Security toolbar 7.1 , au secour

Salut

retélécharhe hijackthis et installe le sur le bureau

puis : fais un clic droit dessus < renommer < puis nomme le CCM.exe

puis poste un nouveau rapport stp

++
Le moyen d'aimer une chose est de se dire qu'on pourrait la perdre (Gilbert Keith Chesterton)

Logfile of HijackThis v1.99.1
Scan saved at 19:10:20, on 16/11/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\System32\antiv.exe
D:\ipod\iTunesHelper.exe
E:\WINDOWS\System32\ctfmon.exe
E:\WINDOWS\system\NOTEPAD.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\WINDOWS\System32\wuauclt.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Documents and Settings\CHASTEL PHILIPPE\Bureau\CCM.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: {883b609e-e12f-230b-9074-afc31621a5a3} - {3a5a1261-3cfa-4709-b032-f21ee906b388} - E:\WINDOWS\System32\lpwlxnuf.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {A95B2816-1D7E-4561-A202-68C0DE02353A} - E:\WINDOWS\System32\fcgensiy.dll
O2 - BHO: (no name) - {DA712462-31B9-409C-8221-1370735B97E5} - E:\WINDOWS\System32\gebbb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - E:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - E:\WINDOWS\System32\fcgensiy.dll
O4 - HKLM\..\Run: [Application Layer Gateway Service] E:\WINDOWS\System32\algs.exe
O4 - HKLM\..\Run: [Local Security Authority Service] E:\WINDOWS\System32\lssas.exe
O4 - HKLM\..\Run: [Client Server Runtime Process] E:\WINDOWS\System32\csrs.exe
O4 - HKLM\..\Run: [Microsoft Anivirus Monitor Process] antiv.exe
O4 - HKLM\..\Run: [Microsoft Internet Explorer] E:\WINDOWS\System32\iexplore.exe
O4 - HKLM\..\Run: [Advanced DHTML Enable] E:\WINDOWS\sdir\relpk.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "D:\ipod\iTunesHelper.exe"
O4 - HKLM\..\Run: [1c581776] rundll32.exe "E:\WINDOWS\System32\fwopmkfi.dll",b
O4 - HKLM\..\Run: [Windows Explorer] E:\WINDOWS\System32\explorer.exe
O4 - HKLM\..\RunServices: [Microsoft Anivirus Monitor Process] antiv.exe
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/...
O20 - AppInit_DLLs: E:\WINDOWS\System32\__c0029189.dat
O20 - Winlogon Notify: fccbcba - E:\WINDOWS\SYSTEM32\fccbcba.dll
O20 - Winlogon Notify: fcgensiy - E:\WINDOWS\SYSTEM32\fcgensiy.dll
O23 - Service: DomainService - Unknown owner - E:\WINDOWS\System32\ylossnuk.exe (file missing)
O23 - Service: h4m0v0k2 - Unknown owner - E:\WINDOWS\system32\svshost.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - E:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOTEPAD - Unknown owner - E:\WINDOWS\system\NOTEPAD.exe

j'espère que ce noueau scan te permettra d'avancer
avec mes remerciements

très bien !

Télécharger ComboFix (par sUBs) sur le Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe

* Démarrer en mode sans echec
* Double cliquer combofix.exe.
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée dans: C:\Combofix.txt, poste le stp

++

Le moyen d'aimer une chose est de se dire qu'on pourrait la perdre (Gilbert Keith Chesterton)

ComboFix 07-11-08.1 - CHASTEL PHILIPPE 2007-11-16 21:09:40.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.1.1252.33.1036.18.345 [GMT 1:00]
Running from: E:\Documents and Settings\CHASTEL PHILIPPE\Bureau\ComboFix.exe
* Created a new restore point
.

Incapable d'obtenir les privilèges Système

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

E:\Documents and Settings\All Users\Menu Démarrer\Live Safety Center.lnk
E:\Documents and Settings\All Users\Menu Démarrer\Online Security Guide.lnk
E:\Documents and Settings\CHASTEL PHILIPPE\Bureau\Live Safety Center.lnk
E:\Documents and Settings\CHASTEL PHILIPPE\Bureau\Online Security Guide.lnk
E:\Documents and Settings\CHASTEL PHILIPPE\Favoris\Online Security Guide.lnk
E:\WINDOWS\cookies.ini
E:\WINDOWS\system32\__c0029189.dat
E:\WINDOWS\system32\__c006CE5D.dat
E:\WINDOWS\system32\__c007DCB2.dat
E:\WINDOWS\system32\__c007ED69.dat
E:\WINDOWS\system32\__c0080E32.dat
E:\WINDOWS\system32\__c0085482.dat
E:\WINDOWS\system32\__c00B197D.dat
E:\WINDOWS\system32\__c00C5304.dat
E:\WINDOWS\system32\__c00E5544.dat
E:\WINDOWS\system32\acrtkbkf.dll
E:\WINDOWS\system32\acvwvjqt.dll
E:\WINDOWS\system32\aqtypbyh.dll
E:\WINDOWS\system32\ascyydhy.dll
E:\WINDOWS\system32\bbbeg.bak1
E:\WINDOWS\system32\bbbeg.bak2
E:\WINDOWS\system32\bbbeg.ini
E:\WINDOWS\system32\bbulyqdd.dll
E:\WINDOWS\system32\cbbmybop.dll
E:\WINDOWS\system32\cbhwehyo.dll
E:\WINDOWS\system32\csrs.exe
E:\WINDOWS\system32\djpoaoup.dll
E:\WINDOWS\system32\eojkxplw.dll
E:\WINDOWS\system32\fcgensiy.dllbox
E:\WINDOWS\system32\fgnfstpw.dll
E:\WINDOWS\system32\firewall.exe
E:\WINDOWS\system32\fjnfdtpe.dll
E:\WINDOWS\system32\gebbb.dll
E:\WINDOWS\system32\glrmuyhw.dll
E:\WINDOWS\system32\gqfyoenp.dll
E:\WINDOWS\system32\hfsdjckk.dll
E:\WINDOWS\system32\httsvejy.dll
E:\WINDOWS\system32\jagobfyo.dll
E:\WINDOWS\system32\jblorwkw.dll
E:\WINDOWS\system32\jyifgxcg.dll
E:\WINDOWS\system32\kiufamem.dll
E:\WINDOWS\system32\kjerjemu.dll
E:\WINDOWS\system32\kperepgk.dll
E:\WINDOWS\system32\ldcitxwg.dll
E:\WINDOWS\system32\leneirbh.dll
E:\WINDOWS\system32\loojrbik.dll
E:\WINDOWS\system32\luvkitum.dll
E:\WINDOWS\system32\mcpagvbh.dll
E:\WINDOWS\system32\mrkscrig.dll
E:\WINDOWS\system32\nedbqbdw.dll
E:\WINDOWS\system32\nuksndvi.dll
E:\WINDOWS\system32\ogtctkjw.dll
E:\WINDOWS\system32\pbfsaawn.dll
E:\WINDOWS\system32\pvigctdu.dll
E:\WINDOWS\system32\pxnyutsd.dll
E:\WINDOWS\system32\rbxrtnek.dll
E:\WINDOWS\system32\sgaadrcw.dll
E:\WINDOWS\system32\siqrxqqk.dll
E:\WINDOWS\system32\svlrcqbp.dll
E:\WINDOWS\system32\ubaoqykg.dll
E:\WINDOWS\system32\ujjhlnwl.dll
E:\WINDOWS\system32\vccxgsot.dll
E:\WINDOWS\system32\yaahpyeh.dll
E:\WINDOWS\system32\ymkhosjd.dll
E:\WINDOWS\system32\ynmiqhla.dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_DOMAINSERVICE
-------\DomainService


((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-10-16 to 2007-11-16 ))))))))))))))))))))))))))))))))))))
.

2007-11-16 21:14 74,996 E:\WINDOWS\system32\djvdt.exe
2007-11-16 21:08 51,200 --a------ E:\WINDOWS\NirCmd.exe
2007-11-16 20:46 31,193 --a------ E:\WINDOWS\system32\snck.exe
2007-11-16 20:46 30,841 --a------ E:\WINDOWS\system32\qpqtp.exe
2007-11-16 18:42 2,432 --a------ E:\WINDOWS\system32\unpr.sys
2007-11-15 14:34 79,936 --a------ E:\WINDOWS\system32\lpwlxnuf.dll
2007-11-15 14:32 <REP> d-------- E:\Program Files\Java
2007-11-15 14:28 85,056 --a------ E:\WINDOWS\system32\fwopmkfi.dll
2007-11-13 18:21 <REP> d-------- E:\Program Files\Lavasoft
2007-11-13 18:20 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-11-13 14:26 94,992 --a------ E:\WINDOWS\system32\Vb5fr.dll
2007-11-13 13:58 144,480 --a------ E:\WINDOWS\system32\qacnswkm.dll
2007-11-13 13:58 144,480 --a------ E:\WINDOWS\system32\fcgensiy.dll
2007-11-13 13:55 71,232 --a------ E:\WINDOWS\system32\fovsyufv.exe
2007-11-12 14:03 89,664 --a------ E:\WINDOWS\system32\ysesmewc.dll
2007-11-12 13:57 81,472 --a------ E:\WINDOWS\system32\isigkark.dll
2007-11-12 13:49 71,232 --a------ E:\WINDOWS\system32\muelqlko.exe
2007-11-11 15:50 <REP> d-------- E:\programme
2007-11-11 14:57 <REP> d-------- E:\Program Files\PAN vision
2007-11-11 14:57 222,208 --a------ E:\WINDOWS\IsUn040c.exe
2007-11-11 12:52 <REP> d--h----- E:\Program Files\InstallShield Installation Information
2007-11-11 12:51 <REP> d-------- E:\Program Files\Fichiers communs\InstallShield
2007-11-11 08:28 79,936 --a------ E:\WINDOWS\system32\bpafomtg.dll
2007-11-11 08:24 71,232 --a------ E:\WINDOWS\system32\vqvqqebh.exe
2007-11-09 15:30 71,232 --a------ E:\WINDOWS\system32\ahrqslca.exe
2007-11-08 17:06 <REP> d-------- E:\Documents and Settings\CHASTEL PHILIPPE\Application Data\vlc
2007-11-07 18:56 79,936 --a------ E:\WINDOWS\system32\jcabhpne.dll
2007-11-07 18:51 71,232 --a------ E:\WINDOWS\system32\kfsafbjh.exe
2007-11-05 16:03 83,008 --a------ E:\WINDOWS\system32\ktagdjsf.dll
2007-11-04 18:19 21,760 --a--c--- E:\WINDOWS\system32\dllcache\usbstor.­sys
2007-11-04 18:17 <REP> d-------- E:\Program Files\iPod
2007-11-04 18:17 <REP> d-------- E:\Documents and Settings\CHASTEL PHILIPPE\Application Data\Apple Computer
2007-11-04 18:16 <REP> d-------- E:\Program Files\QuickTime
2007-11-04 18:16 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-04 18:15 <REP> d-------- E:\Program Files\Apple Software Update
2007-11-04 18:15 <REP> d-------- E:\Documents and Settings\All Users\Application Data\Apple
2007-11-04 18:04 549,720 --a------ E:\WINDOWS\system32\wuapi.dll
2007-11-04 18:04 325,976 --a------ E:\WINDOWS\system32\wucltui.dll
2007-11-04 18:04 43,352 --a------ E:\WINDOWS\system32\wups2.dll
2007-11-04 18:04 33,624 --a------ E:\WINDOWS\system32\wups.dll
2007-11-04 18:03 <REP> d---s---- E:\Documents and Settings\CHASTEL PHILIPPE\UserData
2007-11-04 17:54 <REP> d---s---- E:\WINDOWS\system32\Microsoft
2007-11-04 17:45 <REP> d--hs---- E:\WINDOWS\Installer
2007-11-04 17:44 <REP> d--h----- E:\Documents and Settings\CHASTEL PHILIPPE\Voisinage r‚seau
2007-11-04 17:44 <REP> d--h----- E:\Documents and Settings\CHASTEL PHILIPPE\Voisinage d'impression
2007-11-04 17:44 <REP> d--h----- E:\Documents and Settings\CHASTEL PHILIPPE\ModŠles
2007-11-04 17:44 <REP> dr------- E:\Documents and Settings\CHASTEL PHILIPPE\Mes documents
2007-11-04 17:44 <REP> dr------- E:\Documents and Settings\CHASTEL PHILIPPE\Menu D‚marrer
2007-11-04 17:44 <REP> dr------- E:\Documents and Settings\CHASTEL PHILIPPE\Favoris
2007-11-04 17:44 <REP> d-------- E:\Documents and Settings\CHASTEL PHILIPPE\Bureau
2007-11-04 16:35 <REP> d--h----- E:\WINDOWS\system32\config\syste­mprofile\Voisinage r‚seau
2007-11-04 16:35 <REP> d--h----- E:\WINDOWS\system32\config\syste­mprofile\Voisinage d'impression
2007-11-04 16:35 <REP> d--h----- E:\WINDOWS\system32\config\syste­mprofile\ModŠles
2007-11-04 16:35 <REP> d-------- E:\WINDOWS\system32\config\syste­mprofile\Mes documents
2007-11-04 16:35 <REP> dr------- E:\WINDOWS\system32\config\syste­mprofile\Menu D‚marrer
2007-11-04 16:35 <REP> d-------- E:\WINDOWS\system32\config\syste­mprofile\Favoris
2007-11-04 16:35 <REP> d-------- E:\WINDOWS\system32\config\syste­mprofile\Bureau
2007-11-04 16:27 39,424 --a--c--- E:\WINDOWS\system32\dllcache\davcdata­.exe
2007-11-04 16:24 19,456 --a--c--- E:\WINDOWS\system32\dllcache\cprofile­.exe
2007-11-04 16:23 57,400 --a--c--- E:\WINDOWS\system32\dllcache\cplexe.e­xe
2007-11-04 16:23 56,832 --a--c--- E:\WINDOWS\system32\dllcache\convlog.­exe
2007-11-04 16:23 20,480 --a--c--- E:\WINDOWS\system32\dllcache\counters­.dll
2007-11-04 16:22 33,792 --a--c--- E:\WINDOWS\system32\dllcache\controt.­dll
2007-11-04 16:19 22,016 --a--c--- E:\WINDOWS\system32\dllcache\compfilt­.dll
2007-11-04 16:17 480,256 --a--c--- E:\WINDOWS\system32\dllcache\cintset­p.exe
2007-11-04 16:17 201,216 --a--c--- E:\WINDOWS\system32\dllcache\cintime­.dll
2007-11-04 16:16 1,677,824 --a--c--- E:\WINDOWS\system32\dllcache\chsbr­kr.dll
2007-11-04 16:16 838,144 --a--c--- E:\WINDOWS\system32\dllcache\chtbrkr­.dll
2007-11-04 16:16 173,568 --a--c--- E:\WINDOWS\system32\dllcache\chtskf.­dll
2007-11-04 16:16 97,792 --a--c--- E:\WINDOWS\system32\dllcache\chtmbx.d­ll
2007-11-04 16:16 56,320 --a--c--- E:\WINDOWS\system32\dllcache\chtskdic­.dll
2007-11-04 16:15 15,872 --a--c--- E:\WINDOWS\system32\dllcache\chgport.­exe
2007-11-04 16:15 14,848 --a--c--- E:\WINDOWS\system32\dllcache\chgusr.e­xe
2007-11-04 16:15 13,824 --a--c--- E:\WINDOWS\system32\dllcache\chglogon­.exe
2007-11-04 16:15 10,240 --a--c--- E:\WINDOWS\system32\dllcache\change.e­xe
2007-11-04 16:14 54,528 --a--c--- E:\WINDOWS\system32\dllcache\cap7146.­sys
2007-11-04 16:13 218,112 --a--c--- E:\WINDOWS\system32\dllcache\c_g1803­0.dll
2007-11-04 16:13 45,568 --a--c--- E:\WINDOWS\system32\dllcache\browscap­.dll
2007-11-04 16:13 10,752 --a--c--- E:\WINDOWS\system32\dllcache\c_iscii.­dll
2007-11-04 16:13 6,656 --a--c--- E:\WINDOWS\system32\dllcache\c_is2022.­dll
2007-11-04 16:12 9,216 --a--c--- E:\WINDOWS\system32\dllcache\authfilt.­dll
2007-11-04 16:11 29,184 --a--c--- E:\WINDOWS\system32\dllcache\asptxn.d­ll
2007-11-04 16:11 10,240 --a--c--- E:\WINDOWS\system32\dllcache\aspperf.­dll
2007-11-04 16:10 347,136 --a--c--- E:\WINDOWS\system32\dllcache\asp51.d­ll
2007-11-04 16:10 315,904 --a--c--- E:\WINDOWS\system32\dllcache\EXCH_aq­ueue.dll
2007-11-04 16:10 99,840 --a--c--- E:\WINDOWS\system32\dllcache\appconf.­dll
2007-11-04 16:10 45,056 --a--c--- E:\WINDOWS\system32\dllcache\EXCH_aqa­dmin.dll
2007-11-04 16:09 19,456 --a--c--- E:\WINDOWS\system32\dllcache\agt0804.­dll
2007-11-04 16:09 19,456 --a--c--- E:\WINDOWS\system32\dllcache\agt0412.­dll
2007-11-04 16:09 19,456 --a--c--- E:\WINDOWS\system32\dllcache\agt0411.­dll
2007-11-04 16:09 19,456 --a--c--- E:\WINDOWS\system32\dllcache\agt040d.­dll
2007-11-04 16:09 19,456 --a--c--- E:\WINDOWS\system32\dllcache\agt0404.­dll
2007-11-04 16:09 19,456 --a--c--- E:\WINDOWS\system32\dllcache\agt0401.­dll
2007-11-04 16:08 50,176 --a--c--- E:\WINDOWS\system32\dllcache\adrot.dl­l
2007-11-04 16:08 6,144 --a--c--- E:\WINDOWS\system32\dllcache\admxprox.­dll
2007-11-04 16:08 5,632 --a--c--- E:\WINDOWS\system32\dllcache\EXCH_adsi­isex.dll
2007-11-04 16:07 27,136 --a--c--- E:\WINDOWS\system32\dllcache\admexs.d­ll
2007-11-04 16:04 7,168 --a--c--- E:\WINDOWS\system32\dllcache\wamregps.­dll
2007-11-04 16:03 32,827 --a--c--- E:\WINDOWS\system32\dllcache\tcptest.­exe
2007-11-04 16:03 16,384 --a--c--- E:\WINDOWS\system32\dllcache\tcptsat.­dll

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-11-16 20:15 5,109 ----a-w E:\WINDOWS\system32\drivers\vnlmn.sys
2007-11-16 20:14 39,936 ----a-w E:\WINDOWS\system32\wmfptc32.dll
2007-11-04 14:50 --------- d-----w E:\Program Files\microsoft frontpage
2007-11-04 14:44 61,440 ---ha-w E:\WINDOWS\system32\htkg.exe
2007-11-04 14:44 1,134,080 ----a-w E:\WINDOWS\system32\rwv.exe
2007-11-04 14:38 38,649 ----a-w E:\WINDOWS\system32\kl.exe
2007-11-04 14:35 30,660 ---ha-w E:\WINDOWS\system32\oltvrolg.exe
2007-11-04 14:32 66,048 ----a-w E:\WINDOWS\winvyidu.exe
2007-11-04 14:31 35,328 ----a-w E:\WINDOWS\system32\fccbcba.dll
2007-11-04 14:30 6,546,276 ----a-w E:\WINDOWS\system32\setup_68555.exe
2007-11-04 14:30 102,400 ----a-r E:\WINDOWS\system32\antiv.exe
2007-11-04 14:28 30,750 ----a-w E:\WINDOWS\system32\rieym.exe
2007-11-04 14:28 --------- d-----w E:\Program Files\Services en ligne
2007-11-04 14:26 --------- d-----w E:\Program Files\Fichiers communs\MSSoap
2007-11-04 14:23 107,520 ---ha-w E:\WINDOWS\system32\cbio.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{3a5a1261-3cfa-4709-b032-f21ee906b388}]
2007-11-15 14:34 79936 --a------ E:\WINDOWS\System32\lpwlxnuf.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A95B2816-1D7E-4561-A202-68C0DE02353A}]
2007-11-13 13:58 144480 --a------ E:\WINDOWS\system32\fcgensiy.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{11A69AE4-FBED-4832-A2BF-45AF82825583}"= E:\WINDOWS\system32\fcgensiy.dll [2007-11-13 13:58 144480]

[HKEY_CLASSES_ROOT\CLSID\{11A69AE4-FBED-4832-A2BF-45AF828255­83}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersio­n\Run]
"Application Layer Gateway Service"="E:\WINDOWS\System32\algs.exe" []
"Local Security Authority Service"="E:\WINDOWS\System32\Isass.exe" []
"Client Server Runtime Process"="E:\WINDOWS\System32\csrs.exe" [2002-08-30 13:00]
"Microsoft Anivirus Monitor Process"="antiv.exe" [2007-11-04 15:30 E:\WINDOWS\system32\antiv.exe]
"Advanced DHTML Enable"="E:\WINDOWS\sdir\relpk.exe" [2007-10-23 01:16]
"QuickTime Task"="E:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24]
"iTunesHelper"="D:\ipod\iTunesHelper.exe"­; [2007-09-26 14:42]
"1c581776"="E:\WINDOWS\System32\fwopmkfi.dll&­quot; [2007-11-15 14:28]
"Windows Explorer"="E:\WINDOWS\System32\explorer.exe" []
"Windows Logon Application"="E:\WINDOWS\System32\winIogon.exe&quo­t; []
"Windows Network Firewall"="E:\WINDOWS\System32\firewall.exe" []

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion­\Run]
"CTFMON.EXE"="E:\WINDOWS\System32\ctfmon.exe&­quot; [2002-08-30 13:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversio­n\runservices]
"Microsoft Anivirus Monitor Process"=antiv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fccbcba]
fccbcba.dll 2007-11-04 15:31 35328 E:\WINDOWS\system32\fccbcba.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\fcgensiy]
fcgensiy.dll 2007-11-13 13:58 144480 E:\WINDOWS\system32\fcgensiy.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
"Authentication Packages"= msv1_0 E:\WINDOWS\System32\gebbb.dll

[color=red]SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.[/color]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoo­t\Minimal\File system]
@="Driver Group"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoo­t\Minimal\vgasave.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoo­t\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
@="DiskDrive"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoo­t\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
@="Hdc"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoo­t\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
@="Keyboard"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoo­t\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
@="Mouse"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoo­t\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
@="System"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoo­t\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
@="Volume"

R0 UNPR;UNPR;E:\WINDOWS\System32\unpr.sys
R2 NdisFileServices32;NdisFileServices32;\??\E:\WINDOWS\System3­2\drivers\vnlmn.sys
R2 NOTEPAD;NOTEPAD;"E:\WINDOWS\system\NOTEPAD.exe"
S2 h4m0v0k2;h4m0v0k2;"E:\WINDOWS\system32\svshost.exe"­;

.
************************************************************­**************

catchme 0.3.1250 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-16 21:14:57
Windows 5.1.2600 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

************************************************************­**************
.
Completion time: 2007-11-16 21:16:19 - machine was rebooted
.
--- E O F ---
je n a pu redemmarer en mode sans echec
j esperfe que cela a marcher
merci

ok,

Télécharger Vundofix.exe (par Atribune) sur votre Bureau : http://www.atribune.org/ccount/click.php?id=4

* Double-cliquer sur VundoFix.exe afin de le lancer.
* Cliquer sur le bouton Scan for Vundo.
* Lorsque le scan est complété, cliquer sur le bouton Remove Vundo.
* Une invite de commande demandera si l’on souhaite supprimer les fichiers, cliquer sur YES
* Après avoir cliqué "YES", le Bureau disparaîtra un moment lors de la suppression des fichiers.
* Une nouvelle invite de commende annoncera que le PC devra s'éteindre ("shutdown"). Cliquer sur OK , puis laisser le redémarrer.
* Le contenu du rapport est situé dans C:\vundofix.txt, poste le stp

++
Le moyen d'aimer une chose est de se dire qu'on pourrait la perdre (Gilbert Keith Chesterton)

Beginning removal...

Beginning removal...

VundoFix V6.6.1

Checking Java version...

Scan started at 22:18:04 16/11/2007

Listing files found while scanning....

E:\windows\system32\fccbcba.dll
E:\WINDOWS\system32\fcgensiy.dll

Beginning removal...

Attempting to delete E:\windows\system32\fccbcba.dll
E:\windows\system32\fccbcba.dll Has been deleted!

Attempting to delete E:\WINDOWS\system32\fcgensiy.dll
E:\WINDOWS\system32\fcgensiy.dll Has been deleted!

Performing Repairs to the registry.
Done!

que dois je faire, je suis suspendu à vos lettres:::

ok ! on continue !

Télécharger VirtumundoBegone sur le bureau : http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe­


Double cliquer sur VirtumundoBeGone.exe et suivre les instructions.
Une fois terminé, redémarrer le PC, le rapport VBG.TXT sera crée sur le bureau , poste le stp

++
Le moyen d'aimer une chose est de se dire qu'on pourrait la perdre (Gilbert Keith Chesterton)

[11/16/2007, 23:02:54] - VirtumundoBeGone v1.5 ( "E:\Documents and Settings\CHASTEL PHILIPPE\Bureau\VirtumundoBeGone.exe" )
[11/16/2007, 23:03:02] - Detected System Information:
[11/16/2007, 23:03:02] - Windows Version: 5.1.2600, Service Pack 1
[11/16/2007, 23:03:02] - Current Username: CHASTEL PHILIPPE (Admin)
[11/16/2007, 23:03:02] - Windows is in NORMAL mode.
[11/16/2007, 23:03:02] - Searching for Browser Helper Objects:
[11/16/2007, 23:03:02] - BHO 1: {3a5a1261-3cfa-4709-b032-f21ee906b388} ()
[11/16/2007, 23:03:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/16/2007, 23:03:02] - Checking for HKLM\...\Winlogon\Notify\lpwlxnuf
[11/16/2007, 23:03:02] - Key not found: HKLM\...\Winlogon\Notify\lpwlxnuf, continuing.
[11/16/2007, 23:03:02] - BHO 2: {53707962-6F74-2D53-2644-206D7942484F} ()
[11/16/2007, 23:03:02] - WARNING: BHO has no default name. Checking for Winlogon reference.
[11/16/2007, 23:03:02] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[11/16/2007, 23:03:02] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[11/16/2007, 23:03:02] - Finished Searching Browser Helper Objects
[11/16/2007, 23:03:02] - Finishing up...
[11/16/2007, 23:03:02] - Nothing found! Exiting...


comment ça avance doc!

ok !

Télécharge SDFix sur ton bureau

http://downloads.andymanchesta.com/RemovalTools/SDFix.exe

Double clique sur SDFix.exe et choisis Install pour l'extraire dans un dossier dédié sur le Bureau.
Redémarre ton ordinateur en mode sans échec
Ouvre le dossier SDFix qui vient d'être créé sur le Bureau et double clique sur RunThis.bat pour lancer le script.
Appuie sur Y pour commencer le processus de nettoyage.
Il va supprimer les services et les entrées du Registre de certains trojans trouvés puis te demandera d'appuyer sur une touche pour redémarrer.
Appuie sur une touche pour redémarrer le PC.
Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
Après le chargement du Bureau, l'outil terminera son travail et affichera Finished.
Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
Les icônes du Bureau affichées, le rapport SDFix s'ouvrira à l'écran et s'enregistrera aussi dans le dossier SDFix sous le nom Report.txt.
Enfin, copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !

++
Le moyen d'aimer une chose est de se dire qu'on pourrait la perdre (Gilbert Keith Chesterton)

je n arrive pas a ouvrir en mode sans echec, je pense que la config de mon ordi n'est pas top, conflit carte mèer et xp.
bref, j'ai fait un scan avec Norman mais aucun fichier txt ne s'est créer et j'ai fait un scan avec a2cm
lui m'a donne ceci:
a-squared Command Line Scanner - Version 3.0
Last update: N/A

Scan settings:

Objects: Memory, Traces, Cookies, E:
Scan archives: On
Heuristics: Off
ADS Scan: On

Scan start: 16/11/2007 23:47:58

[1648] E:\WINDOWS\system\NOTEPAD.exe detected: Backdoor.Win32.SdBot.bzj
Value: HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion­\run --> windows logon application detected: Trace.Registry.MultiBotPro
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@247realmedia[1].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@2o7[1].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@adserver.aol[1].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@adtech[1].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@advertising[1].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@atdmt[2].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@bluestreak[2].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@bs.serving-sys[2].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@commentcamarche[2].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@doubleclick[1].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@pacificpoker[2].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@serving-sys[2].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@smartadserver[1].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@stat.onestat[2].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@statcounter[1].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@statse.webtrendslive[2].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@tradedoubler[1].txt detected: Trace.TrackingCookie
E:\Documents and Settings\CHASTEL PHILIPPE\Cookies\chastel philippe@weborama[2].txt detected: Trace.TrackingCookie
E:\qoobox\Quarantine\catchme2007-11-16_211443.18.zip/__c0029­189.dat detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\acrtkbkf.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\acvwvjqt.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\aqtypbyh.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\ascyydhy.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\bbulyqdd.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\cbbmybop.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\cbhwehyo.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\djpoaoup.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\eojkxplw.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\fgnfstpw.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\firewall.exe.vir detected: Backdoor.Win32.VanBot.do
E:\qoobox\Quarantine\E\WINDOWS\system32\fjnfdtpe.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\glrmuyhw.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\gqfyoenp.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\hfsdjckk.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\httsvejy.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\jagobfyo.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\jblorwkw.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\jyifgxcg.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\kiufamem.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\kjerjemu.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\kperepgk.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\ldcitxwg.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\leneirbh.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\loojrbik.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\luvkitum.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\mcpagvbh.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\mrkscrig.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\nedbqbdw.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\nuksndvi.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\ogtctkjw.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\pbfsaawn.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\pvigctdu.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\pxnyutsd.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\rbxrtnek.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\sgaadrcw.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\siqrxqqk.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\svlrcqbp.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\ubaoqykg.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\ujjhlnwl.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\vccxgsot.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\yaahpyeh.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\ymkhosjd.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\ynmiqhla.dll.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\__c006CE5D.dat.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\__c007ED69.dat.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\__c0080E32.dat.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\__c0085482.dat.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\__c00B197D.dat.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\__c00C5304.dat.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\qoobox\Quarantine\E\WINDOWS\system32\__c00E5544.dat.vir detected: Trojan-Downloader.Win32.ConHook.hl
E:\VundoFix Backups\fccbcba.dll.bad detected: Trojan.Win32.Pakes.ds
E:\WINDOWS\system\NOTEPAD.exe detected: Backdoor.Win32.SdBot.bzj
E:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\QEBA5Z0Q\nn[1].exe/zm.exe detected: Trojan.Win32.Pakes.eg
E:\WINDOWS\system32\kl.exe detected: Backdoor.Win32.SdBot.bzj
E:\WINDOWS\system32\kl.RB0 detected: Backdoor.Win32.SdBot.bzj
E:\WINDOWS\system32\pyimtkif.exe detected: Backdoor.Win32.Agent.apf
E:\WINDOWS\system32\scrcons32.exe detected: Backdoor.Win32.EggDrop.v
E:\WINDOWS\system32\scrcons32.RB0 detected: Backdoor.Win32.EggDrop.v
E:\WINDOWS\system32\wmfptc32.dll detected: Trojan.Win32.KillAV.ka
E:\WINDOWS\system32\xmxw.exe detected: Backdoor.Win32.Agent.apf
E:\WINDOWS\system32\xmxw.RB0 detected: Backdoor.Win32.Agent.apf
E:\WINDOWS\winvyidu.exe detected: Trojan-Downloader.Win32.Agent.dsx
E:\WINDOWS\winvyidu.RB0 detected: Trojan-Downloader.Win32.Agent.dsx
E:\WINDOWS\winvyidu.RB1 detected: Trojan-Downloader.Win32.Agent.dsx

Scanned

Files: 44561
Traces: 149017
Cookies: 109
Processes: 18

Found

Files: 66
Traces: 1
Cookies: 18
Processes: 1

Quarantined

Files: 66
Traces: 1
Cookies: 18
Processes: 1

Scan end: 17/11/2007 00:11:19
Scan time: 0:23:21

avec la creation d'un dossier quarantaine.
rereremerci

Salut

ok, dans ce cas, fais le en mode normal !

++
Le moyen d'aimer une chose est de se dire qu'on pourrait la perdre (Gilbert Keith Chesterton)

bonjour,

mon message d'hier ne s'est pas collé. ci dessous le rapport , en plus j'ai relancé les scan et tout mon bureau a disparu, quid???????

20:01:46 18/11/2007
http://update.emsisoft.com/...

; Searching for a-squared updates on 11/18/2007 8:01:33 PM
; -----------------------------------------------------
; Response from http://updates2.emsisoft.com: OK

[General]
valid=1
status=1
expire=4294967296
servertime=1195416093
expiredate=1/1/3000 :)
news=
newslink=
news1=Mamutu 1.0 released!
newslink1=http://www.emsisoft.com/en/kb/articles/news071111
news2=Beta-Test Invitation: Mamutu 1.0 BETA
newslink2=http://www.emsisoft.com/en/kb/articles/news071025
news3=A Story About Government Malware - The Federal Trojan
newslink3=http://www.emsisoft.com/en/kb/articles/tec070820
news4=a-squared HiJackFree 3.0 released!
newslink4=http://www.emsisoft.com/en/kb/articles/news070627
news5=a-squared Anti-Malware and a-squared Free 3.0 released!
newslink5=http://www.emsisoft.com/en/kb/articles/news070604
base=20070401
num=299

[1]
URL=http://updates2.emsisoft.com/updates/6C7A141F29931155B4F­692960257279E.dat
path=Signatures\20070401.sig
name=Signature update
size=6615731
md5=6C7A141F29931155B4F692960257279E
desc=327235 Signatures: 212086 Trojans, 39591 Dialers, 66333 Worms and 9224 Spywares

[2]
URL=http://updates2.emsisoft.com/updates/20FD0FFB3D9E056518C­FF712D971FCFA.dat
path=Signatures\20070401.trc
name=Traces signature update
size=3558
md5=20FD0FFB3D9E056518CFF712D971FCFA
desc=394 Spyware Traces

[3]
URL=http://updates2.emsisoft.com/updates/D27B205219BE7607F3D­5383658837F2F.dat
path=Signatures\20070402.sig
name=Signature update
size=2533493
md5=D27B205219BE7607F3D5383658837F2F
desc=126951 Signatures: 113886 Trojans, 1567 Dialers, 3677 Worms and 7821 Spywares

[4]
URL=http://updates2.emsisoft.com/updates/E55D3CA94F7E7B01E73­6BD6F8DB1327A.dat
path=Signatures\20070402.trc
name=Traces signature update
size=817276
md5=E55D3CA94F7E7B01E736BD6F8DB1327A
desc=91710 Spyware Traces

[5]
URL=http://updates2.emsisoft.com/updates/9FFC1B6CD8D25E4A9D0­DF2B340F11C12.dat
path=Signatures\20070404.sig
name=Signature update
size=1487706
md5=9FFC1B6CD8D25E4A9D0DF2B340F11C12
desc=74522 Signatures: 62290 Trojans, 1791 Dialers, 2353 Worms and 8088 Spywares

[6]
URL=http://updates2.emsisoft.com/updates/71D1CEA8AF23AA8045F­F833B3257BC9B.dat
path=Signatures\20070404.trc
name=Traces signature update
size=213318
md5=71D1CEA8AF23AA8045FF833B3257BC9B
desc=26536 Spyware Traces

[7]
URL=http://updates2.emsisoft.com/updates/EF22245D8AECEFC2A4C­5D2225B9E8BEE.dat
path=Signatures\20070406.sig
name=Signature update
size=183085
md5=EF22245D8AECEFC2A4C5D2225B9E8BEE
desc=8785 Signatures: 7201 Trojans, 350 Dialers, 299 Worms and 935 Spywares

[8]
URL=http://updates2.emsisoft.com/updates/1EC486BA97B252F052C­3ECCF0EECA81E.dat
path=Signatures\20070406.trc
name=Traces signature update
size=18231
md5=1EC486BA97B252F052C3ECCF0EECA81E
desc=2292 Spyware Traces

[9]
URL=http://updates2.emsisoft.com/updates/99BDC61CCB2CF50629A­FD33C0F991311.dat
path=Signatures\20070409.sig
name=Signature update
size=31989
md5=99BDC61CCB2CF50629AFD33C0F991311
desc=1435 Signatures: 1134 Trojans, 17 Dialers, 150 Worms and 134 Spywares

[10]
URL=http://updates2.emsisoft.com/updates/11FEB357EE0F6802181­9D6B0492053B7.dat
path=Signatures\20070410.sig
name=Signature update
size=16051
md5=11FEB357EE0F68021819D6B0492053B7
desc=873 Signatures: 705 Trojans, 0 Dialers, 4 Worms and 164 Spywares

[11]
URL=http://updates2.emsisoft.com/updates/E6ABF2FBAA8093ACA1A­A7A2B298990A8.dat
path=Signatures\20070411.sig
name=Signature update
size=18108
md5=E6ABF2FBAA8093ACA1AA7A2B298990A8
desc=799 Signatures: 629 Trojans, 10 Dialers, 63 Worms and 97 Spywares

[12]
URL=http://updates2.emsisoft.com/updates/4B5E25552A3114CF5A7­AE56A61871060.dat
path=Signatures\20070412.sig
name=Signature update
size=80816
md5=4B5E25552A3114CF5A7AE56A61871060
desc=3664 Signatures: 3070 Trojans, 337 Dialers, 26 Worms and 231 Spywares

[13]
URL=http://updates2.emsisoft.com/updates/BCABF47A91183A71F28­449F22D7AC2C7.dat
path=Signatures\20070413.sig
name=Signature update
size=23616
md5=BCABF47A91183A71F28449F22D7AC2C7
desc=1059 Signatures: 885 Trojans, 11 Dialers, 78 Worms and 85 Spywares

[14]
URL=http://updates2.emsisoft.com/updates/545E014C7F2DB9DB97E­502ACE6E1C3AD.dat
path=Signatures\20070415.sig
name=Signature update
size=83
md5=545E014C7F2DB9DB97E502ACE6E1C3AD
desc=2 Signatures: 2 Trojans, 0 Dialers, 0 Worms and 0 Spywares

[15]
URL=http://updates2.emsisoft.com/updates/D7664F3ECA9EDDB9ADC­225EBA25BD6DB.dat
path=Signatures\20070415.trc
name=Traces signature update
size=102
md5=D7664F3ECA9EDDB9ADC225EBA25BD6DB
desc=1 Spyware Traces

[16]
URL=http://updates2.emsisoft.com/updates/DDF352881FC1AF5A65B­7473777FF8825.dat
path=Signatures\20070416.sig
name=Signature update
size=40317
md5=DDF352881FC1AF5A65B7473777FF8825
desc=2013 Signatures: 1607 Trojans, 10 Dialers, 87 Worms and 309 Spywares

[17]
URL=http://updates2.emsisoft.com/updates/DB7034610FC4629D2D3­AAB3B79B346D6.dat
path=Signatures\20070416.trc
name=Traces signature update
size=5516
md5=DB7034610FC4629D2D3AAB3B79B346D6
desc=536 Spyware Traces

[18]
URL=http://updates2.emsisoft.com/updates/B8E2D70528D1969EFC6­1C3E6DCCEFDF0.dat
path=Signatures\20070417.trc
name=Traces signature update
size=38872
md5=B8E2D70528D1969EFC61C3E6DCCEFDF0
desc=4703 Spyware Traces

[19]
URL=http://updates2.emsisoft.com/updates/2DBC7A860F7FCC720E0­B9A2495505B81.dat
path=Signatures\20070418.sig
name=Signature update
size=23281
md5=2DBC7A860F7FCC720E0B9A2495505B81
desc=1039 Signatures: 856 Trojans, 3 Dialers, 83 Worms and 97 Spywares

[20]
URL=http://updates2.emsisoft.com/updates/60F0000D685723F1B7D­905D08EC89447.dat
path=Signatures\20070418.trc
name=Traces signature update
size=2413
md5=60F0000D685723F1B7D905D08EC89447
desc=225 Spyware Traces

[21]
URL=http://updates2.emsisoft.com/updates/AEE117619E9B42BBEFB­3663C14C5C87C.dat
path=Signatures\20070419.sig
name=Signature update
size=27617
md5=AEE117619E9B42BBEFB3663C14C5C87C
desc=1182 Signatures: 1013 Trojans, 109 Dialers, 3 Worms and 57 Spywares

[22]
URL=http://updates2.emsisoft.com/updates/38ADAAFAD486B29B01E­FE7129985B39B.dat
path=Signatures\20070420.sig
name=Signature update
size=20577
md5=38ADAAFAD486B29B01EFE7129985B39B
desc=931 Signatures: 747 Trojans, 24 Dialers, 69 Worms and 91 Spywares

[23]
URL=http://updates2.emsisoft.com/updates/B7852BA3001BA0B7005­FD2C79BE7E0DC.dat
path=Signatures\20070420.trc
name=Traces signature update
size=2490
md5=B7852BA3001BA0B7005FD2C79BE7E0DC
desc=216 Spyware Traces

[24]
URL=http://updates2.emsisoft.com/updates/A3ED5BE44FFB4192A02­6344C936D2975.dat
path=Signatures\20070421.trc
name=Traces signature update
size=4920
md5=A3ED5BE44FFB4192A026344C936D2975
desc=496 Spyware Traces

[25]
URL=http://updates2.emsisoft.com/updates/917B37A7D8387E1B957­799998C7E7D19.dat
path=Signatures\20070422.trc
name=Traces signature update
size=2169
md5=917B37A7D8387E1B957799998C7E7D19
desc=223 Spyware Traces

[26]
URL=http://updates2.emsisoft.com/updates/BB8A1B3760E0EE1A51A­BC59E1B3FE27C.dat
path=Signatures\20070423.sig
name=Signature update
size=31621
md5=BB8A1B3760E0EE1A51ABC59E1B3FE27C
desc=1427 Signatures: 1107 Trojans, 33 Dialers, 144 Worms and 143 Spywares

[27]
URL=http://updates2.emsisoft.com/updates/57DAD89AD3D685CF9F9­03545480FBBDC.dat
path=Signatures\20070423.trc
name=Traces signature update
size=3258
md5=57DAD89AD3D685CF9F903545480FBBDC
desc=434 Spyware Traces

[28]
URL=http://updates2.emsisoft.com/updates/95F13F65ADB4C39DCCA­8D9EDF3C9C8F9.dat
path=Signatures\20070424.sig
name=Signature update
size=12638
md5=95F13F65ADB4C39DCCA8D9EDF3C9C8F9
desc=679 Signatures: 544 Trojans, 0 Dialers, 12 Worms and 123 Spywares

[29]
URL=http://updates2.emsisoft.com/updates/20AD682C381C9FB6FBC­3B66805826723.dat
path=Signatures\20070425.sig
name=Signature update
size=20427
md5=20AD682C381C9FB6FBC3B66805826723
desc=959 Signatures: 759 Trojans, 32 Dialers, 65 Worms and 103 Spywares

[30]
URL=http://updates2.emsisoft.com/updates/F7E2DA086F52F01DDB0­93EA747F6264B.dat
path=Signatures\20070425.trc
name=Traces signature update
size=1570
md5=F7E2DA086F52F01DDB093EA747F6264B
desc=168 Spyware Traces

[31]
URL=http://updates2.emsisoft.com/updates/CC42C954190312F1A13­2ED3535D7688F.dat
path=Signatures\20070426.sig
name=Signature update
size=35531
md5=CC42C954190312F1A132ED3535D7688F
desc=1539 Signatures: 1280 Trojans, 158 Dialers, 7 Worms and 94 Spywares

[32]
URL=http://updates2.emsisoft.com/updates/4349A15078F156A8EF7­C78AFEE383824.dat
path=Signatures\20070426.trc
name=Traces signature update
size=1243
md5=4349A15078F156A8EF7C78AFEE383824
desc=136 Spyware Traces

[33]
URL=http://updates2.emsisoft.com/updates/EBC896F68D68775E5FA­2CBCCFA04E2A9.dat
path=Signatures\20070427.sig
name=Signature update
size=20451
md5=EBC896F68D68775E5FA2CBCCFA04E2A9
desc=918 Signatures: 758 Trojans, 25 Dialers, 75 Worms and 60 Spywares

[34]
URL=http://updates2.emsisoft.com/updates/9DA1DEFBF08AF090DEA­161EFCE3542D6.dat
path=Signatures\20070427.trc
name=Traces signature update
size=1906
md5=9DA1DEFBF08AF090DEA161EFCE3542D6
desc=205 Spyware Traces

[35]
URL=http://updates2.emsisoft.com/updates/F00D40CDE34778BC1AA­D9AAD8C1D79AE.dat
path=Signatures\20070430.sig
name=Signature update
size=28268
md5=F00D40CDE34778BC1AAD9AAD8C1D79AE
desc=1238 Signatures: 1014 Trojans, 30 Dialers, 67 Worms and 127 Spywares

[36]
URL=http://updates2.emsisoft.com/updates/B6B68A7BBD63F6EE98C­4046E73EBD989.dat
path=Signatures\20070430.trc
name=Traces signature update
size=2495
md5=B6B68A7BBD63F6EE98C4046E73EBD989
desc=230 Spyware Traces

[37]
URL=http://updates2.emsisoft.com/updates/2AEF88A6D7B5722562F­F744294C67F3B.dat
path=Signatures\20070501.sig
name=Signature update
size=17751
md5=2AEF88A6D7B5722562FF744294C67F3B
desc=989 Signatures: 794 Trojans, 0 Dialers, 7 Worms and 188 Spywares

[38]
URL=http://updates2.emsisoft.com/updates/A27249CE211B16C48A0­DA545684A4A25.dat
path=Signatures\20070501.trc
name=Traces signature update
size=1187
md5=A27249CE211B16C48A0DA545684A4A25
desc=87 Spyware Traces

[39]
URL=http://updates2.emsisoft.com/updates/5347CD568E8B356441F­6B9AB069C88FE.dat
path=Signatures\20070502.sig
name=Signature update
size=29825
md5=5347CD568E8B356441F6B9AB069C88FE
desc=1334 Signatures: 1122 Trojans, 40 Dialers, 62 Worms and 110 Spywares

[40]
URL=http://updates2.emsisoft.com/updates/BA2160E900749410B42­CD70B36226C9B.dat
path=Signatures\20070503.sig
name=Signature update
size=32079
md5=BA2160E900749410B42CD70B36226C9B
desc=1398 Signatures: 1139 Trojans, 146 Dialers, 4 Worms and 109 Spywares

[41]
URL=http://updates2.emsisoft.com/updates/ACC133327E03E0CE2A6­B564CE4E02287.dat
path=Signatures\20070503.trc
name=Traces signature update
size=4712
md5=ACC133327E03E0CE2A6B564CE4E02287
desc=589 Spyware Traces

[42]
URL=http://updates2.emsisoft.com/updates/33DE1FC7F6AED8605B9­7D95731619A41.dat
path=Signatures\20070504.sig
name=Signature update
size=33550
md5=33DE1FC7F6AED8605B97D95731619A41
desc=1480 Signatures: 1277 Trojans, 37 Dialers, 56 Worms and 110 Spywares

[43]
URL=http://updates2.emsisoft.com/updates/BBDB926141089D7A130­DEA258B78B3EB.dat
path=Signatures\20070504.trc
name=Traces signature update
size=2133
md5=BBDB926141089D7A130DEA258B78B3EB
desc=254 Spyware Traces

[44]
URL=http://updates2.emsisoft.com/updates/FE491F5F58385B58871­53BB97E0CC6F0.dat
path=Signatures\20070507.sig
name=Signature update
size=31998
md5=FE491F5F58385B5887153BB97E0CC6F0
desc=1393 Signatures: 1136 Trojans, 9 Dialers, 105 Worms and 143 Spywares

[45]
URL=http://updates2.emsisoft.com/updates/8152F708F8F18534060­44F70780F6299.dat
path=Signatures\20070507.trc
name=Traces signature update
size=2837
md5=8152F708F8F1853406044F70780F6299
desc=350 Spyware Traces

[46]
URL=