Infecté par serwab..... help
Fermé
Francois
-
31 déc. 2006 à 03:46
matooo Messages postés 10 Date d'inscription vendredi 15 décembre 2006 Statut Membre Dernière intervention 3 janvier 2007 - 3 janv. 2007 à 01:49
matooo Messages postés 10 Date d'inscription vendredi 15 décembre 2006 Statut Membre Dernière intervention 3 janvier 2007 - 3 janv. 2007 à 01:49
A voir également:
- Infecté par serwab..... help
- L'ordinateur de simon a été infecté par un virus répertorié récemment. son anti-virus ne l'a pas détecté. qu'a-t-il pu se passer ? - Forum Jeux vidéo
- L'ordinateur de samantha a été infecté par un virus répertorié récemment. son anti-virus ne l'a pas détecté. qu'a-t-il pu se passer ? - Forum Antivirus
- Infecte par un virus - Forum Virus
- Simon - Forum Cinéma / Télé
- L'ordinateur d'arthur a été infecté par un virus répertorié récemment. son anti-virus ne l'a pas détecté. qu'a-t-il pu se passer ? ✓ - Forum Virus
8 réponses
Utilisateur anonyme
31 déc. 2006 à 04:08
31 déc. 2006 à 04:08
Salut
¤ Télécharge SmitfraudFix (enregistre le sur le "bureau")
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
décompresse SmitfraudFix
Lance le fichier SmitfraudFix ou SmitfraudFix.cmd et choisit l option 1 copie le rapport ici stp
¤ Télécharge HijackThis :
--->hijackthis
Installe le dans son propre dossier :
- clic droit sur le bureau, tu choisis "nouveau dossier" puis installe-le à l'intérieur.
Double-clic sur HijackThis , clic sur "do a system scan and save logfile"
Puis copie et colle le rapport ici
¤ Télécharge SmitfraudFix (enregistre le sur le "bureau")
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
décompresse SmitfraudFix
Lance le fichier SmitfraudFix ou SmitfraudFix.cmd et choisit l option 1 copie le rapport ici stp
¤ Télécharge HijackThis :
--->hijackthis
Installe le dans son propre dossier :
- clic droit sur le bureau, tu choisis "nouveau dossier" puis installe-le à l'intérieur.
Double-clic sur HijackThis , clic sur "do a system scan and save logfile"
Puis copie et colle le rapport ici
matooo
Messages postés
10
Date d'inscription
vendredi 15 décembre 2006
Statut
Membre
Dernière intervention
3 janvier 2007
31 déc. 2006 à 12:32
31 déc. 2006 à 12:32
SmitFraudFix v2.132
Rapport fait à 6:30:16,29, 2006-12-31
Executé à partir de C:\Documents and Settings\Francoisc\Bureau\fix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\olnohdw.dll PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Francoisc
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Francoisc\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FRANCO~1\Favoris
C:\DOCUME~1\FRANCO~1\Favoris\Online Security Test.url PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\WinMediaCodec\ PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5f938c17-fbc7-4a3c-8526-85e5b1a1f762}"="astral"
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Logfile of HijackThis v1.99.1
Scan saved at 06:37:16, on 2006-12-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Roland\VSC32\vsc32cnf.exe
C:\Program Files\Roland\VSC32\vscvol.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\XoftSpy\XoftSpy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\Francoisc\Bureau\swcan\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {ACAC9728-54EA-541E-9F12-0BE55C6142C4} - C:\WINDOWS\system32\dlvoch.dll (file missing)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vsc32cnf.exe] C:\Program Files\Roland\VSC32\vsc32cnf.exe
O4 - HKLM\..\Run: [vscvol.exe] C:\Program Files\Roland\VSC32\vscvol.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Ajouter à &Windows Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} (FavImport Class) - https://onedrive.live.com/?id=favorites
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://infolot-cgm.mrnf.gouv.qc.ca/ACGM/acgm.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
merci de ton aide
Rapport fait à 6:30:16,29, 2006-12-31
Executé à partir de C:\Documents and Settings\Francoisc\Bureau\fix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\olnohdw.dll PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Francoisc
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Francoisc\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FRANCO~1\Favoris
C:\DOCUME~1\FRANCO~1\Favoris\Online Security Test.url PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\WinMediaCodec\ PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5f938c17-fbc7-4a3c-8526-85e5b1a1f762}"="astral"
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Logfile of HijackThis v1.99.1
Scan saved at 06:37:16, on 2006-12-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Roland\VSC32\vsc32cnf.exe
C:\Program Files\Roland\VSC32\vscvol.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\XoftSpy\XoftSpy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\Francoisc\Bureau\swcan\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {ACAC9728-54EA-541E-9F12-0BE55C6142C4} - C:\WINDOWS\system32\dlvoch.dll (file missing)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vsc32cnf.exe] C:\Program Files\Roland\VSC32\vsc32cnf.exe
O4 - HKLM\..\Run: [vscvol.exe] C:\Program Files\Roland\VSC32\vscvol.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Ajouter à &Windows Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} (FavImport Class) - https://onedrive.live.com/?id=favorites
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://infolot-cgm.mrnf.gouv.qc.ca/ACGM/acgm.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
merci de ton aide
matooo
Messages postés
10
Date d'inscription
vendredi 15 décembre 2006
Statut
Membre
Dernière intervention
3 janvier 2007
31 déc. 2006 à 12:39
31 déc. 2006 à 12:39
Logfile of HijackThis v1.99.1
Scan saved at 06:37:16, on 2006-12-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Roland\VSC32\vsc32cnf.exe
C:\Program Files\Roland\VSC32\vscvol.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\XoftSpy\XoftSpy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\Francoisc\Bureau\swcan\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {ACAC9728-54EA-541E-9F12-0BE55C6142C4} - C:\WINDOWS\system32\dlvoch.dll (file missing)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vsc32cnf.exe] C:\Program Files\Roland\VSC32\vsc32cnf.exe
O4 - HKLM\..\Run: [vscvol.exe] C:\Program Files\Roland\VSC32\vscvol.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Ajouter à &Windows Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} (FavImport Class) - https://onedrive.live.com/?id=favorites
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://infolot-cgm.mrnf.gouv.qc.ca/ACGM/acgm.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
merci de ton aide!!
Scan saved at 06:37:16, on 2006-12-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Roland\VSC32\vsc32cnf.exe
C:\Program Files\Roland\VSC32\vscvol.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\XoftSpy\XoftSpy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\Francoisc\Bureau\swcan\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {ACAC9728-54EA-541E-9F12-0BE55C6142C4} - C:\WINDOWS\system32\dlvoch.dll (file missing)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vsc32cnf.exe] C:\Program Files\Roland\VSC32\vsc32cnf.exe
O4 - HKLM\..\Run: [vscvol.exe] C:\Program Files\Roland\VSC32\vscvol.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Ajouter à &Windows Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} (FavImport Class) - https://onedrive.live.com/?id=favorites
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://infolot-cgm.mrnf.gouv.qc.ca/ACGM/acgm.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
merci de ton aide!!
matooo
Messages postés
10
Date d'inscription
vendredi 15 décembre 2006
Statut
Membre
Dernière intervention
3 janvier 2007
31 déc. 2006 à 12:45
31 déc. 2006 à 12:45
SmitFraudFix v2.132
Rapport fait à 6:43:17,42, 2006-12-31
Executé à partir de C:\Documents and Settings\Francoisc\Bureau\fix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\olnohdw.dll PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Francoisc
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Francoisc\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FRANCO~1\Favoris
C:\DOCUME~1\FRANCO~1\Favoris\Online Security Test.url PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\WinMediaCodec\ PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5f938c17-fbc7-4a3c-8526-85e5b1a1f762}"="astral"
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Logfile of HijackThis v1.99.1
Scan saved at 06:37:16, on 2006-12-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Roland\VSC32\vsc32cnf.exe
C:\Program Files\Roland\VSC32\vscvol.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\XoftSpy\XoftSpy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\Francoisc\Bureau\swcan\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {ACAC9728-54EA-541E-9F12-0BE55C6142C4} - C:\WINDOWS\system32\dlvoch.dll (file missing)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vsc32cnf.exe] C:\Program Files\Roland\VSC32\vsc32cnf.exe
O4 - HKLM\..\Run: [vscvol.exe] C:\Program Files\Roland\VSC32\vscvol.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Ajouter à &Windows Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} (FavImport Class) - https://onedrive.live.com/?id=favorites
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://infolot-cgm.mrnf.gouv.qc.ca/ACGM/acgm.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
merci de ton aide...
Rapport fait à 6:43:17,42, 2006-12-31
Executé à partir de C:\Documents and Settings\Francoisc\Bureau\fix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\olnohdw.dll PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Francoisc
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Francoisc\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\FRANCO~1\Favoris
C:\DOCUME~1\FRANCO~1\Favoris\Online Security Test.url PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\WinMediaCodec\ PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5f938c17-fbc7-4a3c-8526-85e5b1a1f762}"="astral"
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Logfile of HijackThis v1.99.1
Scan saved at 06:37:16, on 2006-12-31
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\WINDOWS\system32\TDispVol.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Roland\VSC32\vsc32cnf.exe
C:\Program Files\Roland\VSC32\vscvol.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Synaptics\SynTP\Toshiba.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
C:\Program Files\Nikon\NkView6\NkvMon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\XoftSpy\XoftSpy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Documents and Settings\Francoisc\Bureau\swcan\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {ACAC9728-54EA-541E-9F12-0BE55C6142C4} - C:\WINDOWS\system32\dlvoch.dll (file missing)
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SmoothView] C:\Program Files\TOSHIBA\Utilitaire de zoom TOSHIBA\SmoothView.exe
O4 - HKLM\..\Run: [Tvs] C:\Program Files\TOSHIBA\Tvs\TvsTray.exe
O4 - HKLM\..\Run: [THotkey] C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe
O4 - HKLM\..\Run: [TDispVol] TDispVol.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [vsc32cnf.exe] C:\Program Files\Roland\VSC32\vsc32cnf.exe
O4 - HKLM\..\Run: [vscvol.exe] C:\Program Files\Roland\VSC32\vscvol.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: NkvMon.exe.lnk = C:\Program Files\Nikon\NkView6\NkvMon.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Ajouter à &Windows Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} (FavImport Class) - https://onedrive.live.com/?id=favorites
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - http://drivers1.free.fr/telecharger.php?id=2&version=
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F5D98C43-DB16-11CF-8ECA-0000C0FD59C7} (ActiveCGM Control) - http://infolot-cgm.mrnf.gouv.qc.ca/ACGM/acgm.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\Toshiba\TOSHIBA Applet\TAPPSRV.exe
merci de ton aide...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Utilisateur anonyme
31 déc. 2006 à 17:20
31 déc. 2006 à 17:20
Salut
¤ désinstalle ce programme suspect : XoftSpy
¤ Redémarres le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) dès le démarrage et tu choisis le mode sans échec)
- Ouvre le dossier "SmitfraudFix" et double clique sur "Smitfraudfix.cmd", choisit l 'option 2 et tu réponds oui à tout.
Enregistre le rapport puis Copie/colle le rapport sur le forum stp.
¤ Désactive le pare-feu de Windows(SP2) il ne sert à rien puis installe celui ci pour plus de sécurité
Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
--->Kerio
-tutoriel: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
¤ Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clique dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
https://www.bitdefender.com/toolbox/
¤ désinstalle ce programme suspect : XoftSpy
¤ Redémarres le PC en mode sans échec : tu tapotes sur la touche F8 de ton clavier (ou F5 ) dès le démarrage et tu choisis le mode sans échec)
- Ouvre le dossier "SmitfraudFix" et double clique sur "Smitfraudfix.cmd", choisit l 'option 2 et tu réponds oui à tout.
Enregistre le rapport puis Copie/colle le rapport sur le forum stp.
¤ Désactive le pare-feu de Windows(SP2) il ne sert à rien puis installe celui ci pour plus de sécurité
Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
--->Kerio
-tutoriel: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
¤ Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clique dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
https://www.bitdefender.com/toolbox/
matooo
Messages postés
10
Date d'inscription
vendredi 15 décembre 2006
Statut
Membre
Dernière intervention
3 janvier 2007
31 déc. 2006 à 22:38
31 déc. 2006 à 22:38
voila le rapport!! j'éssai de te suivre dans tes conseils pour mieux comprendre tout ca!!! merci!
SmitFraudFix v2.132
Rapport fait à 14:59:22,37, 2006-12-31
Executé à partir de C:\Documents and Settings\Francoisc\Bureau\fix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5f938c17-fbc7-4a3c-8526-85e5b1a1f762}"="astral"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\olnohdw.dll supprimé
C:\Program Files\WinMediaCodec\ supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
voila le rapport du scan
BitDefender Online Scanner
Scan report generated at: Sun, Dec 31, 2006 - 16:21:44
Scan path: C:\;D:\;E:\;
Statistics
Time
01:01:21
Files
466296
Folders
4862
Boot Sectors
4
Archives
9117
Packed Files
35304
Results
Identified Viruses
12
Infected Files
61
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
61
Engines Info
Virus Definitions
363554
Engine build
AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Francoisc\Local Settings\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\Cache\9568A9C6d01
Infected with: Trojan.Downloader.Winfixer.O
C:\Documents and Settings\Francoisc\Local Settings\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\Cache\9568A9C6d01
Disinfection failed
C:\Documents and Settings\Francoisc\Local Settings\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\Cache\9568A9C6d01
Deleted
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine\filCBFE1840.dat=>(gzip)
Infected with: Trojan.Zlob.AM
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine\filCBFE1840.dat=>(gzip)
Disinfection failed
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine\filCBFE1840.dat=>(gzip)
Deleted
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine\filCBFE1840.dat
Update failed
C:\Program Files\VSAdd-in\VSAdd-in.dll
Infected with: Trojan.Agent.ACL
C:\Program Files\VSAdd-in\VSAdd-in.dll
Disinfection failed
C:\Program Files\VSAdd-in\VSAdd-in.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP100\A0013091.exe
Infected with: Trojan.Downloader.Zlob.AEV
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP100\A0013091.exe
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP100\A0013091.exe
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP103\A0013132.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP103\A0013132.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP103\A0013132.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP103\A0013140.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP103\A0013140.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP103\A0013140.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP104\A0013280.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP104\A0013280.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP104\A0013280.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0006
Infected with: Trojan.Downloader.Zlob.AEO
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0006
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0006
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Infected with: Trojan.Zlob.GT
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)
Update failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0006
Infected with: Trojan.Downloader.Zlob.AEQ
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0006
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0006
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Infected with: Trojan.Zlob.GT
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)
Update failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013353.dll
Infected with: Trojan.Klone.H
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013353.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013353.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013646.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013646.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013646.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013680.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013680.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013680.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013688.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013688.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013688.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013711.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013711.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013711.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013720.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013720.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013720.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP112\A0013752.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP112\A0013752.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP112\A0013752.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP112\A0013772.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP112\A0013772.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP112\A0013772.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP113\A0013775.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP113\A0013775.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP113\A0013775.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP114\A0013809.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP114\A0013809.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP114\A0013809.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP114\A0013822.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP114\A0013822.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP114\A0013822.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP115\A0013826.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP115\A0013826.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP115\A0013826.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012876.exe=>(NSIS o)=>zlib_nsis0001
Infected with: Trojan.Downloader.BKK
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012876.exe=>(NSIS o)=>zlib_nsis0001
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012876.exe=>(NSIS o)=>zlib_nsis0001
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012876.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012880.bat
Infected with: Trojan.Zlob.AM
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012880.bat
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012880.bat
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013043.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013043.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013043.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013051.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013051.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013051.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013061.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013061.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013061.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP97\A0013078.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP97\A0013078.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP97\A0013078.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP97\A0013087.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP97\A0013087.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP97\A0013087.dll
Deleted
C:\WINDOWS\system32\cwldrnsr.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\cwldrnsr.exe
Disinfection failed
C:\WINDOWS\system32\cwldrnsr.exe
Deleted
C:\WINDOWS\system32\doejfbns.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\doejfbns.exe
Disinfection failed
C:\WINDOWS\system32\doejfbns.exe
Deleted
C:\WINDOWS\system32\drvceh.dll
Infected with: Trojan.FakeAlert.S
C:\WINDOWS\system32\drvceh.dll
Disinfection failed
C:\WINDOWS\system32\drvceh.dll
Deleted
C:\WINDOWS\system32\dxvkolnj.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\dxvkolnj.exe
Disinfection failed
C:\WINDOWS\system32\dxvkolnj.exe
Deleted
C:\WINDOWS\system32\eabxsfip.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\eabxsfip.exe
Disinfection failed
C:\WINDOWS\system32\eabxsfip.exe
Deleted
C:\WINDOWS\system32\ebdyhlaj.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\ebdyhlaj.exe
Disinfection failed
C:\WINDOWS\system32\ebdyhlaj.exe
Deleted
C:\WINDOWS\system32\epewlqov.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\epewlqov.exe
Disinfection failed
C:\WINDOWS\system32\epewlqov.exe
Deleted
C:\WINDOWS\system32\gqfuamxb.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\gqfuamxb.exe
Disinfection failed
C:\WINDOWS\system32\gqfuamxb.exe
Deleted
C:\WINDOWS\system32\gstufqfl.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\gstufqfl.exe
Disinfection failed
C:\WINDOWS\system32\gstufqfl.exe
Deleted
C:\WINDOWS\system32\gupigvcf.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\gupigvcf.exe
Disinfection failed
C:\WINDOWS\system32\gupigvcf.exe
Deleted
C:\WINDOWS\system32\hjsqvstc.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\hjsqvstc.exe
Disinfection failed
C:\WINDOWS\system32\hjsqvstc.exe
Deleted
C:\WINDOWS\system32\ieetbweo.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\ieetbweo.exe
Disinfection failed
C:\WINDOWS\system32\ieetbweo.exe
Deleted
C:\WINDOWS\system32\kbiqskqc.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\kbiqskqc.exe
Disinfection failed
C:\WINDOWS\system32\kbiqskqc.exe
Deleted
C:\WINDOWS\system32\kcnksahg.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\kcnksahg.exe
Disinfection failed
C:\WINDOWS\system32\kcnksahg.exe
Deleted
C:\WINDOWS\system32\kebudtct.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\kebudtct.exe
Disinfection failed
C:\WINDOWS\system32\kebudtct.exe
Deleted
C:\WINDOWS\system32\kertjkwe.dll
Infected with: Trojan.Juan.A
C:\WINDOWS\system32\kertjkwe.dll
Disinfection failed
C:\WINDOWS\system32\kertjkwe.dll
Deleted
C:\WINDOWS\system32\knrxugiq.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\knrxugiq.exe
Disinfection failed
C:\WINDOWS\system32\knrxugiq.exe
Deleted
C:\WINDOWS\system32\kwkvwubq.dll
Infected with: Trojan.Juan.A
C:\WINDOWS\system32\kwkvwubq.dll
Disinfection failed
C:\WINDOWS\system32\kwkvwubq.dll
Deleted
C:\WINDOWS\system32\mtomtygc.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\mtomtygc.exe
Disinfection failed
C:\WINDOWS\system32\mtomtygc.exe
Deleted
C:\WINDOWS\system32\ngeqblqb.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\ngeqblqb.exe
Disinfection failed
C:\WINDOWS\system32\ngeqblqb.exe
Deleted
C:\WINDOWS\system32\nngrrdwv.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\nngrrdwv.exe
Disinfection failed
C:\WINDOWS\system32\nngrrdwv.exe
Deleted
C:\WINDOWS\system32\obbvxjkn.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\obbvxjkn.exe
Disinfection failed
C:\WINDOWS\system32\obbvxjkn.exe
Deleted
C:\WINDOWS\system32\pllsssmy.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\pllsssmy.exe
Disinfection failed
C:\WINDOWS\system32\pllsssmy.exe
Deleted
C:\WINDOWS\system32\qcbllaxi.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\qcbllaxi.exe
Disinfection failed
C:\WINDOWS\system32\qcbllaxi.exe
Deleted
C:\WINDOWS\system32\sgotlgbf.dll
Infected with: Trojan.Juan.B
C:\WINDOWS\system32\sgotlgbf.dll
Disinfection failed
C:\WINDOWS\system32\sgotlgbf.dll
Deleted
C:\WINDOWS\system32\sxtjbvrr.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\sxtjbvrr.exe
Disinfection failed
C:\WINDOWS\system32\sxtjbvrr.exe
Deleted
C:\WINDOWS\system32\uotcmowg.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\uotcmowg.exe
Disinfection failed
C:\WINDOWS\system32\uotcmowg.exe
Deleted
C:\WINDOWS\system32\wroohjjj.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\wroohjjj.exe
Disinfection failed
C:\WINDOWS\system32\wroohjjj.exe
Deleted
C:\WINDOWS\system32\wtlfvara.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\wtlfvara.exe
Disinfection failed
C:\WINDOWS\system32\wtlfvara.exe
Deleted
C:\WINDOWS\system32\xioycudq.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\xioycudq.exe
Disinfection failed
C:\WINDOWS\system32\xioycudq.exe
Deleted
C:\WINDOWS\system32\yjrkbknj.dll
Infected with: Trojan.Juan.A
C:\WINDOWS\system32\yjrkbknj.dll
Disinfection failed
C:\WINDOWS\system32\yjrkbknj.dll
Deleted
SmitFraudFix v2.132
Rapport fait à 14:59:22,37, 2006-12-31
Executé à partir de C:\Documents and Settings\Francoisc\Bureau\fix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5f938c17-fbc7-4a3c-8526-85e5b1a1f762}"="astral"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\olnohdw.dll supprimé
C:\Program Files\WinMediaCodec\ supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
voila le rapport du scan
BitDefender Online Scanner
Scan report generated at: Sun, Dec 31, 2006 - 16:21:44
Scan path: C:\;D:\;E:\;
Statistics
Time
01:01:21
Files
466296
Folders
4862
Boot Sectors
4
Archives
9117
Packed Files
35304
Results
Identified Viruses
12
Infected Files
61
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
61
Engines Info
Virus Definitions
363554
Engine build
AVCORE v1.0 (build 2371) (i386) (Dec 13 2006 11:16:42)
Scan plugins
14
Archive plugins
38
Unpack plugins
6
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\Documents and Settings\Francoisc\Local Settings\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\Cache\9568A9C6d01
Infected with: Trojan.Downloader.Winfixer.O
C:\Documents and Settings\Francoisc\Local Settings\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\Cache\9568A9C6d01
Disinfection failed
C:\Documents and Settings\Francoisc\Local Settings\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\Cache\9568A9C6d01
Deleted
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine\filCBFE1840.dat=>(gzip)
Infected with: Trojan.Zlob.AM
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine\filCBFE1840.dat=>(gzip)
Disinfection failed
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine\filCBFE1840.dat=>(gzip)
Deleted
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Quarantine\filCBFE1840.dat
Update failed
C:\Program Files\VSAdd-in\VSAdd-in.dll
Infected with: Trojan.Agent.ACL
C:\Program Files\VSAdd-in\VSAdd-in.dll
Disinfection failed
C:\Program Files\VSAdd-in\VSAdd-in.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP100\A0013091.exe
Infected with: Trojan.Downloader.Zlob.AEV
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP100\A0013091.exe
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP100\A0013091.exe
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP103\A0013132.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP103\A0013132.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP103\A0013132.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP103\A0013140.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP103\A0013140.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP103\A0013140.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP104\A0013280.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP104\A0013280.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP104\A0013280.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0006
Infected with: Trojan.Downloader.Zlob.AEO
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0006
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0006
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Infected with: Trojan.Zlob.GT
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013328.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)
Update failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0006
Infected with: Trojan.Downloader.Zlob.AEQ
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0006
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0006
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Infected with: Trojan.Zlob.GT
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)=>lzma_solid_nsis0000
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013329.exe=>(NSIS o)=>lzma_solid_nsis0008=>(NSIS g)
Update failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013353.dll
Infected with: Trojan.Klone.H
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013353.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP108\A0013353.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013646.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013646.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013646.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013680.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013680.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013680.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013688.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013688.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013688.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013711.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013711.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013711.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013720.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013720.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP110\A0013720.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP112\A0013752.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP112\A0013752.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP112\A0013752.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP112\A0013772.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP112\A0013772.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP112\A0013772.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP113\A0013775.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP113\A0013775.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP113\A0013775.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP114\A0013809.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP114\A0013809.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP114\A0013809.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP114\A0013822.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP114\A0013822.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP114\A0013822.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP115\A0013826.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP115\A0013826.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP115\A0013826.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012876.exe=>(NSIS o)=>zlib_nsis0001
Infected with: Trojan.Downloader.BKK
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012876.exe=>(NSIS o)=>zlib_nsis0001
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012876.exe=>(NSIS o)=>zlib_nsis0001
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012876.exe=>(NSIS o)
Update failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012880.bat
Infected with: Trojan.Zlob.AM
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012880.bat
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0012880.bat
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013043.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013043.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013043.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013051.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013051.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013051.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013061.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013061.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP96\A0013061.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP97\A0013078.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP97\A0013078.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP97\A0013078.dll
Deleted
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP97\A0013087.dll
Infected with: Trojan.Agent.ACL
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP97\A0013087.dll
Disinfection failed
C:\System Volume Information\_restore{22191401-F8EB-403E-A525-F6F527A36804}\RP97\A0013087.dll
Deleted
C:\WINDOWS\system32\cwldrnsr.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\cwldrnsr.exe
Disinfection failed
C:\WINDOWS\system32\cwldrnsr.exe
Deleted
C:\WINDOWS\system32\doejfbns.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\doejfbns.exe
Disinfection failed
C:\WINDOWS\system32\doejfbns.exe
Deleted
C:\WINDOWS\system32\drvceh.dll
Infected with: Trojan.FakeAlert.S
C:\WINDOWS\system32\drvceh.dll
Disinfection failed
C:\WINDOWS\system32\drvceh.dll
Deleted
C:\WINDOWS\system32\dxvkolnj.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\dxvkolnj.exe
Disinfection failed
C:\WINDOWS\system32\dxvkolnj.exe
Deleted
C:\WINDOWS\system32\eabxsfip.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\eabxsfip.exe
Disinfection failed
C:\WINDOWS\system32\eabxsfip.exe
Deleted
C:\WINDOWS\system32\ebdyhlaj.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\ebdyhlaj.exe
Disinfection failed
C:\WINDOWS\system32\ebdyhlaj.exe
Deleted
C:\WINDOWS\system32\epewlqov.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\epewlqov.exe
Disinfection failed
C:\WINDOWS\system32\epewlqov.exe
Deleted
C:\WINDOWS\system32\gqfuamxb.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\gqfuamxb.exe
Disinfection failed
C:\WINDOWS\system32\gqfuamxb.exe
Deleted
C:\WINDOWS\system32\gstufqfl.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\gstufqfl.exe
Disinfection failed
C:\WINDOWS\system32\gstufqfl.exe
Deleted
C:\WINDOWS\system32\gupigvcf.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\gupigvcf.exe
Disinfection failed
C:\WINDOWS\system32\gupigvcf.exe
Deleted
C:\WINDOWS\system32\hjsqvstc.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\hjsqvstc.exe
Disinfection failed
C:\WINDOWS\system32\hjsqvstc.exe
Deleted
C:\WINDOWS\system32\ieetbweo.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\ieetbweo.exe
Disinfection failed
C:\WINDOWS\system32\ieetbweo.exe
Deleted
C:\WINDOWS\system32\kbiqskqc.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\kbiqskqc.exe
Disinfection failed
C:\WINDOWS\system32\kbiqskqc.exe
Deleted
C:\WINDOWS\system32\kcnksahg.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\kcnksahg.exe
Disinfection failed
C:\WINDOWS\system32\kcnksahg.exe
Deleted
C:\WINDOWS\system32\kebudtct.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\kebudtct.exe
Disinfection failed
C:\WINDOWS\system32\kebudtct.exe
Deleted
C:\WINDOWS\system32\kertjkwe.dll
Infected with: Trojan.Juan.A
C:\WINDOWS\system32\kertjkwe.dll
Disinfection failed
C:\WINDOWS\system32\kertjkwe.dll
Deleted
C:\WINDOWS\system32\knrxugiq.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\knrxugiq.exe
Disinfection failed
C:\WINDOWS\system32\knrxugiq.exe
Deleted
C:\WINDOWS\system32\kwkvwubq.dll
Infected with: Trojan.Juan.A
C:\WINDOWS\system32\kwkvwubq.dll
Disinfection failed
C:\WINDOWS\system32\kwkvwubq.dll
Deleted
C:\WINDOWS\system32\mtomtygc.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\mtomtygc.exe
Disinfection failed
C:\WINDOWS\system32\mtomtygc.exe
Deleted
C:\WINDOWS\system32\ngeqblqb.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\ngeqblqb.exe
Disinfection failed
C:\WINDOWS\system32\ngeqblqb.exe
Deleted
C:\WINDOWS\system32\nngrrdwv.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\nngrrdwv.exe
Disinfection failed
C:\WINDOWS\system32\nngrrdwv.exe
Deleted
C:\WINDOWS\system32\obbvxjkn.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\obbvxjkn.exe
Disinfection failed
C:\WINDOWS\system32\obbvxjkn.exe
Deleted
C:\WINDOWS\system32\pllsssmy.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\pllsssmy.exe
Disinfection failed
C:\WINDOWS\system32\pllsssmy.exe
Deleted
C:\WINDOWS\system32\qcbllaxi.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\qcbllaxi.exe
Disinfection failed
C:\WINDOWS\system32\qcbllaxi.exe
Deleted
C:\WINDOWS\system32\sgotlgbf.dll
Infected with: Trojan.Juan.B
C:\WINDOWS\system32\sgotlgbf.dll
Disinfection failed
C:\WINDOWS\system32\sgotlgbf.dll
Deleted
C:\WINDOWS\system32\sxtjbvrr.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\sxtjbvrr.exe
Disinfection failed
C:\WINDOWS\system32\sxtjbvrr.exe
Deleted
C:\WINDOWS\system32\uotcmowg.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\uotcmowg.exe
Disinfection failed
C:\WINDOWS\system32\uotcmowg.exe
Deleted
C:\WINDOWS\system32\wroohjjj.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\wroohjjj.exe
Disinfection failed
C:\WINDOWS\system32\wroohjjj.exe
Deleted
C:\WINDOWS\system32\wtlfvara.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\wtlfvara.exe
Disinfection failed
C:\WINDOWS\system32\wtlfvara.exe
Deleted
C:\WINDOWS\system32\xioycudq.exe
Infected with: Trojan.Agent.ACL
C:\WINDOWS\system32\xioycudq.exe
Disinfection failed
C:\WINDOWS\system32\xioycudq.exe
Deleted
C:\WINDOWS\system32\yjrkbknj.dll
Infected with: Trojan.Juan.A
C:\WINDOWS\system32\yjrkbknj.dll
Disinfection failed
C:\WINDOWS\system32\yjrkbknj.dll
Deleted
Utilisateur anonyme
>
matooo
Messages postés
10
Date d'inscription
vendredi 15 décembre 2006
Statut
Membre
Dernière intervention
3 janvier 2007
31 déc. 2006 à 22:53
31 déc. 2006 à 22:53
Très bien !
Tu as quoi comme anti-spywares ?
¤ Télécharge ComboFix
http://download.bleepingcomputer.com/sUBs/combofix.exe
Ferme ton navigateur web avant d'exécuter ce programme
Double-clique dessus et appuye sur "Y" pour continuer
Attends quelques minutes..un rapport va s'ouvrir enregistre son contenu, puis copie et colle le ici stp
Tu as quoi comme anti-spywares ?
¤ Télécharge ComboFix
http://download.bleepingcomputer.com/sUBs/combofix.exe
Ferme ton navigateur web avant d'exécuter ce programme
Double-clique dessus et appuye sur "Y" pour continuer
Attends quelques minutes..un rapport va s'ouvrir enregistre son contenu, puis copie et colle le ici stp
matooo
Messages postés
10
Date d'inscription
vendredi 15 décembre 2006
Statut
Membre
Dernière intervention
3 janvier 2007
>
Utilisateur anonyme
31 déc. 2006 à 23:14
31 déc. 2006 à 23:14
mon antispyware est avg!! si tu as une meilleur alternative??
je viens juste de configure kerio avtes précieux conseil.
et voila le rapport que tu m'a demandé...
merci encore.
Francoisc - 06-12-31 17:04:55,64 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Francoisc\Bureau"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Program Files\Inetget2
C:\WINDOWS\system32\components
C:\Program Files\Fichiers communs\{30D644A8-0724-3084-0810-060729200002}
C:\Program Files\Fichiers communs\{40D644A8-0724-3084-0810-060729200002}
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\QooBox\Purity\WINDOWS\WNSXS~1
C:\QooBox\Purity\WINDOWS\system32\CURITY~1
C:\QooBox\Purity\WINDOWS\WNSXS~1\W?nSxS
((((((((((((((((((((((((((((((( Files Created from 2006-11-31 to 2006-12-31 ))))))))))))))))))))))))))))))))))
2006-12-31 16:43 88,340 --a------ C:\WINDOWS\system32\shqydodp.exe
2006-12-31 16:43 81,684 --a------ C:\WINDOWS\system32\khnqukuc.dll
2006-12-31 15:16 <REP> d-------- C:\Program Files\Sunbelt Software
2006-12-31 15:14 81,684 --a------ C:\WINDOWS\system32\yxhnhejh.dll
2006-12-31 15:10 <REP> d-------- C:\WINDOWS\BDOSCAN8
2006-12-31 14:49 81,684 --a------ C:\WINDOWS\system32\eouwcfjp.dll
2006-12-31 14:48 <REP> d-------- C:\Program Files\VSAdd-in
2006-12-31 06:30 79,360 --a------ C:\WINDOWS\system32\swxcacls.exe
2006-12-31 06:30 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-12-31 06:30 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2006-12-31 06:30 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-12-31 06:30 3,296 --a------ C:\WINDOWS\system32\tmp.reg
2006-12-31 06:30 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-12-31 06:30 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-12-30 21:28 38,422 --------- C:\WINDOWS\system32\drivers\StMp3Rec.sys
2006-12-30 21:28 <REP> d-------- C:\Program Files\Creative
2006-12-30 18:43 81,684 --a------ C:\WINDOWS\system32\chnpronr.dll
2006-12-30 16:41 941,264 ---hs---- C:\WINDOWS\system32\jjllm.bak2
2006-12-29 19:19 81,684 --a------ C:\WINDOWS\system32\mhvcwbab.dll
2006-12-29 17:53 81,684 --a------ C:\WINDOWS\system32\djqfavuc.dll
2006-12-28 20:34 81,684 --a------ C:\WINDOWS\system32\uihsdmtc.dll
2006-12-28 15:05 81,684 --a------ C:\WINDOWS\system32\vhqiphmu.dll
2006-12-28 15:05 44,060 --a------ C:\WINDOWS\system32\thhjayho.dll
2006-12-27 06:17 81,684 --a------ C:\WINDOWS\system32\aeskxchu.dll
2006-12-22 16:39 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2006-12-22 16:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software
2006-12-21 22:10 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-12-21 22:10 <REP> d-------- C:\Program Files\Grisoft
2006-12-17 18:28 <REP> d-------- C:\Program Files\Windows Defender
2006-12-14 22:54 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2006-12-14 22:54 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2006-12-14 22:54 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2006-12-14 22:54 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2006-12-14 22:54 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2006-12-14 22:53 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2006-12-14 22:53 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe
2006-12-14 22:53 <REP> d-------- C:\Program Files\Alwil Software
2006-12-14 22:34 <REP> d-------- C:\WINDOWS\report
2006-12-14 22:33 86,094 --a------ C:\WINDOWS\BPMNT.dll
2006-12-14 22:33 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2006-12-14 22:33 176,709 --a------ C:\WINDOWS\tsc.exe
2006-12-14 22:33 1,101,904 --a------ C:\WINDOWS\vsapi32.dll
2006-12-14 22:33 <REP> d-------- C:\WINDOWS\AU_Backup
2006-12-14 22:29 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2006-12-14 22:29 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2006-12-14 22:29 286,720 --a------ C:\WINDOWS\PATCH.EXE
2006-12-14 22:29 <REP> d-------- C:\WINDOWS\AU_Temp
2006-12-14 22:29 <REP> d-------- C:\WINDOWS\AU_Log
2006-12-14 21:48 <REP> d-------- C:\hijack
2006-12-14 21:32 941,813 ---hs---- C:\WINDOWS\system32\jjllm.ini2
2006-12-14 21:17 976,984 ---hs---- C:\WINDOWS\system32\jjllm.bak1
2006-12-14 21:17 276,532 ---hs---- C:\WINDOWS\system32\mlljj.dll
2006-12-11 17:03 128,744 --a------ C:\WINDOWS\system32\mucltui.dll
2006-12-02 07:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\XemiComputers
2006-12-02 07:04 <REP> d-------- C:\Program Files\XemiComputers
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-31 17:06 -------- d-------- C:\Program Files\Fichiers communs
2006-12-30 21:27 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-30 19:10 -------- d-------- C:\Program Files\Mozilla Thunderbird
2006-12-22 20:01 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-22 19:56 -------- d-------- C:\Program Files\Windows Media Bonus Pack for Windows XP
2006-12-22 19:51 -------- d-------- C:\Program Files\BitTorrent
2006-12-14 21:17 -------- d-------- C:\Program Files\KaraFun
2006-12-13 22:09 -------- d-------- C:\Program Files\Outlook Express
2006-12-13 22:09 -------- d-------- C:\Program Files\Fichiers communs\System
2006-12-09 12:33 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared
2006-11-29 07:58 -------- d-------- C:\Program Files\Windows Media Player
2006-11-29 07:55 -------- d-------- C:\Program Files\Windows Media Connect 2
2006-11-27 06:02 -------- d-------- C:\Program Files\Internet Explorer
2006-11-19 23:04 -------- d-------- C:\Program Files\AviSynth 2.5
2006-11-19 23:03 -------- d-------- C:\Documents and Settings\Francoisc\Application Data\MoyeaFLV2Video
2006-11-19 23:02 -------- d-------- C:\Program Files\eRightSoft
2006-11-19 22:36 -------- d-------- C:\Program Files\Moyea
2006-11-16 09:05 -------- d-------- C:\Program Files\MSXML 4.0
2006-11-08 17:55 -------- d-------- C:\Program Files\vanBasco's Karaoke Player
2006-11-08 00:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-11-05 16:54 365132 --a------ C:\WINDOWS\7-7c15eb3352bcc3049d7e9e974ad283bf.exe
2006-11-05 16:54 344 --a------ C:\Documents and Settings\Francoisc\Application Data\internaldb1942.dat
2006-11-05 16:54 23 --a------ C:\Documents and Settings\Francoisc\Application Data\inifile41.ini
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-03 22:11 -------- d-------- C:\Program Files\Save Flash
2006-11-03 10:03 8292352 --a------ C:\WINDOWS\system32\wmploc.dll
2006-11-03 09:59 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-11-03 09:58 272384 --a------ C:\WINDOWS\system32\wmerror.dll
2006-11-03 09:56 7680 --a------ C:\WINDOWS\system32\asferror.dll
2006-11-02 11:52 44032 --------- C:\WINDOWS\system32\wpdshextres.dll
2006-10-19 20:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-10-18 21:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll
2006-10-18 21:47 767488 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 21:47 757248 --a------ C:\WINDOWS\system32\wmadmod.dll
2006-10-18 21:47 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 21:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-10-18 21:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47 535040 --------- C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-10-18 21:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47 317440 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 21:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47 284160 --a------ C:\WINDOWS\system32\portabledeviceapi.dll
2006-10-18 21:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47 2603008 --------- C:\WINDOWS\system32\WpdShext.dll
2006-10-18 21:47 259072 --a------ C:\WINDOWS\system32\mpg4decd.dll
2006-10-18 21:47 259072 --a------ C:\WINDOWS\system32\mp43decd.dll
2006-10-18 21:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2006-10-18 21:47 212992 --a------ C:\WINDOWS\system32\mfplat.dll
2006-10-18 21:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47 199168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 21:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47 166912 --a------ C:\WINDOWS\system32\portabledevicetypes.dll
2006-10-18 21:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47 1574912 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 21:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47 1543680 --a------ C:\WINDOWS\system32\wmvdecod.dll
2006-10-18 21:47 1382912 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:47 133632 --a------ C:\WINDOWS\system32\wpdshserviceobj.dll
2006-10-18 21:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-10-18 21:47 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 21:47 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-10-18 21:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-10-18 21:47 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 20:03 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00 249856 --------- C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-13 07:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-09 12:39 364544 --a------ C:\WINDOWS\system32\igxpun.exe
2006-10-06 14:19 200704 --a------ C:\WINDOWS\system32\igfxCoIn_v4704.dll
2006-10-06 13:24 2262528 --a------ C:\WINDOWS\system32\igxpdx32.dll
2006-10-06 13:23 53248 --a------ C:\WINDOWS\system32\igxprd32.dll
2006-10-06 13:23 146432 --a------ C:\WINDOWS\system32\igxpgd32.dll
2006-10-06 13:22 1442848 --a------ C:\WINDOWS\system32\igxpdv32.dll
2006-10-06 11:53 454656 --a------ C:\WINDOWS\system32\igldev32.dll
2006-10-06 11:51 2363392 --a------ C:\WINDOWS\system32\iglicd32.dll
2006-10-06 11:13 450560 --a------ C:\WINDOWS\system32\igfxcfg.exe
2006-10-06 11:13 23552 --a------ C:\WINDOWS\system32\igfxexps.dll
2006-10-06 11:13 167936 --a------ C:\WINDOWS\system32\igfxres.dll
2006-10-06 11:13 122880 --a------ C:\WINDOWS\system32\igfxext.exe
2006-10-06 11:13 114688 --a------ C:\WINDOWS\system32\hkcmd.exe
2006-10-06 11:11 98304 --a------ C:\WINDOWS\system32\igfxtray.exe
2006-10-06 11:10 98304 --a------ C:\WINDOWS\system32\igfxdo.dll
2006-10-06 11:10 94208 --a------ C:\WINDOWS\system32\igfxpers.exe
2006-10-06 11:10 3276800 --a------ C:\WINDOWS\system32\igfxress.dll
2006-10-06 11:10 106496 --a------ C:\WINDOWS\system32\igfxzoom.exe
2006-10-06 11:09 81920 --a------ C:\WINDOWS\system32\hccutils.dll
2006-10-06 11:09 44032 --a------ C:\WINDOWS\system32\igfxsrvc.dll
2006-10-06 11:09 192512 --a------ C:\WINDOWS\system32\igfxsrvc.exe
2006-10-06 11:09 163840 --a------ C:\WINDOWS\system32\igfxpph.dll
2006-10-06 11:09 155648 --a------ C:\WINDOWS\system32\igfxdev.dll
2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\msdelta.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Active Desktop Calendar"="C:\\Program Files\\XemiComputers\\Active Desktop Calendar\\ADC.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"AGRSMMSG"="AGRSMMSG.exe"
"NDSTray.exe"="NDSTray.exe"
"SmoothView"="C:\\Program Files\\TOSHIBA\\Utilitaire de zoom TOSHIBA\\SmoothView.exe"
"Tvs"="C:\\Program Files\\TOSHIBA\\Tvs\\TvsTray.exe"
"THotkey"="C:\\Program Files\\Toshiba\\Toshiba Applet\\thotkey.exe"
"TFncKy"="TFncKy.exe"
"TDispVol"="TDispVol.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"vsc32cnf.exe"="C:\\Program Files\\Roland\\VSC32\\vsc32cnf.exe"
"vscvol.exe"="C:\\Program Files\\Roland\\VSC32\\vscvol.exe"
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"Persistence"="C:\\WINDOWS\\system32\\igfxpers.exe"
"IntelZeroConfig"="\"C:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe\""
"IntelWireless"="\"C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless"
"RTHDCPL"="RTHDCPL.EXE"
"SkyTel"="SkyTel.EXE"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000004
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"ForceClassicControlPanel"=dword:00000001
"NoSMBalloonTip"=dword:00000000
"NoCDBurning"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"NoInternetOpenWith"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mlljj
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winrkp32
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\XoftSpy.job
Completion time: 06-12-31 17:09:13.89
C:\ComboFix.txt ... 06-12-31 17:09
je viens juste de configure kerio avtes précieux conseil.
et voila le rapport que tu m'a demandé...
merci encore.
Francoisc - 06-12-31 17:04:55,64 Service Pack 2
ComboFix 06.11.27 - Running from: "C:\Documents and Settings\Francoisc\Bureau"
(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Program Files\Inetget2
C:\WINDOWS\system32\components
C:\Program Files\Fichiers communs\{30D644A8-0724-3084-0810-060729200002}
C:\Program Files\Fichiers communs\{40D644A8-0724-3084-0810-060729200002}
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ Purity ~ ~ ~ ~ ~ ~ ~ ~~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
Folders Quarantined:
C:\QooBox\Purity\WINDOWS\WNSXS~1
C:\QooBox\Purity\WINDOWS\system32\CURITY~1
C:\QooBox\Purity\WINDOWS\WNSXS~1\W?nSxS
((((((((((((((((((((((((((((((( Files Created from 2006-11-31 to 2006-12-31 ))))))))))))))))))))))))))))))))))
2006-12-31 16:43 88,340 --a------ C:\WINDOWS\system32\shqydodp.exe
2006-12-31 16:43 81,684 --a------ C:\WINDOWS\system32\khnqukuc.dll
2006-12-31 15:16 <REP> d-------- C:\Program Files\Sunbelt Software
2006-12-31 15:14 81,684 --a------ C:\WINDOWS\system32\yxhnhejh.dll
2006-12-31 15:10 <REP> d-------- C:\WINDOWS\BDOSCAN8
2006-12-31 14:49 81,684 --a------ C:\WINDOWS\system32\eouwcfjp.dll
2006-12-31 14:48 <REP> d-------- C:\Program Files\VSAdd-in
2006-12-31 06:30 79,360 --a------ C:\WINDOWS\system32\swxcacls.exe
2006-12-31 06:30 53,248 --a------ C:\WINDOWS\system32\Process.exe
2006-12-31 06:30 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2006-12-31 06:30 40,960 --a------ C:\WINDOWS\system32\swsc.exe
2006-12-31 06:30 3,296 --a------ C:\WINDOWS\system32\tmp.reg
2006-12-31 06:30 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2006-12-31 06:30 135,168 --a------ C:\WINDOWS\system32\swreg.exe
2006-12-30 21:28 38,422 --------- C:\WINDOWS\system32\drivers\StMp3Rec.sys
2006-12-30 21:28 <REP> d-------- C:\Program Files\Creative
2006-12-30 18:43 81,684 --a------ C:\WINDOWS\system32\chnpronr.dll
2006-12-30 16:41 941,264 ---hs---- C:\WINDOWS\system32\jjllm.bak2
2006-12-29 19:19 81,684 --a------ C:\WINDOWS\system32\mhvcwbab.dll
2006-12-29 17:53 81,684 --a------ C:\WINDOWS\system32\djqfavuc.dll
2006-12-28 20:34 81,684 --a------ C:\WINDOWS\system32\uihsdmtc.dll
2006-12-28 15:05 81,684 --a------ C:\WINDOWS\system32\vhqiphmu.dll
2006-12-28 15:05 44,060 --a------ C:\WINDOWS\system32\thhjayho.dll
2006-12-27 06:17 81,684 --a------ C:\WINDOWS\system32\aeskxchu.dll
2006-12-22 16:39 25,600 --a------ C:\WINDOWS\system32\drivers\usbser.sys
2006-12-22 16:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\BVRP Software
2006-12-21 22:10 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-12-21 22:10 <REP> d-------- C:\Program Files\Grisoft
2006-12-17 18:28 <REP> d-------- C:\Program Files\Windows Defender
2006-12-14 22:54 87,424 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2006-12-14 22:54 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2006-12-14 22:54 36,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2006-12-14 22:54 24,560 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2006-12-14 22:54 16,352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2006-12-14 22:53 90,112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2006-12-14 22:53 666,240 --a------ C:\WINDOWS\system32\aswBoot.exe
2006-12-14 22:53 <REP> d-------- C:\Program Files\Alwil Software
2006-12-14 22:34 <REP> d-------- C:\WINDOWS\report
2006-12-14 22:33 86,094 --a------ C:\WINDOWS\BPMNT.dll
2006-12-14 22:33 71,749 --a------ C:\WINDOWS\hcextoutput.dll
2006-12-14 22:33 176,709 --a------ C:\WINDOWS\tsc.exe
2006-12-14 22:33 1,101,904 --a------ C:\WINDOWS\vsapi32.dll
2006-12-14 22:33 <REP> d-------- C:\WINDOWS\AU_Backup
2006-12-14 22:29 69,689 --a------ C:\WINDOWS\UNZIP.DLL
2006-12-14 22:29 507,904 --a------ C:\WINDOWS\TMUPDATE.DLL
2006-12-14 22:29 286,720 --a------ C:\WINDOWS\PATCH.EXE
2006-12-14 22:29 <REP> d-------- C:\WINDOWS\AU_Temp
2006-12-14 22:29 <REP> d-------- C:\WINDOWS\AU_Log
2006-12-14 21:48 <REP> d-------- C:\hijack
2006-12-14 21:32 941,813 ---hs---- C:\WINDOWS\system32\jjllm.ini2
2006-12-14 21:17 976,984 ---hs---- C:\WINDOWS\system32\jjllm.bak1
2006-12-14 21:17 276,532 ---hs---- C:\WINDOWS\system32\mlljj.dll
2006-12-11 17:03 128,744 --a------ C:\WINDOWS\system32\mucltui.dll
2006-12-02 07:05 <REP> d-------- C:\Documents and Settings\All Users\Application Data\XemiComputers
2006-12-02 07:04 <REP> d-------- C:\Program Files\XemiComputers
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-31 17:06 -------- d-------- C:\Program Files\Fichiers communs
2006-12-30 21:27 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-30 19:10 -------- d-------- C:\Program Files\Mozilla Thunderbird
2006-12-22 20:01 -------- d-------- C:\Program Files\Mozilla Firefox
2006-12-22 19:56 -------- d-------- C:\Program Files\Windows Media Bonus Pack for Windows XP
2006-12-22 19:51 -------- d-------- C:\Program Files\BitTorrent
2006-12-14 21:17 -------- d-------- C:\Program Files\KaraFun
2006-12-13 22:09 -------- d-------- C:\Program Files\Outlook Express
2006-12-13 22:09 -------- d-------- C:\Program Files\Fichiers communs\System
2006-12-09 12:33 -------- d-------- C:\Program Files\Fichiers communs\Microsoft Shared
2006-11-29 07:58 -------- d-------- C:\Program Files\Windows Media Player
2006-11-29 07:55 -------- d-------- C:\Program Files\Windows Media Connect 2
2006-11-27 06:02 -------- d-------- C:\Program Files\Internet Explorer
2006-11-19 23:04 -------- d-------- C:\Program Files\AviSynth 2.5
2006-11-19 23:03 -------- d-------- C:\Documents and Settings\Francoisc\Application Data\MoyeaFLV2Video
2006-11-19 23:02 -------- d-------- C:\Program Files\eRightSoft
2006-11-19 22:36 -------- d-------- C:\Program Files\Moyea
2006-11-16 09:05 -------- d-------- C:\Program Files\MSXML 4.0
2006-11-08 17:55 -------- d-------- C:\Program Files\vanBasco's Karaoke Player
2006-11-08 00:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2006-11-05 16:54 365132 --a------ C:\WINDOWS\7-7c15eb3352bcc3049d7e9e974ad283bf.exe
2006-11-05 16:54 344 --a------ C:\Documents and Settings\Francoisc\Application Data\internaldb1942.dat
2006-11-05 16:54 23 --a------ C:\Documents and Settings\Francoisc\Application Data\inifile41.ini
2006-11-04 14:14 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-11-03 22:11 -------- d-------- C:\Program Files\Save Flash
2006-11-03 10:03 8292352 --a------ C:\WINDOWS\system32\wmploc.dll
2006-11-03 09:59 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2006-11-03 09:58 272384 --a------ C:\WINDOWS\system32\wmerror.dll
2006-11-03 09:56 7680 --a------ C:\WINDOWS\system32\asferror.dll
2006-11-02 11:52 44032 --------- C:\WINDOWS\system32\wpdshextres.dll
2006-10-19 20:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2006-10-18 21:58 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2006-10-18 21:47 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2006-10-18 21:47 937984 --a------ C:\WINDOWS\system32\WMNetMgr.dll
2006-10-18 21:47 767488 --------- C:\WINDOWS\system32\WMVSENCD.dll
2006-10-18 21:47 757248 --a------ C:\WINDOWS\system32\wmadmod.dll
2006-10-18 21:47 656896 --------- C:\WINDOWS\system32\WMVXENCD.dll
2006-10-18 21:47 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2006-10-18 21:47 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2006-10-18 21:47 613376 --------- C:\WINDOWS\system32\wmpmde.dll
2006-10-18 21:47 603648 --a------ C:\WINDOWS\system32\WMSPDMOD.dll
2006-10-18 21:47 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2006-10-18 21:47 535040 --------- C:\WINDOWS\system32\wmdrmsdk.dll
2006-10-18 21:47 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2006-10-18 21:47 414208 --a------ C:\WINDOWS\system32\msscp.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVE.DLL
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\WMVADVD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MPG4DMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP4SDMOD.dll
2006-10-18 21:47 4096 --a------ C:\WINDOWS\system32\MP43DMOD.dll
2006-10-18 21:47 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2006-10-18 21:47 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2006-10-18 21:47 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2006-10-18 21:47 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2006-10-18 21:47 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2006-10-18 21:47 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2006-10-18 21:47 317440 --------- C:\WINDOWS\system32\MP4SDECD.dll
2006-10-18 21:47 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2006-10-18 21:47 295936 --------- C:\WINDOWS\system32\wmpeffects.dll
2006-10-18 21:47 284160 --a------ C:\WINDOWS\system32\portabledeviceapi.dll
2006-10-18 21:47 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2006-10-18 21:47 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2006-10-18 21:47 2603008 --------- C:\WINDOWS\system32\WpdShext.dll
2006-10-18 21:47 259072 --a------ C:\WINDOWS\system32\mpg4decd.dll
2006-10-18 21:47 259072 --a------ C:\WINDOWS\system32\mp43decd.dll
2006-10-18 21:47 2450944 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-10-18 21:47 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2006-10-18 21:47 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2006-10-18 21:47 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2006-10-18 21:47 212992 --a------ C:\WINDOWS\system32\mfplat.dll
2006-10-18 21:47 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2006-10-18 21:47 199168 --------- C:\WINDOWS\system32\PortableDeviceWMDRM.dll
2006-10-18 21:47 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2006-10-18 21:47 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2006-10-18 21:47 166912 --a------ C:\WINDOWS\system32\portabledevicetypes.dll
2006-10-18 21:47 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2006-10-18 21:47 1574912 --------- C:\WINDOWS\system32\WMVENCOD.dll
2006-10-18 21:47 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2006-10-18 21:47 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2006-10-18 21:47 1543680 --a------ C:\WINDOWS\system32\wmvdecod.dll
2006-10-18 21:47 1382912 --------- C:\WINDOWS\system32\WMVSDECD.dll
2006-10-18 21:47 133632 --a------ C:\WINDOWS\system32\wpdshserviceobj.dll
2006-10-18 21:47 1329152 --a------ C:\WINDOWS\system32\WMSPDMOE.dll
2006-10-18 21:47 132096 --------- C:\WINDOWS\system32\PortableDeviceWiaCompat.dll
2006-10-18 21:47 130048 --------- C:\WINDOWS\system32\wmpps.dll
2006-10-18 21:47 11264 --a------ C:\WINDOWS\system32\LAPRXY.dll
2006-10-18 21:47 1117696 --a------ C:\WINDOWS\system32\WMADMOE.dll
2006-10-18 21:47 101888 --------- C:\WINDOWS\system32\PortableDeviceClassExtension.dll
2006-10-18 20:03 100864 --a------ C:\WINDOWS\system32\logagent.exe
2006-10-18 20:00 249856 --------- C:\WINDOWS\system32\drmupgds.exe
2006-10-18 20:00 17408 --------- C:\WINDOWS\system32\wpdshextautoplay.exe
2006-10-17 12:06 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2006-10-17 12:05 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2006-10-17 12:05 206336 --------- C:\WINDOWS\system32\WinFXDocObj.exe
2006-10-17 12:05 105984 --a------ C:\WINDOWS\system32\url.dll
2006-10-17 12:04 101376 --a------ C:\WINDOWS\system32\occache.dll
2006-10-17 12:03 17408 --a------ C:\WINDOWS\system32\corpol.dll
2006-10-17 11:58 61952 --------- C:\WINDOWS\system32\icardie.dll
2006-10-17 11:58 12288 --------- C:\WINDOWS\system32\msfeedssync.exe
2006-10-17 11:57 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2006-10-17 11:57 266752 --------- C:\WINDOWS\system32\iertutil.dll
2006-10-17 11:56 45568 --a------ C:\WINDOWS\system32\mshta.exe
2006-10-17 11:28 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2006-10-17 11:27 380928 --------- C:\WINDOWS\system32\ieapfltr.dll
2006-10-13 07:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-09 12:39 364544 --a------ C:\WINDOWS\system32\igxpun.exe
2006-10-06 14:19 200704 --a------ C:\WINDOWS\system32\igfxCoIn_v4704.dll
2006-10-06 13:24 2262528 --a------ C:\WINDOWS\system32\igxpdx32.dll
2006-10-06 13:23 53248 --a------ C:\WINDOWS\system32\igxprd32.dll
2006-10-06 13:23 146432 --a------ C:\WINDOWS\system32\igxpgd32.dll
2006-10-06 13:22 1442848 --a------ C:\WINDOWS\system32\igxpdv32.dll
2006-10-06 11:53 454656 --a------ C:\WINDOWS\system32\igldev32.dll
2006-10-06 11:51 2363392 --a------ C:\WINDOWS\system32\iglicd32.dll
2006-10-06 11:13 450560 --a------ C:\WINDOWS\system32\igfxcfg.exe
2006-10-06 11:13 23552 --a------ C:\WINDOWS\system32\igfxexps.dll
2006-10-06 11:13 167936 --a------ C:\WINDOWS\system32\igfxres.dll
2006-10-06 11:13 122880 --a------ C:\WINDOWS\system32\igfxext.exe
2006-10-06 11:13 114688 --a------ C:\WINDOWS\system32\hkcmd.exe
2006-10-06 11:11 98304 --a------ C:\WINDOWS\system32\igfxtray.exe
2006-10-06 11:10 98304 --a------ C:\WINDOWS\system32\igfxdo.dll
2006-10-06 11:10 94208 --a------ C:\WINDOWS\system32\igfxpers.exe
2006-10-06 11:10 3276800 --a------ C:\WINDOWS\system32\igfxress.dll
2006-10-06 11:10 106496 --a------ C:\WINDOWS\system32\igfxzoom.exe
2006-10-06 11:09 81920 --a------ C:\WINDOWS\system32\hccutils.dll
2006-10-06 11:09 44032 --a------ C:\WINDOWS\system32\igfxsrvc.dll
2006-10-06 11:09 192512 --a------ C:\WINDOWS\system32\igfxsrvc.exe
2006-10-06 11:09 163840 --a------ C:\WINDOWS\system32\igfxpph.dll
2006-10-06 11:09 155648 --a------ C:\WINDOWS\system32\igfxdev.dll
2006-10-02 15:28 312128 --------- C:\WINDOWS\system32\msdelta.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"Active Desktop Calendar"="C:\\Program Files\\XemiComputers\\Active Desktop Calendar\\ADC.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"AGRSMMSG"="AGRSMMSG.exe"
"NDSTray.exe"="NDSTray.exe"
"SmoothView"="C:\\Program Files\\TOSHIBA\\Utilitaire de zoom TOSHIBA\\SmoothView.exe"
"Tvs"="C:\\Program Files\\TOSHIBA\\Tvs\\TvsTray.exe"
"THotkey"="C:\\Program Files\\Toshiba\\Toshiba Applet\\thotkey.exe"
"TFncKy"="TFncKy.exe"
"TDispVol"="TDispVol.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"vsc32cnf.exe"="C:\\Program Files\\Roland\\VSC32\\vsc32cnf.exe"
"vscvol.exe"="C:\\Program Files\\Roland\\VSC32\\vscvol.exe"
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"Persistence"="C:\\WINDOWS\\system32\\igfxpers.exe"
"IntelZeroConfig"="\"C:\\Program Files\\Intel\\Wireless\\bin\\ZCfgSvc.exe\""
"IntelWireless"="\"C:\\Program Files\\Intel\\Wireless\\Bin\\ifrmewrk.exe\" /tf Intel PROSet/Wireless"
"RTHDCPL"="RTHDCPL.EXE"
"SkyTel"="SkyTel.EXE"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=dword:40000004
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"ForceClassicControlPanel"=dword:00000001
"NoSMBalloonTip"=dword:00000000
"NoCDBurning"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
"NoInternetOpenWith"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\mlljj
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winrkp32
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\MP Scheduled Scan.job
C:\WINDOWS\tasks\XoftSpy.job
Completion time: 06-12-31 17:09:13.89
C:\ComboFix.txt ... 06-12-31 17:09
matooo
Messages postés
10
Date d'inscription
vendredi 15 décembre 2006
Statut
Membre
Dernière intervention
3 janvier 2007
31 déc. 2006 à 21:07
31 déc. 2006 à 21:07
voila le rapport!! j'éssai de te suivre dans tes conseils pour mieux comprendre tout ca!!! merci!
SmitFraudFix v2.132
Rapport fait à 14:59:22,37, 2006-12-31
Executé à partir de C:\Documents and Settings\Francoisc\Bureau\fix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5f938c17-fbc7-4a3c-8526-85e5b1a1f762}"="astral"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\olnohdw.dll supprimé
C:\Program Files\WinMediaCodec\ supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
SmitFraudFix v2.132
Rapport fait à 14:59:22,37, 2006-12-31
Executé à partir de C:\Documents and Settings\Francoisc\Bureau\fix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Le type du système de fichiers est NTFS
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5f938c17-fbc7-4a3c-8526-85e5b1a1f762}"="astral"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\olnohdw.dll supprimé
C:\Program Files\WinMediaCodec\ supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Utilisateur anonyme
1 janv. 2007 à 01:05
1 janv. 2007 à 01:05
Oula, y'en a encore des bestioles !
Voici des anti-spywares vu l'etat du PC installe les tous si possible et supprime tout ce qu'ils pourraient te trouver
SpyBot-Search & Destroy: (gratuit en Français)
--->Spybot
Si tu as besoin d'aide avec Sybot regarde ce tutoriel:
http://www.tutoriaux-excalibur.com/spybot.htm
A² squared: (gratuit en Français)(fait un scan rusé et colle le rapport ici stp)
--->A-squared
Si tu as besoin d'aide avec A-squared regarde ce tutoriel:
https://www.pcparadise.fr
Ad-Aware SE Personal: (en Anglais disponible en Français, gratuit)
--->Ad-aware
Si tu as besoin d'aide pour ad-Aware regarde ce tutoriel:
https://forums.cnetfrance.fr
A++
Voici des anti-spywares vu l'etat du PC installe les tous si possible et supprime tout ce qu'ils pourraient te trouver
SpyBot-Search & Destroy: (gratuit en Français)
--->Spybot
Si tu as besoin d'aide avec Sybot regarde ce tutoriel:
http://www.tutoriaux-excalibur.com/spybot.htm
A² squared: (gratuit en Français)(fait un scan rusé et colle le rapport ici stp)
--->A-squared
Si tu as besoin d'aide avec A-squared regarde ce tutoriel:
https://www.pcparadise.fr
Ad-Aware SE Personal: (en Anglais disponible en Français, gratuit)
--->Ad-aware
Si tu as besoin d'aide pour ad-Aware regarde ce tutoriel:
https://forums.cnetfrance.fr
A++
matooo
Messages postés
10
Date d'inscription
vendredi 15 décembre 2006
Statut
Membre
Dernière intervention
3 janvier 2007
2 janv. 2007 à 04:48
2 janv. 2007 à 04:48
bien merci encore!! je me rend compte en faisant tout ses opérations qu'il semble y avoir bien de la merde dans mon systeme!!!
voila le rapport que tu m'a demandé...
Version - a-squared Free 2.1
Réglages Scan:
Objets: Mémoire, Traces, Cookies, C:\WINDOWS\, C:\Program Files
Scan archives: Marche
Heuristiques: Marche
Scan ADS: Marche
Début du scan: 2007-01-01 20:24:18
C:\Documents and Settings\Francoisc\Cookies\francoisc@agentsolo[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@bizrate[2].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@com[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@counter.surfcounters[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@dealtime[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@indextools[2].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@link[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@mediaplex[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@netster[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@sexyamateurclips[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@sympatico.msn.pagesjaunes[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@www.buysell[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\cookies.txt:624 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\cookies.txt:642 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\cookies.txt:700 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\cookies.txt:701 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\cookies.txt:702 Détecter: Trace.TrackingCookie
C:\WINDOWS\system32\Process.exe Détecter: Riskware.RiskTool.Win32.Processor.20
Scanné
Fichiers: 36188
Traces: 87847
Cookies: 1191
Processus: 48
Trouver
Fichiers: 1
Traces: 0
Cookies: 17
Processus: 0
Clés de Registre: 0
Fin du Scan: 2007-01-01 20:38:43
Temps du Scan: 00:14:25
voila le rapport que tu m'a demandé...
Version - a-squared Free 2.1
Réglages Scan:
Objets: Mémoire, Traces, Cookies, C:\WINDOWS\, C:\Program Files
Scan archives: Marche
Heuristiques: Marche
Scan ADS: Marche
Début du scan: 2007-01-01 20:24:18
C:\Documents and Settings\Francoisc\Cookies\francoisc@agentsolo[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@bizrate[2].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@com[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@counter.surfcounters[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@dealtime[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@indextools[2].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@link[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@mediaplex[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@netster[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@sexyamateurclips[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@sympatico.msn.pagesjaunes[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Cookies\francoisc@www.buysell[1].txt Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\cookies.txt:624 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\cookies.txt:642 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\cookies.txt:700 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\cookies.txt:701 Détecter: Trace.TrackingCookie
C:\Documents and Settings\Francoisc\Application Data\Mozilla\Firefox\Profiles\oj8lga1m.default\cookies.txt:702 Détecter: Trace.TrackingCookie
C:\WINDOWS\system32\Process.exe Détecter: Riskware.RiskTool.Win32.Processor.20
Scanné
Fichiers: 36188
Traces: 87847
Cookies: 1191
Processus: 48
Trouver
Fichiers: 1
Traces: 0
Cookies: 17
Processus: 0
Clés de Registre: 0
Fin du Scan: 2007-01-01 20:38:43
Temps du Scan: 00:14:25
Utilisateur anonyme
2 janv. 2007 à 05:05
2 janv. 2007 à 05:05
Salut
Maintenant, clic sur démarrer ,rechercher, cherche et supprime ces fichiers si présents :
C:\WINDOWS\system32\shqydodp.exe
C:\WINDOWS\system32\khnqukuc.dll
C:\WINDOWS\system32\yxhnhejh.dll
C:\WINDOWS\system32\eouwcfjp.dll
C:\WINDOWS\system32\swxcacls.exe
C:\WINDOWS\system32\chnpronr.dll
C:\WINDOWS\system32\jjllm.bak2
C:\WINDOWS\system32\mhvcwbab.dll
C:\WINDOWS\system32\djqfavuc.dll
C:\WINDOWS\system32\uihsdmtc.dll
C:\WINDOWS\system32\vhqiphmu.dll
C:\WINDOWS\system32\thhjayho.dll
C:\WINDOWS\system32\aeskxchu.dll
C:\WINDOWS\system32\jjllm.ini2
C:\WINDOWS\system32\jjllm.bak1
C:\WINDOWS\system32\mlljj.dll
Clic sur démarrer, poste de travail, C:, program files et supprime :
- VSAdd-in
**Si un fichier persiste lors de la suppression fait ceci:
-Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisit "mode sans echec" attends un peu.. puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement
Dès que c'est fait, dis le :-)
Maintenant, clic sur démarrer ,rechercher, cherche et supprime ces fichiers si présents :
C:\WINDOWS\system32\shqydodp.exe
C:\WINDOWS\system32\khnqukuc.dll
C:\WINDOWS\system32\yxhnhejh.dll
C:\WINDOWS\system32\eouwcfjp.dll
C:\WINDOWS\system32\swxcacls.exe
C:\WINDOWS\system32\chnpronr.dll
C:\WINDOWS\system32\jjllm.bak2
C:\WINDOWS\system32\mhvcwbab.dll
C:\WINDOWS\system32\djqfavuc.dll
C:\WINDOWS\system32\uihsdmtc.dll
C:\WINDOWS\system32\vhqiphmu.dll
C:\WINDOWS\system32\thhjayho.dll
C:\WINDOWS\system32\aeskxchu.dll
C:\WINDOWS\system32\jjllm.ini2
C:\WINDOWS\system32\jjllm.bak1
C:\WINDOWS\system32\mlljj.dll
Clic sur démarrer, poste de travail, C:, program files et supprime :
- VSAdd-in
**Si un fichier persiste lors de la suppression fait ceci:
-Redémarre ton PC. Dès l'allumage de celui-ci tapote la touche F8 (ou F5 si F8 ne fonctionne pas), à l'écran qui va apparaître choisit "mode sans echec" attends un peu.. puis va supprimer les fichiers/dossiers, vide ta corbeille et redémarre ton PC normalement
Dès que c'est fait, dis le :-)
matooo
Messages postés
10
Date d'inscription
vendredi 15 décembre 2006
Statut
Membre
Dernière intervention
3 janvier 2007
2 janv. 2007 à 12:43
2 janv. 2007 à 12:43
j'ai fait l'opération demandé...
matooo
Messages postés
10
Date d'inscription
vendredi 15 décembre 2006
Statut
Membre
Dernière intervention
3 janvier 2007
3 janv. 2007 à 01:37
3 janv. 2007 à 01:37
en principe mon probleme devrais etre reglé??
j'ai pas tout suivi tes interventions mais j'ai quand meme appris beaucoup et t'en remercie beaucoup!!!
j'ai pas tout suivi tes interventions mais j'ai quand meme appris beaucoup et t'en remercie beaucoup!!!
matooo
Messages postés
10
Date d'inscription
vendredi 15 décembre 2006
Statut
Membre
Dernière intervention
3 janvier 2007
3 janv. 2007 à 01:49
3 janv. 2007 à 01:49
mais non encore cette merde qui s'en mele!!!!!
ishhhhh de ishhhhhhhh comment m'en sortir!!!!!!!
ishhhhh de ishhhhhhhh comment m'en sortir!!!!!!!