TROJAN rebelle
Dernière réponse : dans Sécurité
salut,
depuis qq jours, ma connexion internet est active alors qu'aucun téléchargement n'est en cours. Je soupconne un trojan :Trojan.BHO.Agent.B, j'ai fait plusieurs analyses en ligne avec bitdefender mais à chaque fois il revient
je n'arrive pas à m'en débarasser. Quelque conseils à me proposer ?
je joint une analyse hijackthis, merci
Logfile of HijackThis v1.99.1
Scan saved at 11:31:43, on 24/11/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\sstray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\CNNIC\Cdn\cdnup.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\msnmsgr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\themeGold55\CursorXP\CursorXP.exe
C:\Program Files\LiveUpdate\LiveUpdate.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
D:\Yunus\ANIME NEW\Liens rapides\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sha123.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://client.jogo.cn/cdn/browser/sidesearch/sidesearch...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/customsearch/customse...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: CNNIC ÍøÂ繤¾ßDrag - {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} - C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [rundll32] C:\Program Files\Common Files\rundll32.exe
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msnmsgr.exe] C:\WINDOWS\System32\msnmsgr.exe
O4 - HKLM\..\RunServices: [msnmsgr.exe] C:\WINDOWS\System32\msnmsgr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s
O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - Extra 'Tools' menuitem: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
O23 - Service: MXS(mxs) (MXS) - Unknown owner - C:\WINDOWS\system32\mxs.exe (file missing)
depuis qq jours, ma connexion internet est active alors qu'aucun téléchargement n'est en cours. Je soupconne un trojan :Trojan.BHO.Agent.B, j'ai fait plusieurs analyses en ligne avec bitdefender mais à chaque fois il revient
je n'arrive pas à m'en débarasser. Quelque conseils à me proposer ?
je joint une analyse hijackthis, merci
Logfile of HijackThis v1.99.1
Scan saved at 11:31:43, on 24/11/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\sstray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\CNNIC\Cdn\cdnup.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\msnmsgr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\themeGold55\CursorXP\CursorXP.exe
C:\Program Files\LiveUpdate\LiveUpdate.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Acrobat 6.0\Reader\AcroRd32.exe
D:\Yunus\ANIME NEW\Liens rapides\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sha123.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://client.jogo.cn/cdn/browser/sidesearch/sidesearch...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/customsearch/customse...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: CNNIC ÍøÂ繤¾ßDrag - {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} - C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [rundll32] C:\Program Files\Common Files\rundll32.exe
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msnmsgr.exe] C:\WINDOWS\System32\msnmsgr.exe
O4 - HKLM\..\RunServices: [msnmsgr.exe] C:\WINDOWS\System32\msnmsgr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s
O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - Extra 'Tools' menuitem: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
O23 - Service: MXS(mxs) (MXS) - Unknown owner - C:\WINDOWS\system32\mxs.exe (file missing)
Autres pages sur : trojan rebelle
Lassé par la pub ? Créez un compte
bonjour
Télécharger
AVG Antispyware 7.5
= Installer
= Clic : Mise à jour
-----------------------
relancer hijack
cocher ces lignes et clic sur fix checked
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: CNNIC ÍøÂ繤¾ßDrag - {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} - C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll
O4 - HKLM\..\Run: [rundll32] C:\Program Files\Common Files\rundll32.exe
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
O23 - Service: MXS(mxs) (MXS) - Unknown owner - C:\WINDOWS\system32\mxs.exe (file missing)
---------
supprimer, si présent
CNNIC ==> dans C:\PROGRA~1
-----
Faire
Démarrer==> Exécuter ==> Ecrire: services.msc
Dans le tableau qui s’ouvre chercher : Network helper Service (MSDisk)
Double-clic dessus==> dans type de démarrage ==>Désactiver ==> en dessous
Arrêter
-----
pareil avec
MXS
------
Dans hijack
= Open the misc tools section
= Delete a NT service
= coller dans la case ce texte en gras : Network helper Service (MSDisk)
= ok
----
pareil avec
MXS(mxs) (MXS)
-------------------------
= Redémarrer en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistrer ou imprimer les consignes. Relancer le Pc et tapoter la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionner Mode sans échec ==> entrée ==>nom utilisateur habituel
------------------------
= Lancer AVG anti-spy
= Dans ANALYSE
==> Paramètres ==> sous COMMENT REAGIR==>Actions recommandées ==>Quarantaine
==> Clic : Analyse complète du système
En fin de scan ( qui est assez long)
==> Clic Appliquer toutes les actions
==> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
------------------------
En mode normal
Copier/coller le rapport ( qui est sur le bureau) dans la réponse
+
un nouveau hijack
Télécharger
AVG Antispyware 7.5
= Installer
= Clic : Mise à jour
-----------------------
relancer hijack
cocher ces lignes et clic sur fix checked
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: CNNIC ÍøÂ繤¾ßDrag - {352E3B3A-CAB5-4DBC-B940-C7F84D0447D8} - C:\PROGRA~1\CNNIC\Cdn\cdndrag.dll
O4 - HKLM\..\Run: [rundll32] C:\Program Files\Common Files\rundll32.exe
O4 - HKLM\..\Run: [CdnCtr] C:\Program Files\CNNIC\Cdn\cdnup.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner - C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
O23 - Service: MXS(mxs) (MXS) - Unknown owner - C:\WINDOWS\system32\mxs.exe (file missing)
---------
supprimer, si présent
CNNIC ==> dans C:\PROGRA~1
-----
Faire
Démarrer==> Exécuter ==> Ecrire: services.msc
Dans le tableau qui s’ouvre chercher : Network helper Service (MSDisk)
Double-clic dessus==> dans type de démarrage ==>Désactiver ==> en dessous
Arrêter
-----
pareil avec
MXS
------
Dans hijack
= Open the misc tools section
= Delete a NT service
= coller dans la case ce texte en gras : Network helper Service (MSDisk)
= ok
----
pareil avec
MXS(mxs) (MXS)
-------------------------
= Redémarrer en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistrer ou imprimer les consignes. Relancer le Pc et tapoter la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionner Mode sans échec ==> entrée ==>nom utilisateur habituel
------------------------
= Lancer AVG anti-spy
= Dans ANALYSE
==> Paramètres ==> sous COMMENT REAGIR==>Actions recommandées ==>Quarantaine
==> Clic : Analyse complète du système
En fin de scan ( qui est assez long)
==> Clic Appliquer toutes les actions
==> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
------------------------
En mode normal
Copier/coller le rapport ( qui est sur le bureau) dans la réponse
+
un nouveau hijack
Merci pour tes conseils,
Cependant: aprés avoir ouvert services.msc, la case arreter n'était pas cliquable.
ET , hijack ne trouve pas le registre à supprimer ( à savoir MSDISK et MXS )
VOICI rapport AVG :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:06:46 24/11/2006
+ Résultat de l'analyse:
C:\WINDOWS\system32\cdnns.dll -> Adware.Cdn : Nettoyé.
C:\Program Files\pcast\PodcastbarMini\PodcastBar.dll -> Adware.Dudu : Nettoyé.
:mozilla.121:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.122:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.67:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.71:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.72:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.73:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.74:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.75:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.156:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.157:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.158:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.281:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Admarketplace : Nettoyé.
:mozilla.253:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.254:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.261:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.262:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.263:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.106:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.107:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.136:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.137:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.138:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.139:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.51:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.50:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\ozler\Cookies\ozler@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.265:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Clickhype : Nettoyé.
:mozilla.228:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.19:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\ozler\Cookies\ozler@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.143:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\ozler\Cookies\ozler@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.218:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.219:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.220:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.221:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.222:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.52:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.53:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.54:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.55:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.153:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.154:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.155:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.159:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.160:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.299:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.300:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.301:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.130:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.166:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.272:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.277:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.278:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.279:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.280:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.290:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.44:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.45:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.46:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.47:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.48:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.49:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\ozler\Cookies\ozler@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\ozler\Cookies\ozler@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.176:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.30:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.32:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.33:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.244:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.245:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.283:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.284:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.285:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.27:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.29:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\ozler\Cookies\ozler@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.249:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.250:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.251:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.252:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.255:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.256:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.257:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.260:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.185:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.16:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.17:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.18:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.312:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.56:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.57:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.58:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.59:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.60:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.61:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.282:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.287:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.288:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
et rapport hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 19:17:02, on 24/11/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\sstray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\msnmsgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\themeGold55\CursorXP\CursorXP.exe
C:\Program Files\LiveUpdate\LiveUpdate.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
D:\Yunus\ANIME NEW\Liens rapides\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sha123.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://client.jogo.cn/cdn/browser/sidesearch/sidesearch...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/customsearch/customse...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll (file missing)
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msnmsgr.exe] C:\WINDOWS\System32\msnmsgr.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [msnmsgr.exe] C:\WINDOWS\System32\msnmsgr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s
O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O9 - Extra 'Tools' menuitem: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
le probleme semble persister. Merci pour d'autres conseils
Cependant: aprés avoir ouvert services.msc, la case arreter n'était pas cliquable.
ET , hijack ne trouve pas le registre à supprimer ( à savoir MSDISK et MXS )
VOICI rapport AVG :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 19:06:46 24/11/2006
+ Résultat de l'analyse:
C:\WINDOWS\system32\cdnns.dll -> Adware.Cdn : Nettoyé.
C:\Program Files\pcast\PodcastbarMini\PodcastBar.dll -> Adware.Dudu : Nettoyé.
:mozilla.121:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.122:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.67:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.71:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.72:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.73:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.74:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.75:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.156:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.157:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.158:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.281:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Admarketplace : Nettoyé.
:mozilla.253:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.254:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.261:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.262:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.263:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.106:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.107:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.136:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.137:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.138:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.139:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.51:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.50:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\ozler\Cookies\ozler@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.265:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Clickhype : Nettoyé.
:mozilla.228:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.19:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\ozler\Cookies\ozler@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.143:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\ozler\Cookies\ozler@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.218:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.219:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.220:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.221:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.222:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.52:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.53:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.54:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.55:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.153:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.154:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.155:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.159:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.160:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.299:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.300:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.301:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.130:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.166:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.272:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.277:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.278:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.279:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.280:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.290:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.44:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.45:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.46:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.47:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.48:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.49:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\ozler\Cookies\ozler@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\ozler\Cookies\ozler@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.176:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.30:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.32:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.33:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.244:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.245:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.283:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.284:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.285:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.27:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.29:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\ozler\Cookies\ozler@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.249:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.250:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.251:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.252:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.255:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.256:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.257:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.260:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.185:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.16:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.17:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.18:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.312:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.56:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.57:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.58:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.59:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.60:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.61:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.282:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.287:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.288:C:\Documents and Settings\ozler\Application Data\Mozilla\Firefox\Profiles\lmslfzai.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
et rapport hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 19:17:02, on 24/11/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\sstray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\msnmsgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\System32\ctfmon.exe
C:\themeGold55\CursorXP\CursorXP.exe
C:\Program Files\LiveUpdate\LiveUpdate.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
D:\Yunus\ANIME NEW\Liens rapides\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sha123.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://client.jogo.cn/cdn/browser/sidesearch/sidesearch...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/customsearch/customse...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll (file missing)
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msnmsgr.exe] C:\WINDOWS\System32\msnmsgr.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [msnmsgr.exe] C:\WINDOWS\System32\msnmsgr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s
O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O9 - Extra 'Tools' menuitem: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O16 - DPF: {39D420B3-E0EB-424C-89AA-C24F8DE7EF79} (KooPlayer Control) - http://www.euchannels.net/update/KooPlayer.ocx
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
le probleme semble persister. Merci pour d'autres conseils
slt,
D'abord c'est juste pour te dire que je suis un nouveau helper mais t'inquiete pas des helpeurs experts sont deriere moi pour voir si je fait pas de bêtises alors fait l'action suivante
-lance AVG anti-Spyware7.5 puis choisis l'onglet "Analyse" puis l'onglet "Paramètres" sous la question "Comment Réagir ?" clique sur "Actions Recommendées" et choisis "Quarantaine"
Re-clique sur l'onglet "Analyse" puis réalise une "Analyse Complète Du Système"
/!\ Si un fichier est infecté détécté en fin d'analyse /!\
Clique sur "Appliquer toutes les actions "
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Puis poste le rapport sur ce sujet
Voila
D'abord c'est juste pour te dire que je suis un nouveau helper mais t'inquiete pas des helpeurs experts sont deriere moi pour voir si je fait pas de bêtises alors fait l'action suivante
-lance AVG anti-Spyware7.5 puis choisis l'onglet "Analyse" puis l'onglet "Paramètres" sous la question "Comment Réagir ?" clique sur "Actions Recommendées" et choisis "Quarantaine"
Re-clique sur l'onglet "Analyse" puis réalise une "Analyse Complète Du Système"
/!\ Si un fichier est infecté détécté en fin d'analyse /!\
Clique sur "Appliquer toutes les actions "
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Puis poste le rapport sur ce sujet
Voila
Bonjour,
@remi
Il a déjà utilisé AVG AS.
Télécharge Combofix
Enregistre le sur ton bureau.
Redémarre en mode sans échec
Double clique sur ComboFix.bat
A la fin du scan, un rapport sera généré, enregistre le sur ton bureau.
Redémarre normalement puis poste :
* le rapport Combofix
* un nouveau rapport Hijackthis
Note : Ne clique pas sur la fenêtre Combofix pendant qu'il est en train de scanner. Cela pourrait le faire planter.
@remi
Il a déjà utilisé AVG AS.
Télécharge Combofix
Enregistre le sur ton bureau.
Redémarre en mode sans échec
Double clique sur ComboFix.bat
A la fin du scan, un rapport sera généré, enregistre le sur ton bureau.
Redémarre normalement puis poste :
* le rapport Combofix
* un nouveau rapport Hijackthis
Note : Ne clique pas sur la fenêtre Combofix pendant qu'il est en train de scanner. Cela pourrait le faire planter.
Voici le rapport combofix :
ozler - 06-11-26 18:24:34,40 Service Pack 1
ComboFix 06.11.26 - Running from: "C:\Documents and Settings\ozler\Bureau"
((((((((((((((((((((((((((((((( Files Created from 2006-10-26 to 2006-11-26 ))))))))))))))))))))))))))))))))))
2006-11-26 18:18 <REP> d-------- C:\WINDOWS\temp
2006-11-24 17:47 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-24 17:47 <REP> d-------- C:\Program Files\Grisoft
2006-11-24 15:02 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
2006-11-23 20:47 33,952 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2006-11-23 20:45 1,221,120 -r-hs---- C:\WINDOWS\system32\msnmsgr.exe
2006-11-22 21:42 <REP> d-------- C:\Program Files\tvants
2006-11-13 22:34 <REP> d-------- C:\Program Files\EA SPORTS
2006-11-13 22:29 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll
2006-11-13 22:29 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe
2006-11-13 22:29 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
2006-11-13 22:29 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe
2006-11-13 22:29 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll
2006-11-13 22:29 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll
2006-11-13 22:29 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll
2006-11-13 22:29 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll
2006-11-13 22:29 76,800 --a------ C:\WINDOWS\system32\dmscript.dll
2006-11-13 22:29 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll
2006-11-13 22:29 723,968 --a------ C:\WINDOWS\system32\dpnet.dll
2006-11-13 22:29 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2006-11-13 22:29 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll
2006-11-13 22:29 64,512 --a------ C:\WINDOWS\system32\amstream.dll
2006-11-13 22:29 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll
2006-11-13 22:29 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll
2006-11-13 22:29 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2006-11-13 22:29 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
2006-11-13 22:29 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2006-11-13 22:29 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll
2006-11-13 22:29 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys
2006-11-13 22:29 470,528 --a------ C:\WINDOWS\system32\qdvd.dll
2006-11-13 22:29 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll
2006-11-13 22:29 46,592 --a------ C:\WINDOWS\system32\dxdllreg.exe
2006-11-13 22:29 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2006-11-13 22:29 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-11-13 22:29 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2006-11-13 22:29 381,952 --a------ C:\WINDOWS\system32\dsound.dll
2006-11-13 22:29 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll
2006-11-13 22:29 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll
2006-11-13 22:29 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll
2006-11-13 22:29 33,280 --a------ C:\WINDOWS\system32\dmloader.dll
2006-11-13 22:29 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll
2006-11-13 22:29 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll
2006-11-13 22:29 316,928 --a------ C:\WINDOWS\system32\qdv.dll
2006-11-13 22:29 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll
2006-11-13 22:29 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll
2006-11-13 22:29 292,864 --a------ C:\WINDOWS\system32\ddraw.dll
2006-11-13 22:29 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe
2006-11-13 22:29 27,136 --a------ C:\WINDOWS\system32\dmband.dll
2006-11-13 22:29 257,024 --a------ C:\WINDOWS\system32\qcap.dll
2006-11-13 22:29 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll
2006-11-13 22:29 230,400 --a------ C:\WINDOWS\system32\dplayx.dll
2006-11-13 22:29 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll
2006-11-13 22:29 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll
2006-11-13 22:29 181,248 --a------ C:\WINDOWS\system32\dmime.dll
2006-11-13 22:29 18,944 --a------ C:\WINDOWS\system32\encapi.dll
2006-11-13 22:29 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
2006-11-13 22:29 18,432 --a------ C:\WINDOWS\system32\dswave.dll
2006-11-13 22:29 16,896 --a------ C:\WINDOWS\system32\msyuv.dll
2006-11-13 22:29 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe
2006-11-13 22:29 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
2006-11-13 22:29 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys
2006-11-13 22:29 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys
2006-11-13 22:29 132,608 --a------ C:\WINDOWS\system32\devenum.dll
2006-11-13 22:29 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys
2006-11-13 22:29 13,312 --a------ C:\WINDOWS\system32\msdmo.dll
2006-11-13 22:29 122,880 --a------ C:\WINDOWS\system32\dmusic.dll
2006-11-13 22:29 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll
2006-11-13 22:29 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys
2006-11-13 22:29 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll
2006-11-13 22:29 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys
2006-11-13 22:29 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys
2006-11-13 22:29 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll
2006-11-13 22:29 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll
2006-11-13 22:29 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll
2006-11-13 22:29 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll
2006-11-13 22:29 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll
2006-11-13 22:29 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll
2006-11-13 22:29 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll
2006-11-13 22:29 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll
2006-11-13 16:48 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2006-11-10 16:38 737,280 --a------ C:\WINDOWS\iun6002.exe
2006-11-03 09:33 140,800 --a------ C:\WINDOWS\reg2.exe
2006-11-02 20:17 140,800 --a------ C:\WINDOWS\reg1.exe
2006-10-31 20:30 <REP> d-------- C:\Program Files\TVUPlayer
2006-10-31 20:24 <REP> d-------- C:\WINDOWS\MaxTV Online
2006-10-31 20:24 <REP> d-------- C:\Program Files\MaxSoftware
2006-10-31 17:38 <REP> d-------- C:\Program Files\MobeeSoft
2006-10-28 12:20 <REP> d-------- C:\Program Files\Pro Evolution Soccer 3 DEMO version
2006-10-26 23:26 170,752 --a------ C:\WINDOWS\system32\drivers\cdnprot.sys
2006-10-26 23:26 14,822 --a------ C:\WINDOWS\system32\drivers\cdntran.sys
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-26 17:42 -------- d-------- C:\Program Files\FlashGet
2006-11-24 18:04 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-11-24 15:09 -------- d---s---- C:\Documents and Settings\ozler\Application Data\Microsoft
2006-11-23 20:46 -------- d-------- C:\Documents and Settings\ozler\Application Data\.BitTornado
2006-11-21 20:51 -------- d-------- C:\Program Files\MaxTV Online
2006-11-15 18:04 -------- d-------- C:\Program Files\KONAMI
2006-11-15 18:03 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-07 11:41 -------- d-------- C:\Documents and Settings\ozler\Application Data\Apple Computer
2006-11-05 20:55 -------- d-------- C:\Program Files\QuickTime
2006-11-05 20:55 -------- d-------- C:\Program Files\PowerISO
2006-11-05 20:53 -------- d-------- C:\Program Files\LiveUpdate
2006-11-05 20:52 -------- d-------- C:\Program Files\Internet Explorer
2006-11-05 13:17 -------- d-------- C:\Program Files\Common Files
2006-10-24 21:31 -------- d-------- C:\Documents and Settings\ozler\Application Data\Ahead
2006-10-24 12:43 -------- d--h----- C:\Program Files\Uninstall Information
2006-10-24 12:43 -------- d-------- C:\Program Files\Outlook Express
2006-10-24 12:43 -------- d-------- C:\Program Files\Fichiers communs
2006-10-24 08:19 -------- d-------- C:\Program Files\KooWo
2006-10-23 23:39 -------- d-------- C:\Program Files\baidu
2006-10-18 15:50 17144 --a------ C:\Documents and Settings\ozler\Application Data\GDIPFONTCACHEV1.DAT
2006-10-10 18:12 -------- d-------- C:\Program Files\RM to MP3 Converter
2006-10-09 17:41 -------- d-------- C:\Documents and Settings\ozler\Application Data\DivX
2006-10-09 09:44 -------- d-------- C:\Program Files\Mozilla Firefox
2006-10-05 14:27 -------- d-------- C:\Program Files\DivX
2006-10-04 11:34 59536 --a------ C:\WINDOWS\system32\drivers\klin.sys
2006-10-04 11:33 61072 --a------ C:\WINDOWS\system32\drivers\klick.sys
2006-10-02 20:04 806912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-10-02 20:04 806912 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-10-02 20:04 790528 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-10-02 20:04 635486 --a------ C:\WINDOWS\system32\DivX.dll
2006-10-02 10:05 -------- d-------- C:\Program Files\MSN Games
2006-10-01 14:57 -------- d-------- C:\Documents and Settings\ozler\Application Data\ppstream
2006-09-28 17:40 -------- d-------- C:\Program Files\windows media player
2006-09-28 13:02 -------- d-------- C:\Program Files\BonkEnc
2006-09-28 12:59 -------- d-------- C:\Program Files\NCH Swift Sound
2006-09-28 12:59 -------- d-------- C:\Program Files\Free Audio Pack
2006-09-28 12:58 -------- d-------- C:\Program Files\Musicmatch
2006-09-28 12:47 -------- d-------- C:\Program Files\Acoustica Audio Converter Pro
2006-09-28 12:28 -------- d-------- C:\Program Files\ImTOO
2006-09-28 12:19 74752 --a------ C:\WINDOWS\ST6UNST.EXE
2006-09-28 12:19 253952 --a------ C:\WINDOWS\Setup1.exe
2006-09-28 12:13 -------- d-------- C:\Documents and Settings\ozler\Application Data\Musicmatch
2006-09-28 12:12 -------- d-------- C:\Program Files\Konvertor
2006-09-28 11:47 -------- d-------- C:\Documents and Settings\ozler\Application Data\COWON
2006-09-28 11:29 -------- d-------- C:\Program Files\GXTranscoder.net
2006-09-28 11:13 -------- d-------- C:\Program Files\MP3 WAV Converter
2006-09-28 10:59 -------- d-------- C:\Documents and Settings\ozler\Application Data\NCH Swift Sound
2006-09-28 10:52 -------- d-------- C:\Documents and Settings\ozler\Application Data\RecordPad
2006-09-26 17:14 -------- d-------- C:\Program Files\Coolstreaming
2006-09-26 15:41 494248 --a------ C:\WINDOWS\system32\24-FR.scr
2006-09-26 15:41 -------- d-------- C:\Program Files\24-FR
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
"CursorXP"="C:\\themeGold55\\CursorXP\\CursorXP.exe -s"
@=""
"BTCLiveUpdate"="\"C:\\Program Files\\LiveUpdate\\LiveUpdate.exe\" /autostart"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"nForce Tray Options"="sstray.exe /r"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"KAVPersonal50"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus Personal Pro\\kav.exe\" /minimize"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"PWRISOVM.EXE"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"msnmsgr.exe"="C:\\WINDOWS\\System32\\msnmsgr.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"msnmsgr.exe"="C:\\WINDOWS\\System32\\msnmsgr.exe"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,80,00,00,00,00,00,00,00,00,02,00,00,c4,01,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,f2,01,00,00,b8,00,00,00,7c,00,00,00,71,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"ForceClassicControlPanel"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoLowDiskSpaceCheck"=dword:00000001
"NoCDBurning"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"ForceClassicControlPanel"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoLowDiskSpaceCheck"=dword:00000001
"NoCDBurning"=dword:00000001
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"ForceClassicControlPanel"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoLowDiskSpaceCheck"=dword:00000001
"NoCDBurning"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0
mysee2 REG_MULTI_SZ Mysee2_Runtime\0
Completion time: 06-11-26 18:24:59.12
C:\ComboFix.txt ... 06-11-26 18:24
C:\ComboFix2.txt ... 06-11-26 18:18
C:\ComboFixa.txt ... 06-11-26 18:19
et le rapport hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 18:25:35, on 26/11/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\Yunus\ANIME NEW\Liens rapides\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sha123.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://client.jogo.cn/cdn/browser/sidesearch/sidesearch...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/customsearch/customse...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll (file missing)
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msnmsgr.exe] C:\WINDOWS\System32\msnmsgr.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [msnmsgr.exe] C:\WINDOWS\System32\msnmsgr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s
O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O9 - Extra 'Tools' menuitem: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
Merci pour votre attention, j'attends vos conseils
ozler - 06-11-26 18:24:34,40 Service Pack 1
ComboFix 06.11.26 - Running from: "C:\Documents and Settings\ozler\Bureau"
((((((((((((((((((((((((((((((( Files Created from 2006-10-26 to 2006-11-26 ))))))))))))))))))))))))))))))))))
2006-11-26 18:18 <REP> d-------- C:\WINDOWS\temp
2006-11-24 17:47 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-24 17:47 <REP> d-------- C:\Program Files\Grisoft
2006-11-24 15:02 <REP> d--h----- C:\WINDOWS\system32\GroupPolicy
2006-11-23 20:47 33,952 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2006-11-23 20:45 1,221,120 -r-hs---- C:\WINDOWS\system32\msnmsgr.exe
2006-11-22 21:42 <REP> d-------- C:\Program Files\tvants
2006-11-13 22:34 <REP> d-------- C:\Program Files\EA SPORTS
2006-11-13 22:29 98,816 --a------ C:\WINDOWS\system32\dmstyle.dll
2006-11-13 22:29 974,848 --a------ C:\WINDOWS\system32\dxdiag.exe
2006-11-13 22:29 83,968 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
2006-11-13 22:29 80,896 --a------ C:\WINDOWS\system32\dpvsetup.exe
2006-11-13 22:29 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll
2006-11-13 22:29 797,184 --a------ C:\WINDOWS\system32\d3dim700.dll
2006-11-13 22:29 79,360 --a------ C:\WINDOWS\system32\dpwsockx.dll
2006-11-13 22:29 77,824 --a------ C:\WINDOWS\system32\dpmodemx.dll
2006-11-13 22:29 76,800 --a------ C:\WINDOWS\system32\dmscript.dll
2006-11-13 22:29 733,184 --a------ C:\WINDOWS\system32\qedwipes.dll
2006-11-13 22:29 723,968 --a------ C:\WINDOWS\system32\dpnet.dll
2006-11-13 22:29 7,424 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2006-11-13 22:29 68,096 --a------ C:\WINDOWS\system32\dpnhupnp.dll
2006-11-13 22:29 64,512 --a------ C:\WINDOWS\system32\amstream.dll
2006-11-13 22:29 602,624 --a------ C:\WINDOWS\system32\dx7vb.dll
2006-11-13 22:29 58,368 --a------ C:\WINDOWS\system32\dmcompos.dll
2006-11-13 22:29 52,096 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2006-11-13 22:29 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
2006-11-13 22:29 5,248 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2006-11-13 22:29 491,520 --a------ C:\WINDOWS\system32\dsdmoprp.dll
2006-11-13 22:29 48,512 --a------ C:\WINDOWS\system32\drivers\stream.sys
2006-11-13 22:29 470,528 --a------ C:\WINDOWS\system32\qdvd.dll
2006-11-13 22:29 47,104 --a------ C:\WINDOWS\system32\wstdecod.dll
2006-11-13 22:29 46,592 --a------ C:\WINDOWS\system32\dxdllreg.exe
2006-11-13 22:29 4,608 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2006-11-13 22:29 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-11-13 22:29 4,096 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2006-11-13 22:29 381,952 --a------ C:\WINDOWS\system32\dsound.dll
2006-11-13 22:29 381,952 --a------ C:\WINDOWS\system32\dpvoice.dll
2006-11-13 22:29 354,816 --a------ C:\WINDOWS\system32\psisdecd.dll
2006-11-13 22:29 34,304 --a------ C:\WINDOWS\system32\mciqtz32.dll
2006-11-13 22:29 33,280 --a------ C:\WINDOWS\system32\dmloader.dll
2006-11-13 22:29 324,096 --a------ C:\WINDOWS\system32\mswebdvd.dll
2006-11-13 22:29 32,768 --a------ C:\WINDOWS\system32\dpnhpast.dll
2006-11-13 22:29 316,928 --a------ C:\WINDOWS\system32\qdv.dll
2006-11-13 22:29 3,072 --a------ C:\WINDOWS\system32\dpnlobby.dll
2006-11-13 22:29 3,072 --a------ C:\WINDOWS\system32\dpnaddr.dll
2006-11-13 22:29 292,864 --a------ C:\WINDOWS\system32\ddraw.dll
2006-11-13 22:29 28,160 --a------ C:\WINDOWS\system32\dplaysvr.exe
2006-11-13 22:29 27,136 --a------ C:\WINDOWS\system32\dmband.dll
2006-11-13 22:29 257,024 --a------ C:\WINDOWS\system32\qcap.dll
2006-11-13 22:29 24,064 --a------ C:\WINDOWS\system32\ddrawex.dll
2006-11-13 22:29 230,400 --a------ C:\WINDOWS\system32\dplayx.dll
2006-11-13 22:29 19,968 --a------ C:\WINDOWS\system32\dpvacm.dll
2006-11-13 22:29 186,880 --a------ C:\WINDOWS\system32\dsdmo.dll
2006-11-13 22:29 181,248 --a------ C:\WINDOWS\system32\dmime.dll
2006-11-13 22:29 18,944 --a------ C:\WINDOWS\system32\encapi.dll
2006-11-13 22:29 18,688 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
2006-11-13 22:29 18,432 --a------ C:\WINDOWS\system32\dswave.dll
2006-11-13 22:29 16,896 --a------ C:\WINDOWS\system32\msyuv.dll
2006-11-13 22:29 16,896 --a------ C:\WINDOWS\system32\dpnsvr.exe
2006-11-13 22:29 16,384 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
2006-11-13 22:29 15,104 --a------ C:\WINDOWS\system32\drivers\mpe.sys
2006-11-13 22:29 14,976 --a------ C:\WINDOWS\system32\drivers\streamip.sys
2006-11-13 22:29 132,608 --a------ C:\WINDOWS\system32\devenum.dll
2006-11-13 22:29 130,304 --a------ C:\WINDOWS\system32\drivers\ks.sys
2006-11-13 22:29 13,312 --a------ C:\WINDOWS\system32\msdmo.dll
2006-11-13 22:29 122,880 --a------ C:\WINDOWS\system32\dmusic.dll
2006-11-13 22:29 112,128 --a------ C:\WINDOWS\system32\dpvvox.dll
2006-11-13 22:29 11,392 --a------ C:\WINDOWS\system32\drivers\bdasup.sys
2006-11-13 22:29 100,864 --a------ C:\WINDOWS\system32\dmsynth.dll
2006-11-13 22:29 10,880 --a------ C:\WINDOWS\system32\drivers\slip.sys
2006-11-13 22:29 10,112 --a------ C:\WINDOWS\system32\drivers\ndisip.sys
2006-11-13 22:29 1,962,496 --a------ C:\WINDOWS\system32\quartz.dll
2006-11-13 22:29 1,798,144 --a------ C:\WINDOWS\system32\qedit.dll
2006-11-13 22:29 1,769,472 --a------ C:\WINDOWS\system32\dxdiagn.dll
2006-11-13 22:29 1,703,936 --a------ C:\WINDOWS\system32\d3d9.dll
2006-11-13 22:29 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll
2006-11-13 22:29 1,230,336 --a------ C:\WINDOWS\system32\msvidctl.dll
2006-11-13 22:29 1,201,152 --a------ C:\WINDOWS\system32\d3d8.dll
2006-11-13 22:29 1,189,888 --a------ C:\WINDOWS\system32\dx8vb.dll
2006-11-13 16:48 98,304 --a------ C:\WINDOWS\system32\CmdLineExt.dll
2006-11-10 16:38 737,280 --a------ C:\WINDOWS\iun6002.exe
2006-11-03 09:33 140,800 --a------ C:\WINDOWS\reg2.exe
2006-11-02 20:17 140,800 --a------ C:\WINDOWS\reg1.exe
2006-10-31 20:30 <REP> d-------- C:\Program Files\TVUPlayer
2006-10-31 20:24 <REP> d-------- C:\WINDOWS\MaxTV Online
2006-10-31 20:24 <REP> d-------- C:\Program Files\MaxSoftware
2006-10-31 17:38 <REP> d-------- C:\Program Files\MobeeSoft
2006-10-28 12:20 <REP> d-------- C:\Program Files\Pro Evolution Soccer 3 DEMO version
2006-10-26 23:26 170,752 --a------ C:\WINDOWS\system32\drivers\cdnprot.sys
2006-10-26 23:26 14,822 --a------ C:\WINDOWS\system32\drivers\cdntran.sys
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-26 17:42 -------- d-------- C:\Program Files\FlashGet
2006-11-24 18:04 -------- d-------- C:\Program Files\ewido anti-spyware 4.0
2006-11-24 15:09 -------- d---s---- C:\Documents and Settings\ozler\Application Data\Microsoft
2006-11-23 20:46 -------- d-------- C:\Documents and Settings\ozler\Application Data\.BitTornado
2006-11-21 20:51 -------- d-------- C:\Program Files\MaxTV Online
2006-11-15 18:04 -------- d-------- C:\Program Files\KONAMI
2006-11-15 18:03 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-07 11:41 -------- d-------- C:\Documents and Settings\ozler\Application Data\Apple Computer
2006-11-05 20:55 -------- d-------- C:\Program Files\QuickTime
2006-11-05 20:55 -------- d-------- C:\Program Files\PowerISO
2006-11-05 20:53 -------- d-------- C:\Program Files\LiveUpdate
2006-11-05 20:52 -------- d-------- C:\Program Files\Internet Explorer
2006-11-05 13:17 -------- d-------- C:\Program Files\Common Files
2006-10-24 21:31 -------- d-------- C:\Documents and Settings\ozler\Application Data\Ahead
2006-10-24 12:43 -------- d--h----- C:\Program Files\Uninstall Information
2006-10-24 12:43 -------- d-------- C:\Program Files\Outlook Express
2006-10-24 12:43 -------- d-------- C:\Program Files\Fichiers communs
2006-10-24 08:19 -------- d-------- C:\Program Files\KooWo
2006-10-23 23:39 -------- d-------- C:\Program Files\baidu
2006-10-18 15:50 17144 --a------ C:\Documents and Settings\ozler\Application Data\GDIPFONTCACHEV1.DAT
2006-10-10 18:12 -------- d-------- C:\Program Files\RM to MP3 Converter
2006-10-09 17:41 -------- d-------- C:\Documents and Settings\ozler\Application Data\DivX
2006-10-09 09:44 -------- d-------- C:\Program Files\Mozilla Firefox
2006-10-05 14:27 -------- d-------- C:\Program Files\DivX
2006-10-04 11:34 59536 --a------ C:\WINDOWS\system32\drivers\klin.sys
2006-10-04 11:33 61072 --a------ C:\WINDOWS\system32\drivers\klick.sys
2006-10-02 20:04 806912 --a------ C:\WINDOWS\system32\divx_xx0c.dll
2006-10-02 20:04 806912 --a------ C:\WINDOWS\system32\divx_xx07.dll
2006-10-02 20:04 790528 --a------ C:\WINDOWS\system32\divx_xx11.dll
2006-10-02 20:04 635486 --a------ C:\WINDOWS\system32\DivX.dll
2006-10-02 10:05 -------- d-------- C:\Program Files\MSN Games
2006-10-01 14:57 -------- d-------- C:\Documents and Settings\ozler\Application Data\ppstream
2006-09-28 17:40 -------- d-------- C:\Program Files\windows media player
2006-09-28 13:02 -------- d-------- C:\Program Files\BonkEnc
2006-09-28 12:59 -------- d-------- C:\Program Files\NCH Swift Sound
2006-09-28 12:59 -------- d-------- C:\Program Files\Free Audio Pack
2006-09-28 12:58 -------- d-------- C:\Program Files\Musicmatch
2006-09-28 12:47 -------- d-------- C:\Program Files\Acoustica Audio Converter Pro
2006-09-28 12:28 -------- d-------- C:\Program Files\ImTOO
2006-09-28 12:19 74752 --a------ C:\WINDOWS\ST6UNST.EXE
2006-09-28 12:19 253952 --a------ C:\WINDOWS\Setup1.exe
2006-09-28 12:13 -------- d-------- C:\Documents and Settings\ozler\Application Data\Musicmatch
2006-09-28 12:12 -------- d-------- C:\Program Files\Konvertor
2006-09-28 11:47 -------- d-------- C:\Documents and Settings\ozler\Application Data\COWON
2006-09-28 11:29 -------- d-------- C:\Program Files\GXTranscoder.net
2006-09-28 11:13 -------- d-------- C:\Program Files\MP3 WAV Converter
2006-09-28 10:59 -------- d-------- C:\Documents and Settings\ozler\Application Data\NCH Swift Sound
2006-09-28 10:52 -------- d-------- C:\Documents and Settings\ozler\Application Data\RecordPad
2006-09-26 17:14 -------- d-------- C:\Program Files\Coolstreaming
2006-09-26 15:41 494248 --a------ C:\WINDOWS\system32\24-FR.scr
2006-09-26 15:41 -------- d-------- C:\Program Files\24-FR
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\ctfmon.exe"
"CursorXP"="C:\\themeGold55\\CursorXP\\CursorXP.exe -s"
@=""
"BTCLiveUpdate"="\"C:\\Program Files\\LiveUpdate\\LiveUpdate.exe\" /autostart"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"nForce Tray Options"="sstray.exe /r"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"KAVPersonal50"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus Personal Pro\\kav.exe\" /minimize"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"PWRISOVM.EXE"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"msnmsgr.exe"="C:\\WINDOWS\\System32\\msnmsgr.exe"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"msnmsgr.exe"="C:\\WINDOWS\\System32\\msnmsgr.exe"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,80,00,00,00,00,00,00,00,00,02,00,00,c4,01,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,f2,01,00,00,b8,00,00,00,7c,00,00,00,71,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"ForceClassicControlPanel"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoLowDiskSpaceCheck"=dword:00000001
"NoCDBurning"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"ForceClassicControlPanel"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoLowDiskSpaceCheck"=dword:00000001
"NoCDBurning"=dword:00000001
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"ForceClassicControlPanel"=dword:00000001
"NoLowDiskSpaceChecks"=dword:00000001
"NoLowDiskSpaceCheck"=dword:00000001
"NoCDBurning"=dword:00000001
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
Usnsvc REG_MULTI_SZ usnsvc\0\0
mysee2 REG_MULTI_SZ Mysee2_Runtime\0
Completion time: 06-11-26 18:24:59.12
C:\ComboFix.txt ... 06-11-26 18:24
C:\ComboFix2.txt ... 06-11-26 18:18
C:\ComboFixa.txt ... 06-11-26 18:19
et le rapport hijackthis :
Logfile of HijackThis v1.99.1
Scan saved at 18:25:35, on 26/11/2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\Yunus\ANIME NEW\Liens rapides\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sha123.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://client.jogo.cn/cdn/browser/sidesearch/sidesearch...
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/customsearch/customse...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll (file missing)
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [msnmsgr.exe] C:\WINDOWS\System32\msnmsgr.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [msnmsgr.exe] C:\WINDOWS\System32\msnmsgr.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [CursorXP] C:\themeGold55\CursorXP\CursorXP.exe -s
O4 - HKCU\..\Run: [BTCLiveUpdate] "C:\Program Files\LiveUpdate\LiveUpdate.exe" /autostart
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O9 - Extra 'Tools' menuitem: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.google.fr
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
Merci pour votre attention, j'attends vos conseils
- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sha123.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://client.jogo.cn/cdn/browser/ [...] ch-en.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/ [...] ch-en.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll (file missing)
O9 - Extra button: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O9 - Extra 'Tools' menuitem: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
Clique sur Fix checked (en bas à gauche)
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation
Va sur le site de VirusTotal
Clique sur Parcourir... puis ouvre:
C:\WINDOWS\System32\msnmsgr.exe
Clique ensuite sur Send
Poste le rapport en fin d'analyse.
Si tu vois ce message:
" Your file " ***.*** " is queued in position: ***. Estimated start time is between *** and *** minutes. "
Il te faudra patienter.
->Coche les lignes ci-dessous :
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sha123.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://client.jogo.cn/cdn/browser/ [...] ch-en.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://client.jogo.cn/cdn/browser/ [...] ch-en.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - (no file)
O2 - BHO: CdnForIE Class - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O2 - BHO: WMHlprObj Class - {F5824EFB-728A-4726-A5A5-85A68B20EDC3} - C:\PROGRA~1\CNNIC\Cdn\wmhlpr.dll (file missing)
O9 - Extra button: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O9 - Extra 'Tools' menuitem: Chinese Navigation - {5C3853CF-C7E0-4946-B3FA-1ABDB6F48108} - C:\PROGRA~1\CNNIC\Cdn\cdnforie.dll (file missing)
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
Clique sur Fix checked (en bas à gauche)
Citation :
- Assure toi d'avoir accès aux dossiers/fichiers cachés-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation
Va sur le site de VirusTotal
Clique sur Parcourir... puis ouvre:
C:\WINDOWS\System32\msnmsgr.exe
Clique ensuite sur Send
Poste le rapport en fin d'analyse.
Si tu vois ce message:
" Your file " ***.*** " is queued in position: ***. Estimated start time is between *** and *** minutes. "
Il te faudra patienter.
Voila le rapport de virus total : Complete scanning result of "msnmsgr.exe", received in VirusTotal at 11.26.2006, 22:28:45 (CET).
Antivirus Version Update Result
AntiVir 7.2.0.46 11.26.2006 HEUR/Crypted
Authentium 4.93.8 11.24.2006 no virus found
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.26.2006 no virus found
BitDefender 7.2 11.26.2006 no virus found
CAT-QuickHeal 8.00 11.25.2006 no virus found
ClamAV devel-20060426 11.25.2006 no virus found
DrWeb 4.33 11.26.2006 no virus found
eSafe 7.0.14.0 11.26.2006 no virus found
eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.26.2006 no virus found
Fortinet 2.82.0.0 11.26.2006 suspicious
F-Prot 3.16f 11.24.2006 no virus found
F-Prot4 4.2.1.29 11.24.2006 no virus found
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.26.2006 no virus found
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.26.2006 no virus found
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.26.2006 no virus found
Prevx1 V2 11.26.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.123 11.23.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.26.2006 suspected of Trojan-PSW.LdPinch.36 (paranoid heuristics)
VirusBuster 4.3.15:9 11.26.2006 no virus found
Aditional Information
File size: 1221120 bytes
MD5: a11127d54ab560cf2847bd05692e2517
SHA1: 7a4675db43f01c3ee1c5554deed92a97d7e2ae7f
packers: Themida
le probleme demeure
Antivirus Version Update Result
AntiVir 7.2.0.46 11.26.2006 HEUR/Crypted
Authentium 4.93.8 11.24.2006 no virus found
Avast 4.7.892.0 11.23.2006 no virus found
AVG 386 11.26.2006 no virus found
BitDefender 7.2 11.26.2006 no virus found
CAT-QuickHeal 8.00 11.25.2006 no virus found
ClamAV devel-20060426 11.25.2006 no virus found
DrWeb 4.33 11.26.2006 no virus found
eSafe 7.0.14.0 11.26.2006 no virus found
eTrust-InoculateIT 23.73.67 11.25.2006 no virus found
eTrust-Vet 30.3.3211 11.24.2006 no virus found
Ewido 4.0 11.26.2006 no virus found
Fortinet 2.82.0.0 11.26.2006 suspicious
F-Prot 3.16f 11.24.2006 no virus found
F-Prot4 4.2.1.29 11.24.2006 no virus found
Ikarus 0.2.65.0 11.24.2006 no virus found
Kaspersky 4.0.2.24 11.26.2006 no virus found
McAfee 4904 11.24.2006 no virus found
Microsoft 1.1804 11.26.2006 no virus found
NOD32v2 1882 11.24.2006 no virus found
Norman 5.80.02 11.24.2006 no virus found
Panda 9.0.0.4 11.26.2006 no virus found
Prevx1 V2 11.26.2006 no virus found
Sophos 4.11.0 11.16.2006 no virus found
TheHacker 6.0.3.123 11.23.2006 no virus found
UNA 1.83 11.24.2006 no virus found
VBA32 3.11.1 11.26.2006 suspected of Trojan-PSW.LdPinch.36 (paranoid heuristics)
VirusBuster 4.3.15:9 11.26.2006 no virus found
Aditional Information
File size: 1221120 bytes
MD5: a11127d54ab560cf2847bd05692e2517
SHA1: 7a4675db43f01c3ee1c5554deed92a97d7e2ae7f
packers: Themida
le probleme demeure
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumTrojan infecte par trojan-downloader.win32
- ForumTrojan svchhost.exe
- ForumTrojan dropper et downloader trojan
- ForumTrojan infecte par dialer trojan
- ForumTrojan
- ForumTrojan infecte par de multiples trojan.
- ForumTrojan backdoor et trojan fakearvalert
- ForumTrojan w32 trojan-gen
- ForumTrojan trojan horse et trojan.starpage
- ForumTrojan tr trash.gen' trojan
- Voir plus
