infecté par Win32:VBStat-C [Trj] et Adware aider moi

alguno@IDN

7 Juin 2007 18:17:38

bonjour
mon ordinateur est infecté par un virus du nom de Win32:VBStat-C [Trj] et mon antivirus n'arrive pas à le supprimer ou à l'éliminer.
aider moi.

Autres pages sur : infecte win32 vbstat trj adware aider

| Etre averti des réponses
| Alerter

Répondre à alguno@IDN

Angeldark

7 Juin 2007 18:32:58

Bonjour,

Télécharge Hijackthis (de Merjin).
Dézippe-le dans un dossier ou sur ton Bureau.

Lance l'application (Hijackthis.exe) :
- Choisis l'option "Do a system scan and save a logfile"
- Le Bloc-Notes s'ouvre, poste son contenu :

-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse

AIDE : Tuto en vidéo sur Hijackthis

| Alerter

Répondre à Angeldark

alguno@IDN

7 Juin 2007 18:54:21

le voila et merci de m'aider

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 20:54:15, on 07/06/2007
Platform: Windows XP (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\avast\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\avast\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
D:\avast\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\System32\rundll32.exe
D:\Adobe\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe
C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe
D:\SAMfighter 5.5.0\SFAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
D:\Antipub\antipub.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
D:\avast\ashMaiSv.exe
D:\avast\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Documents and Settings\patrick\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0D84ABF4-95E8-488B-8DEA-300505AEFE7f} - C:\WINDOWS\System32\gxmtssot.dll
O2 - BHO: (no name) - {21EA6F5D-3E07-4CBE-86FA-5235FF3F9A45} - C:\WINDOWS\System32\vtsqr.dll
O2 - BHO: (no name) - {36116056-63DC-47CC-8902-D461CF7B5285} - C:\WINDOWS\System32\gxmtssot.dll
O2 - BHO: (no name) - {3F82FBF2-61AD-47E4-80DE-BE5EAEF4F440} - C:\WINDOWS\System32\gxmtssot.dll
O2 - BHO: (no name) - {6346B1EB-CDE0-4EAC-BEF9-BEE4CB8A671d} - C:\WINDOWS\System32\gxmtssot.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: (no name) - {C5E02D55-E7B6-4AD1-8140-D418D409A047} - C:\WINDOWS\System32\ssqomli.dll (file missing)
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\System32\xqhikicl.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] D:\avast\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [WinFlyer32.dll] "rundll32.exe" C:\WINDOWS\System32\WinFlyer32.dll,Run
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Adobe\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [WA6PV_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "D:\SAMfighter 5.5.0\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [j3281034] rundll32 C:\WINDOWS\System32\j3281034.dll sook
O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\System32\ifsaikxh.dll",realset
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ErrorSafeFree] "C:\Program Files\ErrorSafe Free\uers.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = D:\Antipub\antipub.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.drivecleaner.com/installdrivecleanerstart_fr...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: ssqomli - ssqomli.dll (file missing)
O20 - Winlogon Notify: vtsqr - C:\WINDOWS\System32\vtsqr.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\avast\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\avast\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe

--
End of file - 9824 bytes

| Alerter

Répondre à alguno@IDN

Angeldark

7 Juin 2007 19:01:58

Re,

Télécharge VundoFix.exe (par Atribune) sur ton Bureau.

Double-clique VundoFix.exe afin de le lancer

Clique sur le bouton Scan for Vundo

Lorsque le scan est complété, clique sur le bouton Remove Vundo

Une invite te demandera si tu veux supprimer les fichiers, clique YES

Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers

Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK

Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".

| Alerter

Répondre à Angeldark

alguno@IDN

7 Juin 2007 19:21:37

sa à l'aire d'aller mieux
C:\WINDOWS\system32\cebnjlut.dll
C:\WINDOWS\system32\curjrcsr.ini
C:\WINDOWS\system32\ecjcdwvt.dll
C:\WINDOWS\system32\exgaiafp.dll
C:\WINDOWS\System32\fxcvsdyl.dll
C:\WINDOWS\system32\gwugwpoi.dll
C:\WINDOWS\system32\hklsiskx.ini
C:\WINDOWS\system32\hxkiasfi.ini
C:\WINDOWS\system32\ifsaikxh.dll
C:\WINDOWS\System32\klnfoiki.dll
C:\WINDOWS\system32\lprvkvlh.dll
C:\WINDOWS\system32\ndrpykoe.dll
C:\WINDOWS\system32\omcrkter.dll
C:\WINDOWS\system32\qcosxqkn.dll
C:\WINDOWS\system32\qrfuamgt.ini
C:\WINDOWS\system32\qxorqvxh.dll
C:\WINDOWS\system32\rqstv.bak1
C:\WINDOWS\system32\rqstv.bak2
C:\WINDOWS\system32\rqstv.ini
C:\WINDOWS\system32\rqstv.ini2
C:\WINDOWS\system32\rqstv.tmp
C:\WINDOWS\system32\rscrjruc.dll
C:\WINDOWS\System32\ssqomli.dll
C:\WINDOWS\system32\sxfvfket.dll
C:\WINDOWS\system32\tekfvfxs.ini
C:\WINDOWS\system32\tgmaufrq.dll
C:\WINDOWS\System32\vtsqr.dll
C:\WINDOWS\system32\xksislkh.dll
C:\WINDOWS\system32\xlfmmxma.dll

la c'est le rapport hijackthis

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21:21:13, on 07/06/2007
Platform: Windows XP (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\avast\aswUpdSv.exe
D:\avast\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
D:\avast\ashWebSv.exe
D:\avast\ashMaiSv.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
D:\avast\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\WINDOWS\System32\rundll32.exe
D:\Adobe\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe
C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe
D:\SAMfighter 5.5.0\SFAgent.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\System32\msiexec.exe
D:\Antipub\antipub.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\patrick\Bureau\HiJackThis_v2(2).exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0D84ABF4-95E8-488B-8DEA-300505AEFE7f} - C:\WINDOWS\System32\gxmtssot.dll
O2 - BHO: (no name) - {21EA6F5D-3E07-4CBE-86FA-5235FF3F9A45} - C:\WINDOWS\System32\vtsqr.dll (file missing)
O2 - BHO: (no name) - {36116056-63DC-47CC-8902-D461CF7B5285} - C:\WINDOWS\System32\gxmtssot.dll
O2 - BHO: (no name) - {3F82FBF2-61AD-47E4-80DE-BE5EAEF4F440} - C:\WINDOWS\System32\gxmtssot.dll
O2 - BHO: (no name) - {6346B1EB-CDE0-4EAC-BEF9-BEE4CB8A671d} - C:\WINDOWS\System32\gxmtssot.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\System32\xqhikicl.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] D:\avast\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [WinFlyer32.dll] "rundll32.exe" C:\WINDOWS\System32\WinFlyer32.dll,Run
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Adobe\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [WA6PV_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "D:\SAMfighter 5.5.0\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [j3281034] rundll32 C:\WINDOWS\System32\j3281034.dll sook
O4 - HKLM\..\Run: [ApachInc] rundll32.exe "C:\WINDOWS\System32\ifsaikxh.dll",realset
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ErrorSafeFree] "C:\Program Files\ErrorSafe Free\uers.exe" /min
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Startup: Anti-Pub.lnk = D:\Antipub\antipub.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.drivecleaner.com/installdrivecleanerstart_fr...
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: ssqomli - ssqomli.dll (file missing)
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\avast\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\avast\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\System32\imapi.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: DDE réseau (NetDDE) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: DSDM DDE réseau (NetDDEdsdm) - Unknown owner - C:\WINDOWS\system32\netdde.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Prise en charge des cartes à puces (SCardDrv) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\System32\wbem\wmiapsrv.exe

--
End of file - 9791 bytes

| Alerter

Répondre à alguno@IDN

Angeldark

7 Juin 2007 19:33:20

Ce n'est pas le bon rapport

Télécharge combofix.exe (par sUBs) sur ton Bureau.

Double clique combofix.exe.

Tape sur la touche Y (Yes) pour démarrer le scan.

Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

NOTE : Le rapport se trouve également ici : C:\Combofix.txt

| Alerter

Répondre à Angeldark

alguno@IDN

8 Juin 2007 05:40:37

ComboFix 07-06-3B - Running from: "C:\Documents and Settings\patrick\Bureau\"

/wow section - STAGE #3

(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\WinFlyer32.dll
C:\WINDOWS\system32\aiixdsdc.dll
C:\WINDOWS\system32\gxmtssot.dll
C:\WINDOWS\system32\nakyidka.dll
C:\WINDOWS\system32\oixetivf.dll
C:\WINDOWS\system32\pvyrgwtu.dll
C:\WINDOWS\system32\snvofpbg.dll
C:\WINDOWS\system32\vfatpsow.dll

* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

((((((((((((((((((((((((( Files Created from 2007-05-08 to 2007-06-08 )))))))))))))))))))))))))))))))

2007-06-07 18:05 58,420 --a------ C:\WINDOWS\system32\xqhikicl.dll
2007-06-06 22:00 55,316 --a------ C:\WINDOWS\system32\yxlbalis.dll
2007-06-06 21:57 55,316 --a------ C:\WINDOWS\system32\liybsuck.dll
2007-06-06 12:54 <REP> d-------- C:\DOCUME~1\benjamin\APPLIC~1\Leadertech
2007-06-05 18:24 14,868 --a------ C:\WINDOWS\system32\nqqpyhpm.exe
2007-06-05 18:24 10,752 --a------ C:\WINDOWS\system32\j3281034.dll
2007-06-05 10:40 2,580 --a------ C:\WINDOWS\system32\rcoupyjd.exe
2007-06-05 10:11 2,580 --a------ C:\WINDOWS\system32\fmxcyhpv.exe
2007-06-04 18:37 2,580 --a------ C:\WINDOWS\system32\bpnhihfi.exe
2007-06-04 09:32 2,580 --a------ C:\WINDOWS\system32\hxpifebg.exe
2007-06-04 08:45 2,580 --a------ C:\WINDOWS\system32\fulcllbf.exe
2007-06-04 07:56 2,580 --a------ C:\WINDOWS\system32\movirved.exe
2007-06-04 07:49 2,580 --a------ C:\WINDOWS\system32\uqyhyqsl.exe
2007-06-03 16:40 2,580 --a------ C:\WINDOWS\system32\dvbwqfdh.exe
2007-06-03 16:18 2,580 --a------ C:\WINDOWS\system32\wqouctrr.exe
2007-06-03 12:34 83,536 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-06-03 12:34 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-06-03 12:34 59,984 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-06-03 12:34 52,304 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-06-03 12:34 39,248 --a------ C:\WINDOWS\system32\drivers\ikfileflt.sys
2007-06-03 12:34 26,064 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-06-03 12:34 <REP> d-------- C:\Program Files\Spyware Doctor
2007-06-03 12:34 <REP> d-------- C:\DOCUME~1\patrick\APPLIC~1\PC Tools
2007-06-03 12:31 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-06-03 12:31 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-06-03 12:30 <REP> d-------- C:\Program Files\Picasa2
2007-06-03 12:28 <REP> d-------- C:\Program Files\Norton Security Scan
2007-06-03 11:59 2,580 --a------ C:\WINDOWS\system32\ygjglkaf.exe
2007-06-03 09:55 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-06-03 09:33 2,580 --a------ C:\WINDOWS\system32\tykhildp.exe
2007-06-03 09:29 221,184 --a------ C:\WINDOWS\system32\srrstr.dll
2007-06-03 09:27 <REP> d-------- C:\Program Files\MSXML 4.0
2007-06-03 09:26 25,600 --a------ C:\WINDOWS\system32\xpsp1hfm.exe
2007-06-03 09:26 <REP> d--h-c--- C:\WINDOWS\$xpsp1hfm$
2007-06-02 11:29 2,580 --a------ C:\WINDOWS\system32\whaeargo.exe
2007-06-02 09:04 2,580 --a------ C:\WINDOWS\system32\bmguuvlb.exe
2007-06-01 21:55 2,580 --a------ C:\WINDOWS\system32\sxdmbjdh.exe
2007-06-01 21:50 2,580 --a------ C:\WINDOWS\system32\cdcqjfdu.exe
2007-06-01 12:08 <REP> d-------- C:\Program Files\Eidos Interactive
2007-06-01 12:08 <REP> d-------- C:\Program Files\directx
2007-05-31 21:17 <REP> d-------- C:\DOCUME~1\benjamin\APPLIC~1\AdobeUM
2007-05-30 19:36 14,868 --a------ C:\WINDOWS\system32\xjjvxauh.exe
2007-05-30 19:36 10,752 --a------ C:\WINDOWS\system32\j8281637.dll
2007-05-28 11:28 <REP> d-------- C:\VundoFix Backups
2007-05-27 08:11 <REP> d-------- C:\WINDOWS\system32\bits
2007-05-26 15:58 <REP> d---s---- C:\DOCUME~1\coraline\UserData
2007-05-25 19:33 <REP> d-------- C:\DOCUME~1\coraline\APPLIC~1\SPAMfighter
2007-05-22 18:20 <REP> d---s---- C:\DOCUME~1\Corinne\UserData
2007-05-22 17:58 <REP> d-------- C:\WINDOWS\ShellNew
2007-05-21 21:33 <REP> d-------- C:\DOCUME~1\benjamin\APPLIC~1\SPAMfighter
2007-05-21 20:44 <REP> d-------- C:\Program Files\Orange
2007-05-21 20:32 <REP> d-------- C:\DOCUME~1\Corinne\APPLIC~1\SPAMfighter
2007-05-20 20:06 <REP> d-------- C:\Program Files\Fichiers communs\Ankiro
2007-05-20 20:06 <REP> d-------- C:\DOCUME~1\patrick\APPLIC~1\SPAMfighter
2007-05-20 20:05 <REP> d-------- C:\Program Files\Fichiers communs\Application
2007-05-20 19:21 <REP> d-------- C:\DOCUME~1\patrick\APPLIC~1\DriveCleaner Free
2007-05-20 19:05 <REP> d-------- C:\Program Files\Fichiers communs\DriveCleaner Free
2007-05-19 16:17 <REP> d-------- C:\DOCUME~1\coraline\APPLIC~1\DivX
2007-05-17 12:41 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2007-05-17 12:40 51,120 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2007-05-17 12:40 274,432 -ra------ C:\WINDOWS\system32\HPZc3212.dll
2007-05-17 12:40 21,744 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2007-05-17 12:37 24,832 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-05-17 11:29 <REP> d-------- C:\WINDOWS\LastGood
2007-05-17 11:21 <REP> d-------- C:\WINDOWS\Downloaded Installations
2007-05-12 16:07 <REP> d-------- C:\DOCUME~1\coraline\APPLIC~1\MSN6
2007-05-12 16:07 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
2007-05-12 16:04 <REP> d-------- C:\DOCUME~1\coraline\APPLIC~1\WinAntiSpyware 2006
2007-05-12 10:26 <REP> d-------- C:\DOCUME~1\patrick\APPLIC~1\WinAntiSpyware 2006
2007-05-09 22:17 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-05-09 22:17 42,752 --a------ C:\WINDOWS\system32\drivers\stream.sys
2007-05-09 22:17 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-05-09 22:17 134,144 --a------ C:\WINDOWS\system32\drivers\ks.sys
2007-05-09 22:12 <REP> d-------- C:\WINDOWS\LastGood.Tmp
2007-05-09 16:49 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2007-05-08 18:57 <REP> d-------- C:\DOCUME~1\patrick\Contacts

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-07 19:12:52 -------- d-----w C:\Program Files\Microsoft IntelliPoint
2007-06-07 10:00:37 -------- d-----w C:\DOCUME~1\patrick\APPLIC~1\LimeWire
2007-06-03 10:34:06 -------- d-----w C:\DOCUME~1\patrick\APPLIC~1\Google
2007-06-03 10:32:32 -------- d-----w C:\Program Files\Google
2007-06-03 10:32:31 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-03 10:31:51 -------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-05-16 17:05:07 1,945 ----a-w C:\WINDOWS\eReg.dat
2007-05-11 18:16:45 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-05-07 14:57:34 1,098,648 ----a-w C:\WINDOWS\system32\FreeImage.dll
2007-05-05 12:56:27 -------- d--h--w C:\Program Files\WindowsUpdate
2007-05-03 14:39:44 1,156 ----a-w C:\WINDOWS\mozver.dat
2007-05-02 11:55:04 -------- d-----w C:\DOCUME~1\patrick\APPLIC~1\Media Player Classic
2007-05-02 11:55:03 -------- d-----w C:\DOCUME~1\patrick\APPLIC~1\DivX
2007-05-02 11:43:42 -------- d-----w C:\Program Files\Microsoft IntelliType Pro
2007-05-01 16:16:13 0 ----a-w C:\WINDOWS\nsreg.dat
2007-05-01 16:14:15 -------- d-----w C:\Program Files\MSN Messenger
2007-05-01 15:40:09 -------- d-----w C:\Program Files\Ahead
2007-05-01 15:39:52 -------- d-----w C:\Program Files\Fichiers communs\Ahead
2007-05-01 15:19:29 -------- d-----w C:\Program Files\Messenger
2007-05-01 15:03:04 -------- d-----w C:\Program Files\K-Lite Codec Pack
2007-05-01 14:48:35 -------- d-----w C:\Program Files\Creative
2007-05-01 14:43:54 -------- d-----w C:\Program Files\Fichiers communs\ODBC
2007-05-01 14:43:51 -------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2007-05-01 14:21:22 48,856 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-05-01 14:21:22 368,076 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-05-01 14:20:58 -------- d-----w C:\Program Files\Alice
2007-05-01 13:58:53 -------- d-----w C:\Program Files\microsoft frontpage
2007-05-01 13:58:39 0 --sha-r C:\MSDOS.SYS
2007-05-01 13:58:39 0 --sha-r C:\IO.SYS
2007-05-01 13:58:39 0 ----a-w C:\CONFIG.SYS
2007-05-01 13:58:39 0 ----a-w C:\AUTOEXEC.BAT
2007-05-01 13:56:49 -------- d-----w C:\Program Files\Movie Maker
2007-05-01 13:56:12 -------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-05-01 13:56:01 21,892 ----a-w C:\WINDOWS\system32\emptyregdb.dat
2007-05-01 13:55:04 -------- d-----w C:\Program Files\Services en ligne
2007-05-01 13:54:47 -------- d-----w C:\Program Files\Windows NT
2007-05-01 13:54:47 -------- d-----w C:\Program Files\MSN Gaming Zone
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AvastSS.scr

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{21EA6F5D-3E07-4CBE-86FA-5235FF3F9A45}=C:\WINDOWS\System32\vtsqr.dll []
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 20:33]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar2.dll [2007-05-03 20:41]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll [2007-06-03 09:55]
{E12BFF69-38A7-406e-A8EF-2738107A7831}=C:\WINDOWS\System32\xqhikicl.dll [2007-06-07 18:05]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Disc Detector"="C:\Program Files\Creative\ShareDLL\CtNotify.exe" [2001-04-02 02:00]
"avast!"="D:\avast\ashDisp.exe" [2007-04-30 17:42]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-07-08 01:14]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2006-07-08 01:15]
"Adobe Photo Downloader"="D:\Adobe\3.0\Apps\apdproxy.exe" [2005-06-23 20:33]
"WA6PV_Check"="C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe" [2007-03-28 14:27]
"SDR6V_Check"="C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe" [2007-01-31 15:53]
"SPAMfighter Agent"="D:\SAMfighter 5.5.0\SFAgent.exe" [2007-05-07 16:57]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-06-03 12:27]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-05-17 12:02]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 14:00]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-03 09:55]
"ErrorSafeFree"="C:\Program Files\ErrorSafe Free\uers.exe" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqomli]
ssqomli.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*

Contents of the 'Scheduled Tasks' folder
2007-06-03 10:28:23 C:\WINDOWS\tasks\Norton Security Scan.job

**************************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-08 07:33:20
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Disc Detector = C:\Program Files\Creative\ShareDLL\CtNotify.exe?X???????????????? C?????D?tecteur de disque???????A?p?????B???@?$?@?? C?????U?@?????????@?B???A???????A???????B???@?????P???$?@?????????[o?w??????????@???????????????????B???????????????????????????????????B

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-08 7:34:28 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-06-08 07:34

--- E O F ---
(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\WinFlyer32.dll
C:\WINDOWS\system32\aiixdsdc.dll
C:\WINDOWS\system32\gxmtssot.dll
C:\WINDOWS\system32\nakyidka.dll
C:\WINDOWS\system32\oixetivf.dll
C:\WINDOWS\system32\pvyrgwtu.dll
C:\WINDOWS\system32\snvofpbg.dll
C:\WINDOWS\system32\vfatpsow.dll

* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *

((((((((((((((((((((((((( Files Created from 2007-05-08 to 2007-06-08 )))))))))))))))))))))))))))))))

2007-06-08 07:34 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-03 09:26 <REP> d--h-c--- C:\WINDOWS\$xpsp1hfm$

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-07 19:12:52 -------- d-----w C:\Program Files\Microsoft IntelliPoint
2007-06-07 10:00:37 -------- d-----w C:\DOCUME~1\patrick\APPLIC~1\LimeWire
2007-06-03 10:34:06 -------- d-----w C:\DOCUME~1\patrick\APPLIC~1\Google
2007-06-03 10:32:32 -------- d-----w C:\Program Files\Google
2007-06-03 10:32:31 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-03 10:31:51 -------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-05-16 17:05:07 1,945 ----a-w C:\WINDOWS\eReg.dat
2007-05-11 18:16:45 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-05-07 14:57:34 1,098,648 ----a-w C:\WINDOWS\system32\FreeImage.dll
2007-05-05 12:56:27 -------- d--h--w C:\Program Files\WindowsUpdate
2007-05-03 14:39:44 1,156 ----a-w C:\WINDOWS\mozver.dat
2007-05-02 11:55:04 -------- d-----w C:\DOCUME~1\patrick\APPLIC~1\Media Player Classic
2007-05-02 11:55:03 -------- d-----w C:\DOCUME~1\patrick\APPLIC~1\DivX
2007-05-02 11:43:42 -------- d-----w C:\Program Files\Microsoft IntelliType Pro
2007-05-01 16:16:13 0 ----a-w C:\WINDOWS\nsreg.dat
2007-05-01 16:14:15 -------- d-----w C:\Program Files\MSN Messenger
2007-05-01 15:40:09 -------- d-----w C:\Program Files\Ahead
2007-05-01 15:39:52 -------- d-----w C:\Program Files\Fichiers communs\Ahead
2007-05-01 15:19:29 -------- d-----w C:\Program Files\Messenger
2007-05-01 15:03:04 -------- d-----w C:\Program Files\K-Lite Codec Pack
2007-05-01 14:48:35 -------- d-----w C:\Program Files\Creative
2007-05-01 14:43:54 -------- d-----w C:\Program Files\Fichiers communs\ODBC
2007-05-01 14:43:51 -------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2007-05-01 14:21:22 48,856 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-05-01 14:21:22 368,076 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-05-01 14:20:58 -------- d-----w C:\Program Files\Alice
2007-05-01 13:58:53 -------- d-----w C:\Program Files\microsoft frontpage
2007-05-01 13:58:39 0 --sha-r C:\MSDOS.SYS
2007-05-01 13:58:39 0 --sha-r C:\IO.SYS
2007-05-01 13:58:39 0 ----a-w C:\CONFIG.SYS
2007-05-01 13:58:39 0 ----a-w C:\AUTOEXEC.BAT
2007-05-01 13:56:49 -------- d-----w C:\Program Files\Movie Maker
2007-05-01 13:56:12 -------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-05-01 13:56:01 21,892 ----a-w C:\WINDOWS\system32\emptyregdb.dat
2007-05-01 13:55:04 -------- d-----w C:\Program Files\Services en ligne
2007-05-01 13:54:47 -------- d-----w C:\Program Files\Windows NT
2007-05-01 13:54:47 -------- d-----w C:\Program Files\MSN Gaming Zone
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AvastSS.scr

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{21EA6F5D-3E07-4CBE-86FA-5235FF3F9A45}=C:\WINDOWS\System32\vtsqr.dll []
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 20:33]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar2.dll [2007-05-03 20:41]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll [2007-06-03 09:55]
{E12BFF69-38A7-406e-A8EF-2738107A7831}=C:\WINDOWS\System32\xqhikicl.dll [2007-06-07 18:05]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Disc Detector"="C:\Program Files\Creative\ShareDLL\CtNotify.exe" [2001-04-02 02:00]
"avast!"="D:\avast\ashDisp.exe" [2007-04-30 17:42]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-07-08 01:14]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2006-07-08 01:15]
"Adobe Photo Downloader"="D:\Adobe\3.0\Apps\apdproxy.exe" [2005-06-23 20:33]
"WA6PV_Check"="C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe" [2007-03-28 14:27]
"SDR6V_Check"="C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe" [2007-01-31 15:53]
"SPAMfighter Agent"="D:\SAMfighter 5.5.0\SFAgent.exe" [2007-05-07 16:57]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-06-03 12:27]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-05-17 12:02]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 14:00]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-03 09:55]
"ErrorSafeFree"="C:\Program Files\ErrorSafe Free\uers.exe" []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\ssqomli]
ssqomli.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*

Contents of the 'Scheduled Tasks' folder
2007-06-03 10:28:23 C:\WINDOWS\tasks\Norton Security Scan.job

**************************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-08 07:34:59
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Disc Detector = C:\Program Files\Creative\ShareDLL\CtNotify.exe?X???????????????? C?????D?tecteur de disque???????A?p?????B???@?$?@?? C?????U?@?????????@?B???A???????A???????B???@?????P???$?@?????????[o?w??????????@???????????????????B???????????????????????????????????B

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-08 7:35:46 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-06-08 07:35

--- E O F ---

| Alerter

Répondre à alguno@IDN

Angeldark

8 Juin 2007 11:19:52

Utilise l'ancienne version d'Hijackthis :
http://www.merijn.org/files/hijackthis.zip

| Alerter

Répondre à Angeldark

alguno@IDN

8 Juin 2007 11:35:36

Logfile of HijackThis v1.99.1
Scan saved at 13:35, on 2007-06-08
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\avast\aswUpdSv.exe
D:\avast\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
D:\avast\ashWebSv.exe
D:\avast\ashMaiSv.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
D:\avast\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
D:\Adobe\3.0\Apps\apdproxy.exe
D:\SAMfighter 5.5.0\SFAgent.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\ctfmon.exe
D:\VoissaNoPubs\VoissaNoPubs.exe
D:\anti pub\popupeclair.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\patrick\Bureau\HijackThis.exe
C:\Program Files\Spyware Doctor\update.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Protégé par : Popup Éclair v.2
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {21EA6F5D-3E07-4CBE-86FA-5235FF3F9A45} - C:\WINDOWS\System32\vtsqr.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\System32\xqhikicl.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [avast!] D:\avast\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Adobe\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [WA6PV_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "D:\SAMfighter 5.5.0\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ErrorSafeFree] "C:\Program Files\ErrorSafe Free\uers.exe" /min
O4 - HKCU\..\Run: [Voissa No Pubs] D:\VoissaNoPubs\VoissaNoPubs.exe -hide
O4 - HKCU\..\Run: [popupeclair] D:\anti pub\popupeclair.exe
O4 - Startup: Anti-Pub.lnk = D:\Antipub\antipub.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajouter un Pop-Up - {DE39E849-A37D-4126-8AE1-1551364ADA96} - D:\VoissaNoPubs\VoissaNoPubs.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {DE39E849-A37D-4126-8AE1-1551364ADA96} - D:\VoissaNoPubs\VoissaNoPubs.exe
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.drivecleaner.com/installdrivecleanerstart_fr...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O20 - Winlogon Notify: ssqomli - ssqomli.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\avast\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\avast\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

| Alerter

Répondre à alguno@IDN

Angeldark

8 Juin 2007 11:44:01

Re,

Re,

- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :

O2 - BHO: (no name) - {21EA6F5D-3E07-4CBE-86FA-5235FF3F9A45} - C:\WINDOWS\System32\vtsqr.dll (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\System32\xqhikicl.dll (file missing)
O4 - HKLM\..\Run: [WA6PV_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcwap.exe"
O4 - HKLM\..\Run: [SDR6V_Check] "C:\Program Files\Fichiers communs\DriveCleaner Free\udcsdr.exe"
O4 - HKCU\..\Run: [ErrorSafeFree] "C:\Program Files\ErrorSafe Free\uers.exe" /min
O16 - DPF: {09F1ADAC-76D8-4D0F-99A5-5C907DADB988} - http://cdn.drivecleaner.com/instal [...] art_fr.cab
O20 - Winlogon Notify: ssqomli - ssqomli.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\

Clique sur Fix checked (en bas à gauche)

Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne TOUS les emplacements en gras ci-dessous :

C:\Program Files\ErrorSafe Free
C:\Program Files\Fichiers communs\DriveCleaner Free

---> Clique-droit puis Copier (ou Ctrl+C)

Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]

[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]

Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log

| Alerter

Répondre à Angeldark

alguno@IDN

8 Juin 2007 12:04:58

merci c'est vraiment sympa de m'aider.

| Alerter

Répondre à alguno@IDN

alguno@IDN

8 Juin 2007 12:23:35

je ne trouve pas le rapport et quand je clique sur Movelt sa me met un message d'erreur qui me dit "cannot create files C:\_OTMovelt\Movedfiles\06082007_142030.log."
que dois je faire???

| Alerter

Répondre à alguno@IDN

Angeldark

8 Juin 2007 13:24:19

Reposte un rapport Combofix & Hijackthis.

| Alerter

Répondre à Angeldark

alguno@IDN

8 Juin 2007 15:44:28

Logfile of HijackThis v1.99.1
Scan saved at 17:39, on 2007-06-08
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\avast\aswUpdSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
D:\avast\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
D:\avast\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
D:\Adobe\3.0\Apps\apdproxy.exe
D:\SAMfighter 5.5.0\SFAgent.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\System32\ctfmon.exe
D:\VoissaNoPubs\VoissaNoPubs.exe
D:\anti pub\popupeclair.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
D:\avast\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
D:\avast\ashMaiSv.exe
C:\WINDOWS\System32\wuauclt.exe
D:\eMul 74.c\eMule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\patrick\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\System32\xqhikicl.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [avast!] D:\avast\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Adobe\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "D:\SAMfighter 5.5.0\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Voissa No Pubs] D:\VoissaNoPubs\VoissaNoPubs.exe -hide
O4 - HKCU\..\Run: [popupeclair] D:\anti pub\popupeclair.exe
O4 - Startup: Anti-Pub.lnk = D:\Antipub\antipub.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajouter un Pop-Up - {DE39E849-A37D-4126-8AE1-1551364ADA96} - D:\VoissaNoPubs\VoissaNoPubs.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {DE39E849-A37D-4126-8AE1-1551364ADA96} - D:\VoissaNoPubs\VoissaNoPubs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\avast\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\avast\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

ComboFix 07-06-3B - Running from: "C:\Documents and Settings\patrick\Bureau\"

/wow section - STAGE #3

((((((((((((((((((((((((( Files Created from 2007-05-08 to 2007-06-08 )))))))))))))))))))))))))))))))

2007-06-08 13:12 <REP> d---s---- C:\DOCUME~1\patrick\UserData
2007-06-08 12:13 <REP> d-------- C:\Program Files\Fichiers communs\Symantec Shared
2007-06-08 12:10 720,896 --a------ C:\WINDOWS\iun6002.exe
2007-06-08 07:34 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-06 22:00 55,316 --a------ C:\WINDOWS\system32\yxlbalis.dll
2007-06-06 21:57 55,316 --a------ C:\WINDOWS\system32\liybsuck.dll
2007-06-06 12:54 <REP> d-------- C:\DOCUME~1\benjamin\APPLIC~1\Leadertech
2007-06-05 18:24 14,868 --a------ C:\WINDOWS\system32\nqqpyhpm.exe
2007-06-05 18:24 10,752 --a------ C:\WINDOWS\system32\j3281034.dll
2007-06-03 12:34 83,536 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-06-03 12:34 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-06-03 12:34 59,984 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-06-03 12:34 52,304 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-06-03 12:34 39,248 --a------ C:\WINDOWS\system32\drivers\ikfileflt.sys
2007-06-03 12:34 26,064 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-06-03 12:34 <REP> d-------- C:\Program Files\Spyware Doctor
2007-06-03 12:34 <REP> d-------- C:\DOCUME~1\patrick\APPLIC~1\PC Tools
2007-06-03 12:31 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-06-03 12:31 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-06-03 12:30 <REP> d-------- C:\Program Files\Picasa2
2007-06-03 12:28 <REP> d-------- C:\Program Files\Norton Security Scan
2007-06-03 09:55 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-06-03 09:29 221,184 --a------ C:\WINDOWS\system32\srrstr.dll
2007-06-03 09:27 <REP> d-------- C:\Program Files\MSXML 4.0
2007-06-03 09:26 25,600 --a------ C:\WINDOWS\system32\xpsp1hfm.exe
2007-06-03 09:26 <REP> d--h-c--- C:\WINDOWS\$xpsp1hfm$
2007-06-01 12:08 <REP> d-------- C:\Program Files\Eidos Interactive
2007-06-01 12:08 <REP> d-------- C:\Program Files\directx
2007-05-31 21:17 <REP> d-------- C:\DOCUME~1\benjamin\APPLIC~1\AdobeUM
2007-05-30 19:36 14,868 --a------ C:\WINDOWS\system32\xjjvxauh.exe
2007-05-30 19:36 10,752 --a------ C:\WINDOWS\system32\j8281637.dll
2007-05-28 11:28 <REP> d-------- C:\VundoFix Backups
2007-05-27 08:11 <REP> d-------- C:\WINDOWS\system32\bits
2007-05-26 15:58 <REP> d---s---- C:\DOCUME~1\coraline\UserData
2007-05-25 19:33 <REP> d-------- C:\DOCUME~1\coraline\APPLIC~1\SPAMfighter
2007-05-22 18:20 <REP> d---s---- C:\DOCUME~1\Corinne\UserData
2007-05-22 17:58 <REP> d-------- C:\WINDOWS\ShellNew
2007-05-21 21:33 <REP> d-------- C:\DOCUME~1\benjamin\APPLIC~1\SPAMfighter
2007-05-21 20:44 <REP> d-------- C:\Program Files\Orange
2007-05-21 20:32 <REP> d-------- C:\DOCUME~1\Corinne\APPLIC~1\SPAMfighter
2007-05-20 20:06 <REP> d-------- C:\Program Files\Fichiers communs\Ankiro
2007-05-20 20:06 <REP> d-------- C:\DOCUME~1\patrick\APPLIC~1\SPAMfighter
2007-05-20 20:05 <REP> d-------- C:\Program Files\Fichiers communs\Application
2007-05-20 19:21 <REP> d-------- C:\DOCUME~1\patrick\APPLIC~1\DriveCleaner Free
2007-05-19 16:17 <REP> d-------- C:\DOCUME~1\coraline\APPLIC~1\DivX
2007-05-17 12:41 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2007-05-17 12:40 51,120 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2007-05-17 12:40 274,432 -ra------ C:\WINDOWS\system32\HPZc3212.dll
2007-05-17 12:40 21,744 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2007-05-17 12:37 24,832 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-05-17 11:29 <REP> d-------- C:\WINDOWS\LastGood
2007-05-17 11:21 <REP> d-------- C:\WINDOWS\Downloaded Installations
2007-05-12 16:07 <REP> d-------- C:\DOCUME~1\coraline\APPLIC~1\MSN6
2007-05-12 16:07 <REP> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\MSN6
2007-05-12 16:04 <REP> d-------- C:\DOCUME~1\coraline\APPLIC~1\WinAntiSpyware 2006
2007-05-09 22:17 57,344 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-05-09 22:17 42,752 --a------ C:\WINDOWS\system32\drivers\stream.sys
2007-05-09 22:17 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-05-09 22:17 134,144 --a------ C:\WINDOWS\system32\drivers\ks.sys
2007-05-09 22:12 <REP> d-------- C:\WINDOWS\LastGood.Tmp
2007-05-09 16:49 89,088 --a------ C:\WINDOWS\system32\atl71.dll
2007-05-08 18:57 <REP> d-------- C:\DOCUME~1\patrick\Contacts

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-06-07 19:12:52 -------- d-----w C:\Program Files\Microsoft IntelliPoint
2007-06-07 10:00:37 -------- d-----w C:\DOCUME~1\patrick\APPLIC~1\LimeWire
2007-06-03 10:34:06 -------- d-----w C:\DOCUME~1\patrick\APPLIC~1\Google
2007-06-03 10:32:32 -------- d-----w C:\Program Files\Google
2007-06-03 10:32:31 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-06-03 10:31:51 -------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-05-16 17:05:07 1,945 ----a-w C:\WINDOWS\eReg.dat
2007-05-11 18:16:45 12,400 ----a-w C:\WINDOWS\system32\drivers\secdrv.sys
2007-05-07 14:57:34 1,098,648 ----a-w C:\WINDOWS\system32\FreeImage.dll
2007-05-05 12:56:27 -------- d--h--w C:\Program Files\WindowsUpdate
2007-05-03 14:39:44 1,156 ----a-w C:\WINDOWS\mozver.dat
2007-05-02 11:55:04 -------- d-----w C:\DOCUME~1\patrick\APPLIC~1\Media Player Classic
2007-05-02 11:55:03 -------- d-----w C:\DOCUME~1\patrick\APPLIC~1\DivX
2007-05-02 11:43:42 -------- d-----w C:\Program Files\Microsoft IntelliType Pro
2007-05-01 16:16:13 0 ----a-w C:\WINDOWS\nsreg.dat
2007-05-01 16:14:15 -------- d-----w C:\Program Files\MSN Messenger
2007-05-01 15:40:09 -------- d-----w C:\Program Files\Ahead
2007-05-01 15:39:52 -------- d-----w C:\Program Files\Fichiers communs\Ahead
2007-05-01 15:19:29 -------- d-----w C:\Program Files\Messenger
2007-05-01 15:03:04 -------- d-----w C:\Program Files\K-Lite Codec Pack
2007-05-01 14:48:35 -------- d-----w C:\Program Files\Creative
2007-05-01 14:43:54 -------- d-----w C:\Program Files\Fichiers communs\ODBC
2007-05-01 14:43:51 -------- d-----w C:\Program Files\Fichiers communs\SpeechEngines
2007-05-01 14:21:22 48,856 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-05-01 14:21:22 368,076 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-05-01 14:20:58 -------- d-----w C:\Program Files\Alice
2007-05-01 13:58:53 -------- d-----w C:\Program Files\microsoft frontpage
2007-05-01 13:58:39 0 --sha-r C:\MSDOS.SYS
2007-05-01 13:58:39 0 --sha-r C:\IO.SYS
2007-05-01 13:58:39 0 ----a-w C:\CONFIG.SYS
2007-05-01 13:58:39 0 ----a-w C:\AUTOEXEC.BAT
2007-05-01 13:56:49 -------- d-----w C:\Program Files\Movie Maker
2007-05-01 13:56:12 -------- d-----w C:\Program Files\Fichiers communs\MSSoap
2007-05-01 13:56:01 21,892 ----a-w C:\WINDOWS\system32\emptyregdb.dat
2007-05-01 13:55:04 -------- d-----w C:\Program Files\Services en ligne
2007-05-01 13:54:47 -------- d-----w C:\Program Files\Windows NT
2007-05-01 13:54:47 -------- d-----w C:\Program Files\MSN Gaming Zone
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AvastSS.scr

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{9030D464-4C02-4ABF-8ECC-5164760863C6}=C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-08-31 20:33]
{AA58ED58-01DD-4d91-8333-CF10577473F7}=c:\program files\google\googletoolbar2.dll [2007-05-03 20:41]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}=C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll [2007-06-03 09:55]
{E12BFF69-38A7-406e-A8EF-2738107A7831}=C:\WINDOWS\System32\xqhikicl.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Disc Detector"="C:\Program Files\Creative\ShareDLL\CtNotify.exe" [2001-04-02 02:00]
"avast!"="D:\avast\ashDisp.exe" [2007-04-30 17:42]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"itype"="C:\Program Files\Microsoft IntelliType Pro\itype.exe" [2006-07-08 01:14]
"IntelliPoint"="C:\Program Files\Microsoft IntelliPoint\ipoint.exe" [2006-07-08 01:15]
"Adobe Photo Downloader"="D:\Adobe\3.0\Apps\apdproxy.exe" [2005-06-23 20:33]
"SPAMfighter Agent"="D:\SAMfighter 5.5.0\SFAgent.exe" [2007-05-07 16:57]
"Google Desktop Search"="C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" [2007-06-03 12:27]
"SDTray"="C:\Program Files\Spyware Doctor\SDTrayApp.exe" [2007-05-17 12:02]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2001-08-28 14:00]
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 12:55]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-06-03 09:55]
"Voissa No Pubs"="D:\VoissaNoPubs\VoissaNoPubs.exe" [2002-10-11 16:01]
"popupeclair"="D:\anti pub\popupeclair.exe" [2003-05-01 03:10]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice]

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost *netsvcs*

Contents of the 'Scheduled Tasks' folder
2007-06-08 14:01:48 C:\WINDOWS\tasks\Norton Security Scan.job

**************************************************************************

catchme 0.3.692 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-08 17:42:40
Windows 5.1.2600 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Disc Detector = C:\Program Files\Creative\ShareDLL\CtNotify.exe?X???????????????? C?????D?tecteur de disque???????A?p?????B???@?$?@?? C?????U?@?????????@?B???A???????A???????B???@?????P???$?@?????????[o?w??????????@???????????????????B???????????????????????????????????B

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

Completion time: 2007-06-08 17:43:10
C:\ComboFix-quarantined-files.txt ... 2007-06-08 17:43
C:\ComboFix2.txt ... 2007-06-08 07:35

--- E O F ---

| Alerter

Répondre à alguno@IDN

Angeldark

8 Juin 2007 16:50:17

Si le scan ne fonctionne pas en mode sans échec, fais le en mode normal.

Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)

Redémarre en mode sans échec

Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]

Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.

Redémarre normalement.
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.

| Alerter

Répondre à Angeldark

alguno@IDN

9 Juin 2007 07:35:19

ok c'est parti

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 09:31 2007-06-09

+ Résultat de l'analyse:

C:\QooBox\Quarantine\C\WINDOWS\system32\vfatpsow.dll.vir -> Adware.BHO : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP47\A0032191.dll -> Adware.BHO : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP47\A0032192.dll -> Adware.BHO : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP47\A0032193.dll -> Adware.BHO : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP47\A0032194.dll -> Adware.BHO : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP47\A0032195.dll -> Adware.BHO : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP47\A0032196.dll -> Adware.BHO : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP47\A0032199.dll -> Adware.BHO : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP47\A0032201.dll -> Adware.BHO : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP47\A0032202.dll -> Adware.BHO : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP47\A0032204.dll -> Adware.BHO : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP58\A0044191.dll -> Adware.BHO : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP32\A0010240.exe -> Adware.ErrorSafe : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP40\A0026625.dll -> Adware.ErrorSafe : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP40\A0026624.exe -> Adware.Fakealert : Ignoré.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Ignoré.
HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Ignoré.
HKU\S-1-5-21-484763869-1425521274-682003330-1004\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{c95fe080-8f5d-11d2-a20b-00aa003c157a} -> Adware.Generic : Ignoré.
C:\Documents and Settings\coraline\Application Data\WinAntiSpyware 2006 -> Adware.RogueSuspect : Ignoré.
C:\Documents and Settings\coraline\Application Data\WinAntiSpyware 2006\Logs -> Adware.RogueSuspect : Ignoré.
C:\Documents and Settings\coraline\Application Data\WinAntiSpyware 2006\Logs\update.log -> Adware.RogueSuspect : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP32\A0010242.exe -> Adware.SystemDoctor : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP32\A0010260.exe -> Adware.SystemDoctor : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP32\A0010261.dll -> Adware.WinAntiSpyware : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP32\A0010262.exe -> Adware.WinAntiSpyware : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP32\A0010241.exe -> Adware.WinFixer : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046214.exe -> Adware.WinFixer : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046215.exe -> Adware.WinFixer : Ignoré.
C:\QooBox\Quarantine\C\WINDOWS\system32\WinFlyer32.dll.vir -> Dropper.Agent.bhc : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP58\A0044184.dll -> Dropper.Agent.bhc : Ignoré.
C:\WINDOWS\system32\j3281034.dll -> Hijacker.Small.mw : Ignoré.
C:\WINDOWS\system32\j8281637.dll -> Hijacker.Small.mw : Ignoré.
D:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP20\A0008491.exe -> Logger.Winflyer : Ignoré.
D:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP20\A0008494.exe -> Logger.Winflyer : Ignoré.
D:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP20\A0008495.exe -> Logger.Winflyer : Ignoré.
D:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP20\A0008496.exe -> Logger.Winflyer : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP32\A0010243.exe -> Not-A-Virus.Downloader.Win32.WinFixer.j : Ignoré.
C:\WINDOWS\Downloaded Program Files\UDC6V_0001_D19M0709NetInstaller.exe -> Not-A-Virus.Downloader.Win32.WinFixer.m : Ignoré.
D:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP29\A0009916.exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP32\A0010239.exe -> Not-A-Virus.Downloader.Win32.WinFixer.t : Ignoré.
:mozilla.162:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.163:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@247realmedia[1].txt -> TrackingCookie.247realmedia : Ignoré.
:mozilla.122:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.123:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.18:C:\Documents and Settings\Corinne\Application Data\Mozilla\Firefox\Profiles\of43b5uq.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.236:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.237:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.238:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.239:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Ignoré.
:mozilla.145:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.146:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.156:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.157:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.158:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.159:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Adbrite : Ignoré.
:mozilla.103:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Adrevolver : Ignoré.
:mozilla.104:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Adrevolver : Ignoré.
:mozilla.105:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Adrevolver : Ignoré.
:mozilla.106:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Adrevolver : Ignoré.
:mozilla.87:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Adrevolver : Ignoré.
:mozilla.88:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Adrevolver : Ignoré.
:mozilla.89:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Adrevolver : Ignoré.
:mozilla.90:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Adrevolver : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@adrevolver[2].txt -> TrackingCookie.Adrevolver : Ignoré.
:mozilla.95:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.96:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Adtech : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@adtech[2].txt -> TrackingCookie.Adtech : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@adtech[2].txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.112:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.113:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.114:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.115:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.168:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.169:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.170:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.171:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Advertising : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@advertising[1].txt -> TrackingCookie.Advertising : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@advertising[1].txt -> TrackingCookie.Advertising : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@advertising[2].txt -> TrackingCookie.Advertising : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@advertising[1].txt -> TrackingCookie.Advertising : Ignoré.
:mozilla.57:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Adviva : Ignoré.
:mozilla.59:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Adviva : Ignoré.
:mozilla.174:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.39:C:\Documents and Settings\Corinne\Application Data\Mozilla\Firefox\Profiles\of43b5uq.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.66:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@atdmt[2].txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.27:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
:mozilla.57:C:\Documents and Settings\Corinne\Application Data\Mozilla\Firefox\Profiles\of43b5uq.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
:mozilla.63:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
:mozilla.75:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@bluestreak[1].txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@casalemedia[2].txt -> TrackingCookie.Casalemedia : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@casalemedia[2].txt -> TrackingCookie.Casalemedia : Ignoré.
:mozilla.88:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.90:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.91:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.92:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.93:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.94:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Comclick : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@cpvfeed[3].txt -> TrackingCookie.Cpvfeed : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Ignoré.
:mozilla.10:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
:mozilla.53:C:\Documents and Settings\Corinne\Application Data\Mozilla\Firefox\Profiles\of43b5uq.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
:mozilla.55:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
:mozilla.68:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@doubleclick[1].txt -> TrackingCookie.Doubleclick : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@doubleclick[2].txt -> TrackingCookie.Doubleclick : Ignoré.
:mozilla.40:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
:mozilla.56:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
:mozilla.84:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@estat[1].txt -> TrackingCookie.Estat : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@estat[1].txt -> TrackingCookie.Estat : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@estat[1].txt -> TrackingCookie.Estat : Ignoré.
:mozilla.147:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Fastclick : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@fastclick[1].txt -> TrackingCookie.Fastclick : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@fastclick[2].txt -> TrackingCookie.Fastclick : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@findwhat[1].txt -> TrackingCookie.Findwhat : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@findwhat[2].txt -> TrackingCookie.Findwhat : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Ignoré.
:mozilla.150:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.191:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.195:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.198:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.214:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.245:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.246:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.43:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré.
:mozilla.12:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.13:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.14:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.24:C:\Documents and Settings\Corinne\Application Data\Mozilla\Firefox\Profiles\of43b5uq.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.25:C:\Documents and Settings\Corinne\Application Data\Mozilla\Firefox\Profiles\of43b5uq.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.324:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.34:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.35:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.36:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.38:C:\Documents and Settings\Corinne\Application Data\Mozilla\Firefox\Profiles\of43b5uq.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.56:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.57:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.58:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@ehg-hollywoodmedia.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@ehg-hollywood.hitbox[1].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@ehg-hollywoodmedia.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@hitbox[2].txt -> TrackingCookie.Hitbox : Ignoré.
:mozilla.62:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Imrworldwide : Ignoré.
:mozilla.63:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Imrworldwide : Ignoré.
:mozilla.85:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Imrworldwide : Ignoré.
:mozilla.86:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Imrworldwide : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@searchportal.information[1].txt -> TrackingCookie.Information : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@search.live[2].txt -> TrackingCookie.Live : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@vad.mainentrypoint[1].txt -> TrackingCookie.Mainentrypoint : Ignoré.
:mozilla.60:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré.
:mozilla.61:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré.
:mozilla.74:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@mediaplex[1].txt -> TrackingCookie.Mediaplex : Ignoré.
:mozilla.74:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Onestat : Ignoré.
:mozilla.75:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Onestat : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@stat.onestat[2].txt -> TrackingCookie.Onestat : Ignoré.
:mozilla.11:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
:mozilla.67:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
:mozilla.82:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Overture : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@overture[2].txt -> TrackingCookie.Overture : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@perf.overture[2].txt -> TrackingCookie.Overture : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@overture[1].txt -> TrackingCookie.Overture : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@overture[2].txt -> TrackingCookie.Overture : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@perf.overture[2].txt -> TrackingCookie.Overture : Ignoré.
:mozilla.111:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Paypal : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@www.paypal[1].txt -> TrackingCookie.Paypal : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@www.paypal[1].txt -> TrackingCookie.Paypal : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Ignoré.
:mozilla.199:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
:mozilla.200:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
:mozilla.201:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
:mozilla.202:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
:mozilla.203:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
:mozilla.204:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Questionmarket : Ignoré.
:mozilla.121:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.122:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.123:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.124:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.125:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.132:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.133:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.134:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.151:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.152:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.153:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.154:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.163:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.164:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.165:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.166:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.19:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.20:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.21:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.21:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.22:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.22:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.23:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.23:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.24:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.25:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.26:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.44:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.45:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.46:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.47:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.48:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.49:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.6:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@serving-sys[1].txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.16:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.17:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.18:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.37:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.38:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.39:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.42:C:\Documents and Settings\Corinne\Application Data\Mozilla\Firefox\Profiles\of43b5uq.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.43:C:\Documents and Settings\Corinne\Application Data\Mozilla\Firefox\Profiles\of43b5uq.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.44:C:\Documents and Settings\Corinne\Application Data\Mozilla\Firefox\Profiles\of43b5uq.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.45:C:\Documents and Settings\Corinne\Application Data\Mozilla\Firefox\Profiles\of43b5uq.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.50:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.51:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.52:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.348:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Specificclick : Ignoré.
:mozilla.349:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Specificclick : Ignoré.
:mozilla.350:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Specificclick : Ignoré.
:mozilla.351:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Specificclick : Ignoré.
:mozilla.69:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Specificclick : Ignoré.
:mozilla.70:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Specificclick : Ignoré.
:mozilla.71:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Specificclick : Ignoré.
:mozilla.72:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Specificclick : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@statcounter[1].txt -> TrackingCookie.Statcounter : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@statcounter[2].txt -> TrackingCookie.Statcounter : Ignoré.
:mozilla.138:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Toplist : Ignoré.
:mozilla.354:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Toplist : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@login.tracking101[2].txt -> TrackingCookie.Tracking101 : Ignoré.
:mozilla.19:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.20:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.40:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.41:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.42:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.43:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Ignoré.
:mozilla.136:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.137:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.17:C:\Documents and Settings\Corinne\Application Data\Mozilla\Firefox\Profiles\of43b5uq.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.53:C:\Documents and Settings\coraline\Application Data\Mozilla\Firefox\Profiles\seahuuuy.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.68:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.69:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.70:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@weborama[1].txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@weborama[2].txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@weborama[1].txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@weborama[2].txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@m.webtrends[2].txt -> TrackingCookie.Webtrends : Ignoré.
:mozilla.320:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Webtrendslive : Ignoré.
:mozilla.142:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.143:C:\Documents and Settings\benjamin\Application Data\Mozilla\Firefox\Profiles\02lvqjqb.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.151:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.152:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.153:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.154:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Yieldmanager : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré.
C:\Documents and Settings\benjamin\Cookies\benjamin@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré.
C:\Documents and Settings\coraline\Cookies\coraline@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré.
:mozilla.179:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Zedo : Ignoré.
:mozilla.180:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Zedo : Ignoré.
:mozilla.181:C:\Documents and Settings\patrick\Application Data\Mozilla\Firefox\Profiles\1uilxdiv.default\cookies.txt -> TrackingCookie.Zedo : Ignoré.
C:\Documents and Settings\Corinne\Cookies\corinne@zedo[1].txt -> TrackingCookie.Zedo : Ignoré.
C:\Documents and Settings\patrick\Cookies\patrick@zedo[1].txt -> TrackingCookie.Zedo : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046235.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046236.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046237.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046238.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046239.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046240.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046241.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046242.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046243.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046244.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046245.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046246.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046247.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046248.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP59\A0046249.exe -> Trojan.Agent.anr : Ignoré.
C:\System Volume Information\_restore{082D8EBF-B81E-4462-A351-77CF528DFCE8}\RP40\A0026623.exe -> Trojan.Fakealert.fb : Ignoré.

Logfile of HijackThis v1.99.1
Scan saved at 09:35, on 2007-06-09
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\avast\aswUpdSv.exe
D:\avast\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
D:\avast\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
D:\Adobe\3.0\Apps\apdproxy.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
D:\SAMfighter 5.5.0\SFAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
D:\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\System32\ctfmon.exe
D:\VoissaNoPubs\VoissaNoPubs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
D:\anti pub\popupeclair.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\spoolsv.exe
D:\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
D:\avast\ashMaiSv.exe
D:\avast\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
D:\eMul 74.c\eMule\emule.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\patrick\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Protégé par : Popup Éclair v.2
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\System32\xqhikicl.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [avast!] D:\avast\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Adobe\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "D:\SAMfighter 5.5.0\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Voissa No Pubs] D:\VoissaNoPubs\VoissaNoPubs.exe -hide
O4 - HKCU\..\Run: [popupeclair] D:\anti pub\popupeclair.exe
O4 - Startup: Anti-Pub.lnk = D:\Antipub\antipub.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajouter un Pop-Up - {DE39E849-A37D-4126-8AE1-1551364ADA96} - D:\VoissaNoPubs\VoissaNoPubs.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {DE39E849-A37D-4126-8AE1-1551364ADA96} - D:\VoissaNoPubs\VoissaNoPubs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\avast\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\avast\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

| Alerter

Répondre à alguno@IDN

Angeldark

9 Juin 2007 15:19:56

Tu as bien supprimé les fichiers ?

| Alerter

Répondre à Angeldark

alguno@IDN

11 Juin 2007 08:57:46

a non désole
là c'est le bon
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 10:55 2007-06-11

Logfile of HijackThis v1.99.1
Scan saved at 10:57, on 2007-06-11
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\avast\aswUpdSv.exe
D:\avast\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
D:\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
D:\avast\ashWebSv.exe
D:\avast\ashMaiSv.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\ShareDLL\CtNotify.exe
D:\avast\ashDisp.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
D:\Adobe\3.0\Apps\apdproxy.exe
D:\SAMfighter 5.5.0\SFAgent.exe
D:\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\VoissaNoPubs\VoissaNoPubs.exe
D:\anti pub\popupeclair.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\MSN Messenger\usnsvc.exe
D:\eMul 74.c\eMule\emule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\patrick\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Protégé par : Popup Éclair v.2
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\System32\xqhikicl.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [avast!] D:\avast\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Adobe\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "D:\SAMfighter 5.5.0\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Voissa No Pubs] D:\VoissaNoPubs\VoissaNoPubs.exe -hide
O4 - HKCU\..\Run: [popupeclair] D:\anti pub\popupeclair.exe
O4 - Startup: Anti-Pub.lnk = D:\Antipub\antipub.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajouter un Pop-Up - {DE39E849-A37D-4126-8AE1-1551364ADA96} - D:\VoissaNoPubs\VoissaNoPubs.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {DE39E849-A37D-4126-8AE1-1551364ADA96} - D:\VoissaNoPubs\VoissaNoPubs.exe
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\avast\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\avast\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

+ Résultat de l'analyse:

C:\Documents and Settings\coraline\Application Data\WinAntiSpyware 2006 -> Adware.RogueSuspect : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\coraline\Application Data\WinAntiSpyware 2006\Logs -> Adware.RogueSuspect : Nettoyé et sauvegardé (mise en quarantaine).

Fin du rapport

| Alerter

Répondre à alguno@IDN

Angeldark

11 Juin 2007 10:02:21

Re,

Fix la ligne ci-dessous avec Hijackthis : AIDE EN IMAGES

O2 - BHO: (no name) - {E12BFF69-38A7-406e-A8EF-2738107A7831} - C:\WINDOWS\System32\xqhikicl.dll (file missing)

| Alerter

Répondre à Angeldark

alguno@IDN

11 Juin 2007 15:20:51

une foi que tous sa est fait tout va bien??
ou ya til autre chose à faire????

| Alerter

Répondre à alguno@IDN

Angeldark

11 Juin 2007 15:23:53

Reposte un rapport Hijackthis.

| Alerter

Répondre à Angeldark

alguno@IDN

11 Juin 2007 16:38:15

Logfile of HijackThis v1.99.1
Scan saved at 18:37:49, on 11/06/2007
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\avast\aswUpdSv.exe
D:\avast\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
D:\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Creative\ShareDLL\CtNotify.exe
D:\avast\ashDisp.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
D:\Adobe\3.0\Apps\apdproxy.exe
C:\Program Files\Creative\ShareDLL\MediaDet.Exe
C:\WINDOWS\System32\HPZipm12.exe
D:\SAMfighter 5.5.0\SFAgent.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Spyware Doctor\SDTrayApp.exe
D:\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Spyware Doctor\svcntaux.exe
C:\Program Files\Spyware Doctor\swdsvc.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
D:\avast\ashWebSv.exe
D:\avast\ashMaiSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\benjamin\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aliceadsl.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Disc Detector] C:\Program Files\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [avast!] D:\avast\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "D:\Adobe\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [SPAMfighter Agent] "D:\SAMfighter 5.5.0\SFAgent.exe" update delay 60
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SDTray] "C:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "D:\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Ajouter un Pop-Up - {DE39E849-A37D-4126-8AE1-1551364ADA96} - D:\VoissaNoPubs\VoissaNoPubs.exe
O9 - Extra 'Tools' menuitem: Tools Menu Item - {DE39E849-A37D-4126-8AE1-1551364ADA96} - D:\VoissaNoPubs\VoissaNoPubs.exe
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://static.impots.gouv.fr/abos/securite/xenroll.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\avast\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\avast\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - D:\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe

| Alerter

Répondre à alguno@IDN

Angeldark

11 Juin 2007 16:40:20

Encore des problèmes ?

| Alerter

Répondre à Angeldark

alguno@IDN

11 Juin 2007 16:45:03

apparment non l'ordinateur ne RAM plus et je n'est plu de méssage d'érreur donc tout a l'aire d'aller pour le mieu.
merci beaucoup pour ton aide trés précieuse

| Alerter

Répondre à alguno@IDN

Angeldark

11 Juin 2007 16:50:55

Des questions ?

| Alerter

Répondre à Angeldark

alguno@IDN

11 Juin 2007 16:55:56

oui
est-ce que le fait de'avoir plusieur anti-spayware et anti popup contitue un risque pour l'ordinateur???

| Alerter

Répondre à alguno@IDN

Angeldark

11 Juin 2007 16:56:26

Un seul antispy et anti-popup en mode résident.

| Alerter

Répondre à Angeldark

alguno@IDN

11 Juin 2007 17:00:18

donc il faut que je grade un seul de ces logiciel, le plus performant

| Alerter

Répondre à alguno@IDN

Angeldark

11 Juin 2007 17:02:32

Ouaip

| Alerter

Répondre à Angeldark

alguno@IDN

11 Juin 2007 17:06:00

ok merci bien pour ton aide et surtout continuez ce cite il est génial pour tous ceux qui ne sont pas des pros de l'informatique comme moi

MERCI POUR TOUT

| Alerter

Répondre à alguno@IDN

Angeldark

11 Juin 2007 17:10:19

Bon surf

| Alerter

Répondre à Angeldark

alguno@IDN

12 Juin 2007 07:59:14

si quelques questions me reviennent pui-je te recontacter sur cette page????

| Alerter

Répondre à alguno@IDN

Angeldark

12 Juin 2007 09:34:17

Oui

| Alerter

Répondre à Angeldark

alguno@IDN

12 Juin 2007 16:09:57

maintenen que mon probléme est résolut, suis-je oubligé de garder les logiciel téléchargé ????

| Alerter

Répondre à alguno@IDN

Angeldark

12 Juin 2007 16:17:57

Garde uniquement AVG.

| Alerter

Répondre à Angeldark

alguno@IDN

16 Juin 2007 18:00:32

et bas c'est reparti quand y en a plus y en a encore je suis de nouveau infecté par des chevaux de troies du type win32 ZOH et BHO. doije retélécharger hijakthis vundofix.exe et combofix.exe???
j'en n'est mare

| Alerter

Répondre à alguno@IDN

alguno@IDN

16 Juin 2007 18:45:54

voila j'ai les nom exacte. ils sont dans ma zone de quarantaine avast:
Win32:Zlob-ZL[trj]
win32:BHO-EP[trj]
win32:BHO-EN[trj]
win32:Morphine-G[trj]*3
suis-je bon pour une réédition de tout se que l'on a fait avant????

| Alerter

Répondre à alguno@IDN

Tom's guide dans le monde