vegas77

Hello, voici la nouveau rapport combofix http://www.cijoint.fr/cjlink.php?file=cj201103/cijR2cyv8Q.txt

Bonjour, voici le rapport de combofix : Cijoint.fr - Service gratuit de dépôt de fichiers

Bonjour, voici le rapport de tdskiller : Cijoint.fr - Service gratuit de dépôt de fichiers et le lien pour le rapport virustotal : VirusTotal - Free Online Virus, Malware and URL Scanner Alors ? vous arrivez à le détecter ?

L'analyse sur Vrus Total donne ceci : voici le lien complet au cas où VirusTotal - Free Online Virus, Malware and URL Scanner ____________________________________________________ 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is goodware. 0 VT Community user(s) with a total of 0 reputation credit(s) say(s) this sample is malware. File name: PhysicalDisk0_MBR.bin Submission date: 2011-03-07 14:20:09 (UTC) Current status: queued queued (#272) analysing finished Result: 0/ 41 (0.0%) VT Community not reviewed Safety score: - Compact Print results Antivirus Version Last Update Result AhnLab-V3 2011.03.07.06 2011.03.07 - AntiVir 7.11.4.96 2011.03.07 - Antiy-AVL 2.0.3.7 2011.03.06 - Avast 4.8.1351.0 2011.03.07 - Avast5 5.0.677.0 2011.03.07 - AVG 10.0.0.1190 2011.03.07 - BitDefender 7.2 2011.03.07 - CAT-QuickHeal 11.00 2011.03.07 - ClamAV 0.96.4.0 2011.03.05 - Commtouch 5.2.11.5 2011.03.07 - Comodo 7903 2011.03.07 - DrWeb 5.0.2.03300 2011.03.07 - eSafe 7.0.17.0 2011.03.06 - eTrust-Vet 36.1.8198 2011.03.04 - F-Prot 4.6.2.117 2011.03.07 - F-Secure 9.0.16440.0 2011.03.07 - Fortinet 4.2.254.0 2011.03.07 - GData 21 2011.03.07 - Ikarus T3.1.1.97.0 2011.03.07 - Jiangmin 13.0.900 2011.03.07 - K7AntiVirus 9.92.4044 2011.03.07 - McAfee 5.400.0.1158 2011.03.07 - McAfee-GW-Edition 2010.1C 2011.03.07 - Microsoft 1.6603 2011.03.07 - NOD32 5932 2011.03.07 - Norman 6.07.03 2011.03.06 - nProtect 2011-02-10.01 2011.02.15 - Panda 10.0.3.5 2011.03.06 - PCTools 7.0.3.5 2011.03.07 - Prevx 3.0 2011.03.07 - Rising 23.48.00.06 2011.03.07 - Sophos 4.63.0 2011.03.07 - SUPERAntiSpyware 4.40.0.1006 2011.03.07 - Symantec 20101.3.0.103 2011.03.07 - TheHacker 6.7.0.1.145 2011.03.06 - TrendMicro 9.200.0.1012 2011.03.07 - TrendMicro-HouseCall 9.200.0.1012 2011.03.07 - VBA32 3.12.14.3 2011.03.04 - VIPRE 8626 2011.03.07 - ViRobot 2011.3.7.4345 2011.03.07 - VirusBuster 13.6.237.0 2011.03.06 - Additional informationShow all MD5 : facde77579d7c9fec39ea3939d9a008f SHA1 : 1bd434b0dad62b41d1310b34754ec0ebedfa55b1 SHA256: 4f799dfa3013f5d375260e7c2825edd0804cda6731ef9ea3349cfa13504d997b ssdeep: 6:GHcimqQ0hFlc1tWZVLTqvFh226ALwPr0w2ZnRIyFT06pxJtAKCFWHWLLGAKCFWfU:cdm6lc1E BclMPAlBvyStYcWLTfAlc File size : 512 bytes First seen: 2011-03-07 14:20:09 Last seen : 2011-03-07 14:20:09 TrID: Unknown! sigcheck: publisher....: n/a copyright....: n/a product......: n/a description..: n/a original name: n/a internal name: n/a file version.: n/a comments.....: n/a signers......: - signing date.: - verified.....: Unsigned VT Community 0 This file has never been reviewed by any VT Community member. Be the first one to comment on it! VirusTotal Team

Bonjour voici le second rapport OTL. Pour l'instant rien a changé : la redirection gomeo marche encore... All processes killed ========== FILES ========== C:\Program Files\Setuprog folder moved successfully. C:\Program Files\Conduit\Community Alerts folder moved successfully. C:\Program Files\Conduit folder moved successfully. C:\Windows\Tasks\Cbesn.job moved successfully. ========== OTL ========== Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}\ deleted successfully. File C:\Program Files\Setuprog\tbSetu.dll not found. Registry value HKEY_USERS\S-1-5-21-3997701911-2713397190-784943365-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}\ not found. File C:\Program Files\Setuprog\tbSetu.dll not found. Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}\ not found. File C:\Program Files\Setuprog\tbSetu.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{f4ef4468-9bbb-45a1-a2ce-f0c430a9a7e5}\ not found. File C:\Program Files\Setuprog\tbSetu.dll not found. Registry value HKEY_USERS\S-1-5-21-3997701911-2713397190-784943365-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{F4EF4468-9BBB-45A1-A2CE-F0C430A9A7E5} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F4EF4468-9BBB-45A1-A2CE-F0C430A9A7E5}\ not found. File C:\Program Files\Setuprog\tbSetu.dll not found. ========== REGISTRY ========== Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\\FirewallOverride scheduled to be deleted on reboot. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\\Setuprog Toolbar not found. ========== COMMANDS ========== [EMPTYTEMP] User: A.LIMAR ->Temp folder emptied: 17200 bytes ->Temporary Internet Files folder emptied: 18993064 bytes ->Java cache emptied: 0 bytes ->Flash cache emptied: 5175 bytes User: All Users User: Default ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes User: Public User: SWSetup %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 1216 bytes RecycleBin emptied: 972 bytes Total Files Cleaned = 18,00 mb [EMPTYFLASH] User: A.LIMAR ->Flash cache emptied: 0 bytes User: All Users User: Default User: Default User User: Public User: SWSetup Total Flash Files Cleaned = 0,00 mb OTL by OldTimer - Version 3.2.22.3 log created on 03072011_150421 Files\Folders moved on Reboot... Registry entries deleted on Reboot... Registry delete failed. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\\FirewallOverride scheduled to be deleted on reboot.

Bonsoir, merci pourvotre aide ^^ voici le rapport malware (il n a pas trouver d'infection) Cijoint.fr - Service gratuit de dépôt de fichiers et les rapports OTL (je ne comprends rien dessus) OTL.txt Cijoint.fr - Service gratuit de dépôt de fichiers Extras.txt Cijoint.fr - Service gratuit de dépôt de fichiers

Bonjour, j'ai le meme probleme avec gomeo : cela fait 3 jours que j'essai yout types d'antivirus et malware rien à faire. J'ai donc téléchareger ZHPDiag mais je ne comprend rien au rapport. Pourriez_vous m'aidez s'il vous plait ? Merci d'avance le lien du rapport est ci dessous : http://www.cijoint.f.../cij00chrJ0.txt

Bonjour, j'ai le meme probleme avec gomeo : cela fait 3 jours que j'essai yout types d'antivirus et malware rien à faire. J'ai donc téléchareger ZHPDiag mais je ne comprend rien au rapport. Pourriez_vous m'aidez s'il vous plait ? Merci d'avance le lien du rapport est ci dessous : http://www.cijoint.fr/cjlink.php?file=cj201103/cij00chrJ0.txt