:51] C:\DOCUME~1\FAMILL~1\APPLIC~1\Real [10/12/2006|20:29] C:\DOCUME~1\FAMILL~1\APPLIC~1\Roxio [28/11/2007|14:51] C:\DOCUME~1\FAMILL~1\APPLIC~1\Screenshot Sender [21/11/2006|21:20] C:\DOCUME~1\FAMILL~1\APPLIC~1\Sun [19/08/2002|10:55] C:\DOCUME~1\FAMILL~1\APPLIC~1\Symantec [11/01/2007|21:51] C:\DOCUME~1\FAMILL~1\APPLIC~1\The Labyrinth Plus! Edition [05/12/2006|12:56] C:\DOCUME~1\FAMILL~1\APPLIC~1\VCOM [21/10/2006|19:19] C:\DOCUME~1\FAMILL~1\APPLIC~1\vlc [16/10/2006|18:59] C:\DOCUME~1\FAMILL~1\APPLIC~1\Wannadoo [17/02/2004|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help [13/12/2003|17:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [19/08/2002|09:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [19/08/2002|09:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities [19/08/2002|09:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft [19/08/2002|10:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [03/11/2008 12:15][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job [03/11/2008 22:06][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job [03/11/2008 17:51][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 07:00][-r-h-----] C:\WINDOWS\tasks\DESKTOP.INI --------------------\\ Listing des dossiers dans C:\Program Files [10/02/2007|20:38] C:\Program Files\@Last Software [09/10/2002|17:55] C:\Program Files\3Com [03/12/2004|13:33] C:\Program Files\A4Proxy [15/12/2003|21:07] C:\Program Files\Accessoires [31/08/2002|20:04] C:\Program Files\ACD Systems [16/07/2007|16:23] C:\Program Files\Adobe [23/04/2006|18:27] C:\Program Files\Advanced Messenger Plus [23/08/2002|16:46] C:\Program Files\ANNO 1602 Version Gold [02/11/2008|17:56] C:\Program Files\Antivirus 2009 [17/12/2006|17:30] C:\Program Files\AntivirusFirewall [28/07/2005|17:13] C:\Program Files\Appliedsearch_AutoInstall [09/09/2007|16:35] C:\Program Files\Artful GIF Animator [23/04/2006|18:21] C:\Program Files\Autodesk [05/12/2006|13:05] C:\Program Files\Avanquest update [24/11/2002|15:16] C:\Program Files\Bullfrog [03/11/2008|18:43] C:\Program Files\CCleaner [01/09/2002|08:07] C:\Program Files\CD-Writer Plus [18/12/2004|12:58] C:\Program Files\CheckFlow [19/08/2002|10:49] C:\Program Files\CNet [12/01/2005|17:38] C:\Program Files\Common Files [19/08/2002|09:54] C:\Program Files\ComPlus Applications [01/09/2002|08:07] C:\Program Files\Core Design [17/02/2007|19:49] C:\Program Files\Corel [22/07/2008|20:44] C:\Program Files\Creative [22/07/2008|20:42] C:\Program Files\Creative Installation Information [19/08/2002|10:52] C:\Program Files\CyberLink [19/08/2002|10:45] C:\Program Files\Dell [26/03/2004|12:44] C:\Program Files\Dictionnaire [07/05/2006|09:43] C:\Program Files\DIFX [09/10/2002|17:49] C:\Program Files\Digital Line Detect [25/12/2003|09:57] C:\Program Files\DiMAGE Viewer [15/02/2004|20:22] C:\Program Files\directx [22/02/2006|22:51] C:\Program Files\DivX [01/09/2002|08:07] C:\Program Files\Eanswers [23/04/2006|18:23] C:\Program Files\eChanblard [03/02/2005|15:02] C:\Program Files\EHMINSTALL [09/08/2007|09:30] C:\Program Files\eMule [10/08/2008|14:51] C:\Program Files\Fichiers communs [01/09/2002|08:43] C:\Program Files\Frx [26/02/2005|12:41] C:\Program Files\FXIWIN19 [23/08/2002|11:24] C:\Program Files\GameSpy Arcade [04/02/2007|12:39] C:\Program Files\GanttProject [18/05/2008|20:03] C:\Program Files\Google [17/02/2007|19:42] C:\Program Files\Hewlett-Packard [19/12/2004|12:48] C:\Program Files\Illustrate [02/01/2004|19:13] C:\Program Files\IncrediFind [22/09/2006|18:17] C:\Program Files\IncrediMail [22/07/2008|20:45] C:\Program Files\InstallShield Installation Information [02/02/2004|21:21] C:\Program Files\Instant Access [15/10/2008|07:27] C:\Program Files\Internet Explorer [17/01/2007|14:21] C:\Program Files\Inventel [19/08/2007|09:20] C:\Program Files\Jasc Software Inc [14/09/2008|19:52] C:\Program Files\Java [19/06/2004|11:41] C:\Program Files\Kazaa [23/12/2006|18:43] C:\Program Files\Lecteur CANALPLAY [14/07/2005|12:23] C:\Program Files\LitexMedia [16/02/2008|09:08] C:\Program Files\Logiciel Photo Orange [01/09/2002|08:07] C:\Program Files\Logitech [01/09/2002|08:07] C:\Program Files\LucasArts [03/02/2005|15:04] C:\Program Files\Maison et Int‚rieur 3D [05/11/2004|21:11] C:\Program Files\Masta [07/06/2004|17:52] C:\Program Files\MaxSpeed [20/12/2006|16:49] C:\Program Files\Mercury [21/02/2004|20:10] C:\Program Files\Messager Wanadoo [14/08/2008|23:35] C:\Program Files\Messenger [19/12/2004|18:41] C:\Program Files\Messenger Plus! 3 [31/08/2008|14:17] C:\Program Files\Messenger Plus! Live [28/01/2007|12:45] C:\Program Files\MessengerPlus! 3 [01/09/2002|08:09] C:\Program Files\MGI [01/09/2002|08:09] C:\Program Files\Micro Application [01/09/2002|08:09] C:\Program Files\Microsoft Chat [07/02/2003|21:40] C:\Program Files\microsoft frontpage [24/03/2004|09:58] C:\Program Files\Microsoft Games [01/09/2002|08:10] C:\Program Files\Microsoft Money [29/05/2007|16:50] C:\Program Files\Microsoft Office [20/11/2002|17:27] C:\Program Files\Microsoft Plus! [17/10/2006|21:01] C:\Program Files\Microsoft SQL Server [11/12/2007|20:54] C:\Program Files\Microsoft SQL Server Compact Edition [19/08/2002|10:53] C:\Program Files\Microsoft Visual Studio [14/01/2006|12:31] C:\Program Files\Microsoft WSE [12/07/2003|23:04] C:\Program Files\MLH [05/12/2006|13:05] C:\Program Files\Mobile Media Studio [15/12/2003|21:07] C:\Program Files\Modem Helper [23/12/2006|15:03] C:\Program Files\Movie Maker [03/11/2008|17:57] C:\Program Files\Mozilla Firefox [27/10/2003|17:53] C:\Program Files\MSN [19/08/2002|09:54] C:\Program Files\MSN Gaming Zone [19/08/2002|10:54] C:\Program Files\MSPress [01/09/2002|08:10] C:\Program Files\MSWORKS [06/01/2003|19:32] C:\Program Files\MSXML 4.0 [28/12/2003|13:52] C:\Program Files\MUSICMATCH [23/12/2006|14:59] C:\Program Files\NetMeeting [17/12/2006|11:28] C:\Program Files\NewDotNet [17/01/2004|16:55] C:\Program Files\Norton AntiVirus [27/07/2006|15:10] C:\Program Files\orange [06/07/2007|20:47] C:\Program Files\Outlook Express [17/02/2008|20:12] C:\Program Files\Photo Service Edition [17/03/2007|09:07] C:\Program Files\Polar [12/10/2004|13:49] C:\Program Files\PowerPoint Viewer [28/12/2007|16:28] C:\Program Files\QuickTime [01/09/2002|08:10] C:\Program Files\Real [27/12/2004|14:33] C:\Program Files\RegCleaner [25/03/2003|10:57] C:\Program Files\Rescue Disk [12/11/2002|18:22] C:\Program Files\Rockstar Games [15/02/2004|20:23] C:\Program Files\Roxio [28/09/2003|10:37] C:\Program Files\RTE [02/12/2005|11:42] C:\Program Files\SAGEM [28/10/2005|14:42] C:\Program Files\Samsung [17/08/2003|19:10] C:\Program Files\se [26/01/2007|15:29] C:\Program Files\Securitoo [19/08/2002|09:54] C:\Program Files\Services en ligne [20/12/2005|10:34] C:\Program Files\Softal [17/12/2006|17:33] C:\Program Files\Spybot - Search & Destroy [04/01/2004|21:42] C:\Program Files\SWiSH v2.0 [17/01/2004|16:51] C:\Program Files\Symantec [31/08/2002|20:04] C:\Program Files\Trellix Corporation [15/10/2006|13:20] C:\Program Files\TRENDnet [14/01/2006|12:36] C:\Program Files\Uninstall Information [05/12/2006|12:55] C:\Program Files\VCOM [05/10/2006|08:13] C:\Program Files\VideoLAN [02/11/2007|17:25] C:\Program Files\VirginMega [31/05/2007|19:07] C:\Program Files\Wanadoo [01/12/2005|19:02] C:\Program Files\Wanadoo Messager [17/12/2006|21:01] C:\Program Files\Wanadoo Photo [01/05/2004|11:26] C:\Program Files\Wanadoovisio [01/09/2002|08:10] C:\Program Files\Winamp [27/02/2008|12:55] C:\Program Files\Windows Live [27/08/2006|10:06] C:\Program Files\Windows Live Toolbar [31/08/2002|16:18] C:\Program Files\Windows Media Components [01/01/2007|21:44] C:\Program Files\Windows Media Connect 2 [01/01/2007|21:44] C:\Program Files\Windows Media Player [23/12/2006|14:59] C:\Program Files\Windows NT [30/05/2007|21:15] C:\Program Files\WindowsUpdate [23/12/2006|19:39] C:\Program Files\WinRAR [07/01/2004|18:26] C:\Program Files\WinZip [19/08/2002|09:54] C:\Program Files\XEROX [12/02/2006|20:14] C:\Program Files\Zero G Registry --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [16/05/2008|17:26] C:\Program Files\Fichiers communs\Adobe [28/12/2007|16:23] C:\Program Files\Fichiers communs\Apple [23/04/2006|18:15] C:\Program Files\Fichiers communs\Autodesk Shared [22/07/2008|20:40] C:\Program Files\Fichiers communs\Creative [19/08/2002|10:53] C:\Program Files\Fichiers communs\Designer [23/12/2006|18:41] C:\Program Files\Fichiers communs\fluxDVD [21/08/2002|18:29] C:\Program Files\Fichiers communs\Hewlett-Packard [05/12/2006|12:52] C:\Program Files\Fichiers communs\InstallShield [05/05/2006|12:21] C:\Program Files\Fichiers communs\Java [31/08/2002|16:18] C:\Program Files\Fichiers communs\Logitech [19/08/2002|10:51] C:\Program Files\Fichiers communs\MGI Shared [01/09/2002|08:07] C:\Program Files\Fichiers communs\Microsoft Communs [11/12/2007|20:50] C:\Program Files\Fichiers communs\Microsoft Shared [23/12/2006|18:41] C:\Program Files\Fichiers communs\mpDRM [19/08/2002|09:54] C:\Program Files\Fichiers communs\MSSoap [19/08/2002|09:53] C:\Program Files\Fichiers communs\ODBC [10/08/2008|14:51] C:\Program Files\Fichiers communs\Real [15/02/2004|20:25] C:\Program Files\Fichiers communs\Roxio Shared [28/09/2003|10:37] C:\Program Files\Fichiers communs\RTE [01/09/2002|08:07] C:\Program Files\Fichiers communs\Services [19/08/2002|09:53] C:\Program Files\Fichiers communs\SpeechEngines [17/01/2004|16:59] C:\Program Files\Fichiers communs\Symantec Shared [06/07/2007|20:47] C:\Program Files\Fichiers communs\System [03/01/2004|21:01] C:\Program Files\Fichiers communs\Vbox [11/12/2007|20:49] C:\Program Files\Fichiers communs\WindowsLiveInstaller [01/05/2004|10:32] C:\Program Files\Fichiers communs\Wise Installation Wizard --------------------\\ Process ( 59 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Verification du Registre ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme disk not found C:\ please note that you need administrator rights to perform deep scan --------------------\\ Recherche d'autres infections C:\Program Files\Instant Access C:\Program Files\Instant Access\Center C:\Program Files\Instant Access\P2E ==> EGDACCESS <== C:\WINDOWS\system32\OnoXFfhk.ini C:\WINDOWS\system32\OnoXFfhk.ini2 C:\WINDOWS\system32\khfFXonO.dll ==> VUNDO <== --------------------\\ ROGUES .. C:\DOCUME~1\FAMILL~1\MENUDM~1\Antivirus 2009 C:\PROGRA~1\Antivirus 2009 --------------------\\ Cracks & Keygens .. C:\DOCUME~1\FAMILL~1\Bureau\Cl‚ usb sony\_ADOBE PHOTOSHOP 9 CS 2 Fr\Crack.exe C:\DOCUME~1\FAMILL~1\Mes documents\Jean Francois\Ma musique\Tony Joe White\Tony Joe White - 01 - Crack The Window Baby.mp3 C:\DOCUME~1\FAMILL~1\Mes documents\yoann\codec_divx_pro_5.03\DivX.Pro.v5.0.3.Keygen.zip C:\DOCUME~1\FAMILL~1\Mes documents\yoann\Mes images\crack[1].gif C:\DOCUME~1\FAMILL~1\Mes documents\yoann\QuickCam\crack.zip [F:389][D:23]-> C:\DOCUME~1\FAMILL~1\LOCALS~1\Temp [F:2][D:0]-> C:\DOCUME~1\FAMILL~1\Cookies [F:3][D:1]-> C:\DOCUME~1\FAMILL~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 03/11/2008|21:50 - Option : [1] 2 - "C:\Lop SD\LopR_2.txt" - 03/11/2008|22:42 - Option : [2] --------------------\\ Fin du rapport a 22:42:56 SmitFraudFix v2.371 Rapport fait à 17:51:44,42, 04/11/2008 Executé à partir de C:\Documents and Settings\Famille Canon\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Avant SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Arret des processus »»»»»»»»»»»»»»»»»»»»»»»» hosts 127.0.0.1 localhost »»»»»»»»»»»»»»»»»»»»»»»» VACFix VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix S!Ri's WS2Fix: LSP not Found. »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés »»»»»»»»»»»»»»»»»»»»»»»» IEDFix IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix AntiXPVSTFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: 108Mbps High Speed Wireless Network Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{EB891084-D9A4-4E29-A06C-9D74B0F56A76}: NameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{EB891084-D9A4-4E29-A06C-9D74B0F56A76}: NameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{EB891084-D9A4-4E29-A06C-9D74B0F56A76}: NameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "System"="" »»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre Nettoyage terminé. »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Après SmitFraudFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» Fin Par contre j'ai pas eu droit a la question "Corriger le fichier infecté ?" Je fais suivre le rapport hijack...
-
Je crois que j ai fais une connerie! j'ai pas enregistrer les rapports sous le disque C, c est grave?
-
--------------------\\ Lop S&D 4.2.4-9c XP/Vista Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 2 X86-based PC ( Uniprocessor Free : Intel® Pentium® 4 CPU 2.40GHz ) BIOS : BIOS Date: 07/18/02 13:31:28 Ver: 08.00.00 USER : Famille Canon ( Administrator ) BOOT : Normal boot Antivirus : AntiVirus Firewall 6.15 6.15 (Activated) Firewall : AntiVirus Firewall 6.15 6.15 (Activated) A:\ (USB) C:\ (Local Disk) - NTFS - Total:111 Go (Free:57 Go) D:\ (CD or DVD) E:\ (CD or DVD) F:\ (Local Disk) - FAT - Total:0 Go (Free:0 Go) G:\ (USB) - FAT - Total:248 Mo (Free:0 Go) "C:\Lop SD" ( MAJ : 01-11-2008|16:30 ) Option : [1] ( 03/11/2008|21:15 ) --------------------\\ Listing des dossiers dans APPLIC~1 [16/05/2008|17:27] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe [28/12/2007|16:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple [28/12/2007|16:26] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer [23/04/2006|18:16] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Autodesk [02/11/2008|13:55] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigFishGamesCache [05/12/2006|13:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\BVRP Software [23/07/2008|18:22] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Creative [17/12/2006|17:30] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure [03/11/2008|13:46] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater [14/09/2008|17:18] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Meal ace base bone [09/10/2005|11:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Messenger Plus! [19/08/2002|10:51] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MGI [23/12/2006|19:05] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft [23/12/2006|18:41] C:\DOCUME~1\ALLUSE~1\APPLIC~1\mpDRM [23/08/2002|16:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6 [20/07/2007|11:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\MumboJumbo [26/07/2006|22:40] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Oberongames [20/01/2005|22:08] C:\DOCUME~1\ALLUSE~1\APPLIC~1\pixelStorm [02/09/2007|11:07] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst [21/12/2007|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\PopCap [29/09/2002|18:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime [28/10/2005|16:09] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Samsung [19/08/2002|10:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\SBSI [17/12/2006|17:29] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy [19/08/2002|10:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec [05/12/2006|12:56] C:\DOCUME~1\ALLUSE~1\APPLIC~1\VCOM [10/08/2005|17:58] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vidctrl [28/10/2005|15:17] C:\DOCUME~1\ALLUSE~1\APPLIC~1\vidmon [23/12/2006|17:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage [26/08/2006|19:28] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar [11/12/2007|20:45] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller [02/12/2005|12:50] C:\DOCUME~1\ALLUSE~1\APPLIC~1\wsxs [19/08/2002|09:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Identities [19/08/2002|09:53] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft [19/08/2002|10:55] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Symantec [18/01/2007|22:22] C:\DOCUME~1\FAMILL~1\APPLIC~1\ACD Systems [26/01/2008|21:04] C:\DOCUME~1\FAMILL~1\APPLIC~1\Adobe [16/05/2008|17:24] C:\DOCUME~1\FAMILL~1\APPLIC~1\AdobeUM [29/12/2007|19:10] C:\DOCUME~1\FAMILL~1\APPLIC~1\Apple Computer [01/01/2007|13:21] C:\DOCUME~1\FAMILL~1\APPLIC~1\Corel [06/11/2006|19:07] C:\DOCUME~1\FAMILL~1\APPLIC~1\Creative [17/02/2007|19:42] C:\DOCUME~1\FAMILL~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web [26/01/2008|21:01] C:\DOCUME~1\FAMILL~1\APPLIC~1\Dossier de t‚l‚chargement Share-to-Web [05/06/2008|16:44] C:\DOCUME~1\FAMILL~1\APPLIC~1\dvdcss [18/12/2006|19:09] C:\DOCUME~1\FAMILL~1\APPLIC~1\F-Secure [04/07/2008|15:36] C:\DOCUME~1\FAMILL~1\APPLIC~1\GARMIN [15/10/2006|15:30] C:\DOCUME~1\FAMILL~1\APPLIC~1\Help [03/08/2008|16:05] C:\DOCUME~1\FAMILL~1\APPLIC~1\Identities [15/10/2006|12:47] C:\DOCUME~1\FAMILL~1\APPLIC~1\ispnews [19/08/2007|09:20] C:\DOCUME~1\FAMILL~1\APPLIC~1\Jasc [03/12/2006|21:20] C:\DOCUME~1\FAMILL~1\APPLIC~1\Leadertech [24/12/2006|15:18] C:\DOCUME~1\FAMILL~1\APPLIC~1\Macromedia [11/07/2007|13:38] C:\DOCUME~1\FAMILL~1\APPLIC~1\Microsoft [17/01/2007|15:26] C:\DOCUME~1\FAMILL~1\APPLIC~1\Mozilla [26/05/2007|10:16] C:\DOCUME~1\FAMILL~1\APPLIC~1\MSN6 [10/12/2006|21:06] C:\DOCUME~1\FAMILL~1\APPLIC~1\OfficeUpdate12 [17/12/2006|17:38] C:\DOCUME~1\FAMILL~1\APPLIC~1\PEX [02/09/2007|11:07] C:\DOCUME~1\FAMILL~1\APPLIC~1\PlayFirst [10/08/2008|14:51] C:\DOCUME~1\FAMILL~1\APPLIC~1\Real [10/12/2006|20:29] C:\DOCUME~1\FAMILL~1\APPLIC~1\Roxio [28/11/2007|14:51] C:\DOCUME~1\FAMILL~1\APPLIC~1\Screenshot Sender [21/11/2006|21:20] C:\DOCUME~1\FAMILL~1\APPLIC~1\Sun [19/08/2002|10:55] C:\DOCUME~1\FAMILL~1\APPLIC~1\Symantec [11/01/2007|21:51] C:\DOCUME~1\FAMILL~1\APPLIC~1\The Labyrinth Plus! Edition [05/12/2006|12:56] C:\DOCUME~1\FAMILL~1\APPLIC~1\VCOM [21/10/2006|19:19] C:\DOCUME~1\FAMILL~1\APPLIC~1\vlc [16/10/2006|18:59] C:\DOCUME~1\FAMILL~1\APPLIC~1\Wannadoo [17/02/2004|20:47] C:\DOCUME~1\LOCALS~1\APPLIC~1\Help [13/12/2003|17:12] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft [19/08/2002|09:53] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft [19/08/2002|09:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Identities [19/08/2002|09:53] C:\DOCUME~1\PROPRI~1\APPLIC~1\Microsoft [19/08/2002|10:55] C:\DOCUME~1\PROPRI~1\APPLIC~1\Symantec --------------------\\ Tâches planifiées dans C:\WINDOWS\tasks [03/11/2008 12:15][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job [03/11/2008 21:00][--ah-----] C:\WINDOWS\tasks\81825C069075C312.job [03/11/2008 21:00][--ah-----] C:\WINDOWS\tasks\BDD2129790A9B6D3.job [03/11/2008 21:16][--a------] C:\WINDOWS\tasks\Symantec NetDetect.job [03/11/2008 17:51][--ah-----] C:\WINDOWS\tasks\SA.DAT [28/08/2001 07:00][-r-h-----] C:\WINDOWS\tasks\DESKTOP.INI ( 81825C069075C312.job )=( c:\docume~1\jean-f~1.can\applic~1\boresh~1\bonesupportsetup.exe ) ( BDD2129790A9B6D3.job )=( c:\docume~1\yoann\applic~1\boresh~1\bonesupportsetup.exe ) --------------------\\ Listing des dossiers dans C:\Program Files [10/02/2007|20:38] C:\Program Files\@Last Software [09/10/2002|17:55] C:\Program Files\3Com [03/12/2004|13:33] C:\Program Files\A4Proxy [15/12/2003|21:07] C:\Program Files\Accessoires [31/08/2002|20:04] C:\Program Files\ACD Systems [16/07/2007|16:23] C:\Program Files\Adobe [23/04/2006|18:27] C:\Program Files\Advanced Messenger Plus [23/08/2002|16:46] C:\Program Files\ANNO 1602 Version Gold [02/11/2008|17:56] C:\Program Files\Antivirus 2009 [17/12/2006|17:30] C:\Program Files\AntivirusFirewall [28/07/2005|17:13] C:\Program Files\Appliedsearch_AutoInstall [09/09/2007|16:35] C:\Program Files\Artful GIF Animator [23/04/2006|18:21] C:\Program Files\Autodesk [05/12/2006|13:05] C:\Program Files\Avanquest update [01/11/2008|09:34] C:\Program Files\BitDownload [23/09/2005|19:29] C:\Program Files\bore show bike [24/11/2002|15:16] C:\Program Files\Bullfrog [03/11/2008|18:43] C:\Program Files\CCleaner [01/09/2002|08:07] C:\Program Files\CD-Writer Plus [18/12/2004|12:58] C:\Program Files\CheckFlow [19/08/2002|10:49] C:\Program Files\CNet [12/01/2005|17:38] C:\Program Files\Common Files [19/08/2002|09:54] C:\Program Files\ComPlus Applications [01/09/2002|08:07] C:\Program Files\Core Design [17/02/2007|19:49] C:\Program Files\Corel [22/07/2008|20:44] C:\Program Files\Creative [22/07/2008|20:42] C:\Program Files\Creative Installation Information [19/08/2002|10:52] C:\Program Files\CyberLink [19/08/2002|10:45] C:\Program Files\Dell [26/03/2004|12:44] C:\Program Files\Dictionnaire [07/05/2006|09:43] C:\Program Files\DIFX [09/10/2002|17:49] C:\Program Files\Digital Line Detect [25/12/2003|09:57] C:\Program Files\DiMAGE Viewer [15/02/2004|20:22] C:\Program Files\directx [22/02/2006|22:51] C:\Program Files\DivX [01/09/2002|08:07] C:\Program Files\Eanswers [23/04/2006|18:23] C:\Program Files\eChanblard [03/02/2005|15:02] C:\Program Files\EHMINSTALL [09/08/2007|09:30] C:\Program Files\eMule [10/08/2008|14:51] C:\Program Files\Fichiers communs [01/09/2002|08:43] C:\Program Files\Frx [26/02/2005|12:41] C:\Program Files\FXIWIN19 [23/08/2002|11:24] C:\Program Files\GameSpy Arcade [04/02/2007|12:39] C:\Program Files\GanttProject [18/05/2008|20:03] C:\Program Files\Google [17/02/2007|19:42] C:\Program Files\Hewlett-Packard [19/12/2004|12:48] C:\Program Files\Illustrate [02/01/2004|19:13] C:\Program Files\IncrediFind [22/09/2006|18:17] C:\Program Files\IncrediMail [22/07/2008|20:45] C:\Program Files\InstallShield Installation Information [02/02/2004|21:21] C:\Program Files\Instant Access [15/10/2008|07:27] C:\Program Files\Internet Explorer [17/01/2007|14:21] C:\Program Files\Inventel [19/08/2007|09:20] C:\Program Files\Jasc Software Inc [14/09/2008|19:52] C:\Program Files\Java [19/06/2004|11:41] C:\Program Files\Kazaa [23/12/2006|18:43] C:\Program Files\Lecteur CANALPLAY [14/07/2005|12:23] C:\Program Files\LitexMedia [16/02/2008|09:08] C:\Program Files\Logiciel Photo Orange [01/09/2002|08:07] C:\Program Files\Logitech [01/09/2002|08:07] C:\Program Files\LucasArts [03/02/2005|15:04] C:\Program Files\Maison et Int‚rieur 3D [05/11/2004|21:11] C:\Program Files\Masta [07/06/2004|17:52] C:\Program Files\MaxSpeed [20/12/2006|16:49] C:\Program Files\Mercury [21/02/2004|20:10] C:\Program Files\Messager Wanadoo [14/08/2008|23:35] C:\Program Files\Messenger [19/12/2004|18:41] C:\Program Files\Messenger Plus! 3 [31/08/2008|14:17] C:\Program Files\Messenger Plus! Live [28/01/2007|12:45] C:\Program Files\MessengerPlus! 3 [01/09/2002|08:09] C:\Program Files\MGI [01/09/2002|08:09] C:\Program Files\Micro Application [01/09/2002|08:09] C:\Program Files\Microsoft Chat [07/02/2003|21:40] C:\Program Files\microsoft frontpage [24/03/2004|09:58] C:\Program Files\Microsoft Games [01/09/2002|08:10] C:\Program Files\Microsoft Money [29/05/2007|16:50] C:\Program Files\Microsoft Office [20/11/2002|17:27] C:\Program Files\Microsoft Plus! [17/10/2006|21:01] C:\Program Files\Microsoft SQL Server [11/12/2007|20:54] C:\Program Files\Microsoft SQL Server Compact Edition [19/08/2002|10:53] C:\Program Files\Microsoft Visual Studio [14/01/2006|12:31] C:\Program Files\Microsoft WSE [12/07/2003|23:04] C:\Program Files\MLH [05/12/2006|13:05] C:\Program Files\Mobile Media Studio [15/12/2003|21:07] C:\Program Files\Modem Helper [23/12/2006|15:03] C:\Program Files\Movie Maker [03/11/2008|17:57] C:\Program Files\Mozilla Firefox [27/10/2003|17:53] C:\Program Files\MSN [19/08/2002|09:54] C:\Program Files\MSN Gaming Zone [19/08/2002|10:54] C:\Program Files\MSPress [01/09/2002|08:10] C:\Program Files\MSWORKS [06/01/2003|19:32] C:\Program Files\MSXML 4.0 [28/12/2003|13:52] C:\Program Files\MUSICMATCH [23/12/2006|14:59] C:\Program Files\NetMeeting [17/12/2006|11:28] C:\Program Files\NewDotNet [17/01/2004|16:55] C:\Program Files\Norton AntiVirus [27/07/2006|15:10] C:\Program Files\orange [06/07/2007|20:47] C:\Program Files\Outlook Express [17/02/2008|20:12] C:\Program Files\Photo Service Edition [17/03/2007|09:07] C:\Program Files\Polar [12/10/2004|13:49] C:\Program Files\PowerPoint Viewer [28/12/2007|16:28] C:\Program Files\QuickTime [01/09/2002|08:10] C:\Program Files\Real [27/12/2004|14:33] C:\Program Files\RegCleaner [25/03/2003|10:57] C:\Program Files\Rescue Disk [12/11/2002|18:22] C:\Program Files\Rockstar Games [15/02/2004|20:23] C:\Program Files\Roxio [28/09/2003|10:37] C:\Program Files\RTE [02/12/2005|11:42] C:\Program Files\SAGEM [28/10/2005|14:42] C:\Program Files\Samsung [17/08/2003|19:10] C:\Program Files\se [26/01/2007|15:29] C:\Program Files\Securitoo [19/08/2002|09:54] C:\Program Files\Services en ligne [20/12/2005|10:34] C:\Program Files\Softal [17/12/2006|17:33] C:\Program Files\Spybot - Search & Destroy [04/01/2004|21:42] C:\Program Files\SWiSH v2.0 [17/01/2004|16:51] C:\Program Files\Symantec [31/08/2002|20:04] C:\Program Files\Trellix Corporation [15/10/2006|13:20] C:\Program Files\TRENDnet [14/01/2006|12:36] C:\Program Files\Uninstall Information [05/12/2006|12:55] C:\Program Files\VCOM [05/10/2006|08:13] C:\Program Files\VideoLAN [02/11/2007|17:25] C:\Program Files\VirginMega [31/05/2007|19:07] C:\Program Files\Wanadoo [01/12/2005|19:02] C:\Program Files\Wanadoo Messager [17/12/2006|21:01] C:\Program Files\Wanadoo Photo [01/05/2004|11:26] C:\Program Files\Wanadoovisio [01/09/2002|08:10] C:\Program Files\Winamp [27/02/2008|12:55] C:\Program Files\Windows Live [27/08/2006|10:06] C:\Program Files\Windows Live Toolbar [31/08/2002|16:18] C:\Program Files\Windows Media Components [01/01/2007|21:44] C:\Program Files\Windows Media Connect 2 [01/01/2007|21:44] C:\Program Files\Windows Media Player [23/12/2006|14:59] C:\Program Files\Windows NT [30/05/2007|21:15] C:\Program Files\WindowsUpdate [23/12/2006|19:39] C:\Program Files\WinRAR [07/01/2004|18:26] C:\Program Files\WinZip [19/08/2002|09:54] C:\Program Files\XEROX [12/02/2006|20:14] C:\Program Files\Zero G Registry --------------------\\ Listing des dossiers dans C:\Program Files\Fichiers communs [16/05/2008|17:26] C:\Program Files\Fichiers communs\Adobe [28/12/2007|16:23] C:\Program Files\Fichiers communs\Apple [23/04/2006|18:15] C:\Program Files\Fichiers communs\Autodesk Shared [22/07/2008|20:40] C:\Program Files\Fichiers communs\Creative [19/08/2002|10:53] C:\Program Files\Fichiers communs\Designer [23/12/2006|18:41] C:\Program Files\Fichiers communs\fluxDVD [21/08/2002|18:29] C:\Program Files\Fichiers communs\Hewlett-Packard [05/12/2006|12:52] C:\Program Files\Fichiers communs\InstallShield [05/05/2006|12:21] C:\Program Files\Fichiers communs\Java [31/08/2002|16:18] C:\Program Files\Fichiers communs\Logitech [19/08/2002|10:51] C:\Program Files\Fichiers communs\MGI Shared [01/09/2002|08:07] C:\Program Files\Fichiers communs\Microsoft Communs [11/12/2007|20:50] C:\Program Files\Fichiers communs\Microsoft Shared [23/12/2006|18:41] C:\Program Files\Fichiers communs\mpDRM [19/08/2002|09:54] C:\Program Files\Fichiers communs\MSSoap [19/08/2002|09:53] C:\Program Files\Fichiers communs\ODBC [10/08/2008|14:51] C:\Program Files\Fichiers communs\Real [15/02/2004|20:25] C:\Program Files\Fichiers communs\Roxio Shared [28/09/2003|10:37] C:\Program Files\Fichiers communs\RTE [01/09/2002|08:07] C:\Program Files\Fichiers communs\Services [19/08/2002|09:53] C:\Program Files\Fichiers communs\SpeechEngines [17/01/2004|16:59] C:\Program Files\Fichiers communs\Symantec Shared [06/07/2007|20:47] C:\Program Files\Fichiers communs\System [03/01/2004|21:01] C:\Program Files\Fichiers communs\Vbox [11/12/2007|20:49] C:\Program Files\Fichiers communs\WindowsLiveInstaller [01/05/2004|10:32] C:\Program Files\Fichiers communs\Wise Installation Wizard --------------------\\ Process ( 59 Processes ) ... OK ! --------------------\\ Recherche avec S_Lop Aucun fichier / dossier Lop trouvé ! --------------------\\ Recherche de Fichiers / Dossiers Lop C:\Program Files\boresh~1 C:\DOCUME~1\FAMILL~1\LOCALS~1\Temp\nsz98.tmp C:\Program Files\BitDownload C:\Program Files\BitDownload\readme.bat C:\WINDOWS\Prefetch\BITDOWNLOAD.EXE-135D623F.pf C:\WINDOWS\Tasks\81825C069075C312.job C:\WINDOWS\Tasks\BDD2129790A9B6D3.job --------------------\\ Verification du Registre [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] ..... OK ! --------------------\\ Verification du fichier Hosts Fichier Hosts PROPRE --------------------\\ Recherche de fichiers avec Catchme disk not found C:\ please note that you need administrator rights to perform deep scan --------------------\\ Recherche d'autres infections C:\Program Files\Instant Access C:\Program Files\Instant Access\Center C:\Program Files\Instant Access\P2E ==> EGDACCESS <== C:\WINDOWS\system32\OnoXFfhk.ini C:\WINDOWS\system32\OnoXFfhk.ini2 C:\WINDOWS\system32\khfFXonO.dll ==> VUNDO <== --------------------\\ ROGUES .. C:\DOCUME~1\FAMILL~1\MENUDM~1\Antivirus 2009 C:\PROGRA~1\Antivirus 2009 --------------------\\ Cracks & Keygens .. C:\DOCUME~1\FAMILL~1\Bureau\Cl‚ usb sony\_ADOBE PHOTOSHOP 9 CS 2 Fr\Crack.exe C:\DOCUME~1\FAMILL~1\Mes documents\Jean Francois\Ma musique\Tony Joe White\Tony Joe White - 01 - Crack The Window Baby.mp3 C:\DOCUME~1\FAMILL~1\Mes documents\yoann\codec_divx_pro_5.03\DivX.Pro.v5.0.3.Keygen.zip C:\DOCUME~1\FAMILL~1\Mes documents\yoann\Mes images\crack[1].gif C:\DOCUME~1\FAMILL~1\Mes documents\yoann\QuickCam\crack.zip [F:394][D:24]-> C:\DOCUME~1\FAMILL~1\LOCALS~1\Temp [F:2][D:0]-> C:\DOCUME~1\FAMILL~1\Cookies [F:3][D:1]-> C:\DOCUME~1\FAMILL~1\LOCALS~1\TEMPOR~1\content.IE5 1 - "C:\Lop SD\LopR_1.txt" - 03/11/2008|21:50 - Option : [1] --------------------\\ Fin du rapport a 21:50:24 SmitFraudFix v2.371 Rapport fait à 21:52:05,39, 03/11/2008 Executé à partir de C:\Documents and Settings\Famille Canon\Bureau\SmitfraudFix OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT Le type du système de fichiers est NTFS Fix executé en mode normal »»»»»»»»»»»»»»»»»»»»»»»» Process C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\SYSTEM32\acs.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\system32\crypserv.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE C:\Program Files\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe C:\WINDOWS\System32\tcpsvcs.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Garmin\ANT Agent\ANT Agent.exe C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe C:\Program Files\Antivirus 2009\av2009.exe G:\HiJackThis.exe C:\WINDOWS\system32\cmd.exe »»»»»»»»»»»»»»»»»»»»»»»» hosts »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\scui.cpl PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Famille Canon »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FAMILL~1\LOCALS~1\Temp »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Famille Canon\Application Data C:\Documents and Settings\Famille Canon\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer C:\DOCUME~1\FAMILL~1\MENUDM~1\Antivirus 2009 PRESENT ! »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FAMILL~1\Favoris »»»»»»»»»»»»»»»»»»»»»»»» Bureau »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues »»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Ma page d'accueil" »»»»»»»»»»»»»»»»»»»»»»»» o4Patch !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! o4Patch Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» IEDFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! IEDFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» VACFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! VACFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» 404Fix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! 404Fix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! AntiXPVSTFix Credits: Malware Analysis & Diagnostic Code: S!Ri »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="xgpnne.dll" »»»»»»»»»»»»»»»»»»»»»»»» Winlogon !!!Attention, les clés qui suivent ne sont pas forcément infectées!!! [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon] "Userinit"="C:\\WINDOWS\\system32\\userinit.exe," "System"="" »»»»»»»»»»»»»»»»»»»»»»»» RK »»»»»»»»»»»»»»»»»»»»»»»» DNS Description: 108Mbps High Speed Wireless Network Adapter - Miniport d'ordonnancement de paquets DNS Server Search Order: 192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{EB891084-D9A4-4E29-A06C-9D74B0F56A76}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\..\{EB891084-D9A4-4E29-A06C-9D74B0F56A76}: NameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{EB891084-D9A4-4E29-A06C-9D74B0F56A76}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\..\{EB891084-D9A4-4E29-A06C-9D74B0F56A76}: NameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{EB891084-D9A4-4E29-A06C-9D74B0F56A76}: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\..\{EB891084-D9A4-4E29-A06C-9D74B0F56A76}: NameServer=192.168.1.1 HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=192.168.1.1 »»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll »»»»»»»»»»»»»»»»»»»»»»»» Fin J'ai tenté de faire 2 messages pour les rapports mais ca a tout mis a la suite, j esper que tu va ty retrouver sans trop de mal! ca en fais des lignes....
-
bonsoir appolo, merci de ta reponse rapide, voici le rapport: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:55:57, on 03/11/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\SYSTEM32\acs.exe C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE C:\WINDOWS\System32\CTsvcCDA.EXE C:\WINDOWS\system32\crypserv.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe C:\Program Files\AntivirusFirewall\Anti-Virus\FSGK32.EXE C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fssm32.exe C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Program Files\AntivirusFirewall\Common\FSMB32.EXE C:\Program Files\AntivirusFirewall\Common\FCH32.EXE C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\AntivirusFirewall\Common\FAMEH32.EXE C:\Program Files\AntivirusFirewall\Anti-Virus\fsqh.exe C:\WINDOWS\System32\tcpsvcs.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsrw.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\AntivirusFirewall\Anti-Virus\fsav32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\AntivirusFirewall\Common\FSM32.EXE C:\WINDOWS\system32\wscntfy.exe C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\HEWLET~1\HPSHAR~1\hpgs2wnf.exe C:\PROGRA~1\ANTIVI~1\ANTI-S~1\fsaw.exe C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe C:\Garmin\ANT Agent\ANT Agent.exe C:\Program Files\AntivirusFirewall\FSGUI\fsguidll.exe C:\Program Files\Antivirus 2009\av2009.exe G:\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\AntivirusFirewall\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\AntivirusFirewall\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\AntivirusFirewall\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\AntivirusFirewall\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [CanalPlayerHelper] C:\Program Files\Lecteur CANALPLAY\CanalPlayerHelper.exe O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [ANT Agent] C:\Garmin\ANT Agent\ANT Agent.exe O4 - HKCU\..\Run: [00454626659751581232958135953661] C:\Program Files\Antivirus 2009\av2009.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O4 - Global Startup: 108Mbps Wireless LAN Adapte.lnk = C:\Program Files\TRENDnet\TEW-441PC_443PI\TRENDnet.exe O4 - Global Startup: Antivirus Firewall.lnk = C:\Program Files\AntivirusFirewall\backweb\6588780\Program\fspex.exe O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: (no name) - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\maxspeed.exe (file missing) O9 - Extra 'Tools' menuitem: MaxSpeed - {120E090D-9136-4b78-8258-F0B44B4BD2AC} - C:\WINDOWS\System32\maxspeed.exe (file missing) O9 - Extra button: Protection Internet Explorer - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: Protection Internet Explorer... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\AntivirusFirewall\Anti-Spyware\ieshield.dll O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe O14 - IERESET.INF: START_PAGE_URL=http://www.wanadoo.fr O15 - Trusted Zone: *.canalplay.com O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/Facebo...toUploader5.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} - O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab O16 - DPF: {45E83043-1F6F-4D22-A5E7-0138EA171B49} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppD...sharingctrl.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab O16 - DPF: {5308E02B-4ABA-48E4-AA9E-8A7693661473} (GameCtl Class) - http://jeuxenligne.orange.fr/GisActiveX/Ax/GameAx.cab O16 - DPF: {5392B545-31A5-4724-BEF3-4FED1D56FDAC} (CPlayFirstDinerDash2_frControl Object) - file:///C:/Documents%20and%20Settings/Famille%20Canon/Local%20Settings/Application%20Data/Oberon%20Media/Oberon%20Games%20Host/DinerDash2_fr.1.0.0.70.cab O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://www.new2.foto.com/ImageUploader5.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab O16 - DPF: {7DA181BB-EF8D-4A7E-8C53-7BFC718EF71D} (Upload Class) - http://photos.wanadoo.fr/al/presentation/p...ivex/Ephoto.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://jeuxenligne.orange.fr/gameshell/onl...mjolauncher.cab O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://boumer74.spaces.live.com/PhotoUpload/MsnPUpld.cab O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.inoculer.com/antivirus/Msie/bitdefender.cab O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} (VirginMega.DMFacade.Interface) - https://www.virginmega.fr/DownloadManager/R...rod/DownMan.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab O16 - DPF: {92ABACFE-EF6E-42C7-A824-D50A914B5B70} (MastaCash Loader Class) - http://dx.mastacash.com/loader.cab O16 - DPF: {983AB2CC-3D50-11D9-ADFE-00062919A34C} (ActiveXUpload.UserCtrl) - http://www.photoservice.com/activeX/newUpload.CAB O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105AA9B6AE} (Symantec RuFSI Registry Information Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {D0C0F75C-683A-4390-A791-1ACFD5599AB8} (Oberon Flash Game Host) - http://jeuxenligne.orange.fr/Gameshell/Gam...ronGameHost.cab O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://wanadoofr.oberon-media.com/online2/...sh.1.0.0.58.cab O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://jeuxentelechargement.orange.fr/onli...gamesloader.cab O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/...950/mcfscan.cab O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) - http://www2.incredimail.com/contents/setup...er/imloader.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab30149.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{EB891084-D9A4-4E29-A06C-9D74B0F56A76}: NameServer = 192.168.1.1 O20 - AppInit_DLLs: xgpnne.dll O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\SYSTEM32\acs.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Antivirus Firewall (BackWeb Plug-in - 6588780) - Securitoo Portal - C:\PROGRA~1\ANTIVI~1\backweb\6588780\Program\SERVIC~1.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\AntivirusFirewall\backweb\6588780\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\AntivirusFirewall\Common\FSMA32.EXE O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Service CANALPLAY - Canal+ Active - C:\Program Files\Lecteur CANALPLAY\CanalPlayService.exe -- End of file - 13446 bytes
-
Bonjour j'ai ramasser un trojant: trojant.win32.mondeb.wkt J'ai fais une analyse hijack et je voulais savoir si quelqu'un pouvait m'aider! merci d'avance!