Ma connexion deconne et j'ai plein de pop up - Sécurité - Virus
TomsGuide.com : 700 000 inscrits répondent à toutes vos questions high-tech et informatique.
Pour obtenir de l'aide, inscrivez-vous gratuitement !
 




Mot :   Pseudo :  
 
Bas de page
Auteur
 Sujet : Ma connexion deconne et j'ai plein de pop up
 
Profil : IDNaute
Plus d'informations

Bonjour, beh mon probleme est bien expliquer dans le sujet de ce topic que faire?

Liens sponsorisés


Inscrivez-vous ou connectez-vous pour masquer ceci.

Profil : Helper
Plus d'informations

Bonjour,

Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2


---------------
Prévention & Protection||Vous m'aimez ? Cliquez :o
Profil : IDNaute
Plus d'informations

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:36, on 2008-09-10
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\LogMeIn\x86\LogMeInSystray.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\Apoint2K\HidFind.exe
C:\Program Files\Apoint2K\Apvfb.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\LogMeIn\x86\RaMaint.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\mmc.exe
C:\Program Files\LogMeIn\x86\LogMeIn.exe
C:\Program Files\LogMeIn\x86\LMIGuardian.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: (no name) - {3A55FFCE-5AE2-4EEB-922A-0239D924C801} - C:\WINDOWS\system32\iifebCRi.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {911623F1-0291-4333-A009-22207910E076} - C:\WINDOWS\system32\opnlMdaw.dll (file missing)
O2 - BHO: {c6a60469-f1ef-9dfa-c184-731c68078c29} - {92c87086-c137-481c-afd9-fe1f96406a6c} - C:\WINDOWS\system32\hazmlh.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: D - {CFA5988C-E975-37CC-B1EE-ECDAEE898C6D} - C:\WINDOWS\system32\mmx23216.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\x86\LogMeInSystray.exe"
O4 - HKLM\..\Run: [68730c46] rundll32.exe "C:\WINDOWS\system32\gpigrcbd.dll",b
O4 - HKLM\..\Run: [BM6b403fda] Rundll32.exe "C:\WINDOWS\system32\ryqjghsy.dll",s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Run] "C:\Documents and Settings\Alizé\Application Data\Adobe\Manager.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://www.asus.com
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx2.hotmail.com/mail/w2/pr [...] NPUpld.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-B [...] E_UNO1.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.kodakimages.com/Desktop [...] oader3.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/bina [...] b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/bina [...] b56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/bina [...] b56986.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\FICHIE~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: iifebCRi - C:\WINDOWS\SYSTEM32\iifebCRi.dll
O20 - Winlogon Notify: qoMeFwXQ - qoMeFwXQ.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: PIXMA Extended Survey Program (IJPLMSVC) - Unknown owner - C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\x86\LogMeIn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

--
End of file - 10532 bytes

Profil : Helper
Plus d'informations

Re,

Désactive tes protections résidentes (antivirus, Spybot-S&D, etc.) !

  • Télécharge ComboFix (sUBs) sur ton Bureau.
  • Double clique sur ComboFix.exe (le .exe n'est pas forcément visible) afin de le lancer.
  • Lorsque la recherche sera terminée, un rapport apparaîtra. Poste ce rapport (C:\combofix.txt*) dans ta prochaine réponse.


AIDE : Un guide et un tutoriel sur l'utilisation de ComboFix
* le nom de la partition peut changer


---------------
Prévention & Protection||Vous m'aimez ? Cliquez :o
Profil : IDNaute
Plus d'informations

ComboFix 08-09-05.14 - Alizé 2008-09-10 13:04:47.3 - [color=red]FAT32[/color]x86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.33.1036.18.455 [GMT 2:00]
Endroit: C:\Documents and Settings\Alizé\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/color]
.

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrateur\Favoris\Download programs.url
C:\Documents and Settings\Administrateur\Favoris\Games.url
C:\Documents and Settings\Administrateur\Favoris\Translator.url
C:\Documents and Settings\Administrateur\Favoris\Videos.url
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Download programs.url
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Games.url
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Translator.url
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\Videos.url
C:\Documents and Settings\Alizé\Application Data\Adobe\crc.dat
C:\Documents and Settings\Alizé\Application Data\Adobe\Manager.exe
C:\Documents and Settings\Alizé\Favoris\Download programs.url
C:\Documents and Settings\Alizé\Favoris\Games.url
C:\Documents and Settings\Alizé\Favoris\Translator.url
C:\Documents and Settings\Alizé\Favoris\Videos.url
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\WINDOWS\BM6b403fda.txt
C:\WINDOWS\BM6b403fda.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\byXqRlIA.dll
C:\WINDOWS\system32\dbcrgipg.ini
C:\WINDOWS\system32\dqahhjgy.dll
C:\WINDOWS\system32\epxwddnw.ini
C:\WINDOWS\system32\gvrpfe.dll
C:\WINDOWS\system32\hazmlh.dll
C:\WINDOWS\system32\hgGaaASj.dll
C:\WINDOWS\system32\hjwneonq.ini
C:\WINDOWS\system32\hlbzjt.dll
C:\WINDOWS\system32\icvgtyhm.dll
C:\WINDOWS\system32\iifebCRi.dll
C:\WINDOWS\system32\jkkLDTnN.dll
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mhytgvci.ini
C:\WINDOWS\system32\mmx23216.dll
C:\WINDOWS\system32\mx23216.dll
C:\WINDOWS\system32\njvbfyan.dll
C:\WINDOWS\system32\ryqjghsy.dll
C:\WINDOWS\system32\sfdlthgn.dll
C:\WINDOWS\system32\tshoifmy.dll
C:\WINDOWS\system32\uprarpko.dll
C:\WINDOWS\system32\utxktd.dll
C:\WINDOWS\system32\vpequudw.dll
C:\WINDOWS\system32\wadMlnpo.ini
C:\WINDOWS\system32\wadMlnpo.ini2
C:\WINDOWS\system32\wnddwxpe.dll

----- BITS: Possible sites infect‚s -----

http://pornotube30.net
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-08-10 to 2008-09-10 ))))))))))))))))))))))))))))))))))))
.

2008-09-10 13:18 . 2008-09-10 13:18 294 ---hs---- C:\WINDOWS\system32\dbcrgipg.ini
2008-09-09 19:20 . 2008-09-09 19:21 72,192 --a------ C:\WINDOWS\system32\gpigrcbd.dll
2008-09-09 17:05 . 2004-02-23 01:00 1,386,496 --a------ C:\WINDOWS\system32\MSVBVM60.DLL
2008-09-08 23:15 . 2008-09-08 23:15 <REP> d-------- C:\Program Files\fnac2
2008-09-07 20:09 . 2008-09-07 20:09 <REP> d--hs---- C:\FOUND.034
2008-09-07 17:25 . 2008-09-07 17:25 <REP> d--hs---- C:\FOUND.033
2008-09-07 14:55 . 2008-09-07 14:55 <REP> d-------- C:\Program Files\RegCure
2008-09-07 11:22 . 2008-09-07 11:22 <REP> d-------- C:\Program Files\Trend Micro
2008-09-07 11:21 . 2008-09-07 11:21 <REP> d-------- C:\Program Files\Fichiers communs\Wise Installation Wizard
2008-09-06 21:49 . 2008-09-06 21:49 <REP> d-------- C:\Program Files\VstPlugins
2008-09-06 21:49 . 2008-09-06 21:49 <REP> d-------- C:\Program Files\ASIO4ALL v2
2008-09-06 21:49 . 2002-07-08 00:14 1,294,336 --a------ C:\WINDOWS\system32\vorbis.acm
2008-09-06 21:49 . 2006-06-20 10:56 225,280 --a------ C:\WINDOWS\system32\rewire.dll
2008-09-06 21:48 . 2008-09-06 21:48 <REP> d-------- C:\Program Files\Outsim
2008-09-06 21:46 . 2008-09-06 21:46 <REP> d-------- C:\Program Files\Image-Line
2008-09-06 21:45 . 2008-09-06 21:50 129,277 --a------ C:\WINDOWS\system32\DriverUpdate.exe
2008-09-05 21:46 . 2008-09-05 21:46 <REP> d-------- C:\Program Files\VirtualDJ
2008-09-01 13:02 . 2008-09-01 13:02 <REP> d--hs---- C:\FOUND.032
2008-08-24 13:56 . 2008-08-24 13:56 <REP> d-------- C:\Program Files\Beneton Software
2008-08-22 14:14 . 2008-08-22 14:14 <REP> d-------- C:\Program Files\Guitar Pro 5
2008-08-21 12:03 . 2008-08-21 12:03 <REP> d-------- C:\Program Files\VideoLAN
2008-08-17 00:10 . 2008-08-26 13:06 162,008 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-08-17 00:10 . 2008-08-26 13:06 111,928 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-08-17 00:10 . 2008-08-17 00:10 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-08-16 23:58 . 2008-08-16 23:58 <REP> d-------- C:\Program Files\WarRock
2008-08-13 17:08 . 2008-08-13 17:08 <REP> d-------- C:\Program Files\SuperCopier2

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-05 22:08 --------- d-----w C:\Program Files\LogMeIn
2008-08-05 22:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\LogMeIn
2008-08-04 20:42 --------- d-----w C:\Program Files\Pydoku
2008-08-01 16:19 410,976 ----a-w C:\WINDOWS\system32\deploytk.dll
2008-07-27 16:43 --------- d-----w C:\Program Files\CCleaner
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2008-07-18 20:10 94,920 ----a-w C:\WINDOWS\system32\cdm.dll
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\wuauclt.exe
2008-07-18 20:10 53,448 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2008-07-18 20:10 45,768 ----a-w C:\WINDOWS\system32\wups2.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\wups.dll
2008-07-18 20:10 36,552 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\wuapi.dll
2008-07-18 20:09 563,912 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\wucltui.dll
2008-07-18 20:09 325,832 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\wuweb.dll
2008-07-18 20:09 205,000 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\wuaueng.dll
2008-07-18 20:09 1,811,656 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2008-07-18 20:07 270,880 ----a-w C:\WINDOWS\system32\mucltui.dll
2008-07-18 20:07 210,976 ----a-w C:\WINDOWS\system32\muweb.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-07 20:31 253,952 ----a-w C:\WINDOWS\system32\dllcache\es.dll
2008-06-27 11:09 487 ---ha-w C:\os466477.bin
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\dllcache\mscms.dll
2008-06-24 08:28 3,592,192 ------w C:\WINDOWS\system32\dllcache\mshtml.dll
2008-06-23 09:21 70,656 ------w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2008-06-23 09:21 625,664 ------w C:\WINDOWS\system32\dllcache\iexplore.exe
2008-06-23 09:20 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2008-06-21 05:23 161,792 ------w C:\WINDOWS\system32\dllcache\ieakui.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-06-20 17:41 247,808 ----a-w C:\WINDOWS\system32\dllcache\mswsock.dll
2008-06-20 17:41 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
2008-06-20 10:45 360,320 ----a-w C:\WINDOWS\system32\dllcache\tcpip.sys
2008-06-20 10:44 138,368 ----a-w C:\WINDOWS\system32\dllcache\afd.sys
2008-06-20 09:52 225,920 ----a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
2008-06-14 17:59 272,768 ------w C:\WINDOWS\system32\dllcache\bthport.sys
2008-01-05 12:22 374 ----a-w C:\Documents and Settings\Administrateur\Application Data\internaldb6334.dat
2008-01-05 12:14 18,432 ----a-w C:\Documents and Settings\Administrateur\Application Data\internaldb41.dat
2008-01-05 11:57 555 ----a-w C:\Documents and Settings\Administrateur\Application Data\internaldb8467.dat
2007-02-23 19:57 20 ---h--w C:\Documents and Settings\All Users\Application Data\PKP_DLec.DAT
2005-11-04 09:25 40,960 ----a-w C:\Program Files\Uninstall_CDS.exe
2004-07-22 08:51 3,432,656 ----a-w C:\Program Files\ManagedDX.CAB
2004-07-19 20:58 1,156,363 ----a-w C:\Program Files\BDANT.cab
2004-07-19 20:53 976,020 ----a-w C:\Program Files\BDAXP.cab
2004-07-09 12:17 13,265,040 ----a-w C:\Program Files\dxnt.cab
2004-07-09 07:13 703,080 ----a-w C:\Program Files\BDA.cab
2004-07-09 07:13 15,493,481 ----a-w C:\Program Files\DirectX.cab
2004-07-09 02:08 472,576 ----a-w C:\Program Files\dxsetup.exe
2004-07-09 02:08 2,242,560 ----a-w C:\Program Files\dsetup32.dll
2004-07-09 01:03 62,976 ----a-w C:\Program Files\DSETUP.dll
2008-03-01 13:49 32,768 --sha-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\MSHist012008030120080302\index.dat
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2006-03-24 15360]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-08-23 110592]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe" [2006-06-02 176128]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 7561216]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-02-01 98304]
"LogMeIn GUI"="C:\Program Files\LogMeIn\x86\LogMeInSystray.exe" [2008-02-28 63048]
"68730c46"="C:\WINDOWS\system32\gpigrcbd.dll" [2008-09-09 72192]
"NvMediaCenter"="NvMCTray.dll" [2006-04-27 C:\WINDOWS\system32\nvmctray.dll]
"SkyTel"="SkyTel.EXE" [2006-05-16 C:\WINDOWS\SkyTel.exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2006-03-24 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LMIinit]
2008-05-28 12:32 87352 C:\WINDOWS\system32\LMIinit.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.ACDV"= ACDV.dll
"vidc.yv12"= yv12vfw.dll

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--------- 2004-10-13 18:24 1694208 C:\Program Files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
--a------ 2006-04-27 03:48 1519616 C:\WINDOWS\system32\nwiz.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SkyTel]
-r------- 2006-05-16 11:04 2879488 C:\WINDOWS\SkyTel.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\uTorrent\\utorrent.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Messenger\\MSMSGS.EXE"=
"C:\\Program Files\\NetMeeting\\conf.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\age\\empires2.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Java\\jre1.6.0_07\\BIN\\java.exe"=
"C:\\Program Files\\Java\\jre6\\bin\\java.exe"=
"C:\\Program Files\\Java\\jdk1.6.0_10\\bin\\java.exe"=
"C:\\Program Files\\Java\\jdk1.6.0_10\\jre\\bin\\java.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\EA GAMES\\La Bataille pour la Terre du Milieu(tm)\\game.dat"=
"C:\\WINDOWS\\PCHEALTH\\HELPCTR\\BINARIES\\HelpCtr.exe"=

R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-05-16 78416]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-05-16 20560]
R2 IJPLMSVC;PIXMA Extended Survey Program;C:\Program Files\Canon\IJPLM\IJPLMSVC.EXE [2007-04-13 101528]
R2 JavaQuickStarterService;Java Quick Starter;C:\Program Files\Java\jre6\bin\jqs.exe [2008-08-01 147456]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\Program Files\LogMeIn\x86\RaInfo.sys [2008-02-28 12856]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\system32\drivers\LMIRfsDriver.sys [2008-03-07 45848]
R3 ASNDIS5;ASNDIS5 Protocol Driver;C:\WINDOWS\ATK0100\ASNDIS5.SYS [2004-05-27 16269]
R3 SynMini;ASUS WebCam, 1.3M, USB2.0, FF;C:\WINDOWS\system32\Drivers\SynMini.sys [2006-01-20 841110]
R3 SynScan;ASUS WebCam Still Image;C:\WINDOWS\system32\Drivers\SynScan.sys [2006-01-02 8278]
S3 ids00026;ids00026;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00026.sys [ ]
S3 ids0015d;ids0015d;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0015d.sys [ ]
S3 ids00180;ids00180;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00180.sys [ ]
S3 ids0018a;ids0018a;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids0018a.sys [ ]
S3 ids00196;ids00196;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\ids00196.sys [ ]
S3 klstm;klstm;C:\Documents and Settings\All Users\Application Data\Kaspersky Anti-Virus Personal\5.0\bases\klstm.sys [ ]
S3 MBAMCatchMe;MBAMCatchMe;C:\Program Files\Malwarebytes' Anti-Malware\catchme.sys [ ]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bdcdf178-1552-11dd-8938-001a92b1c493}]
\Shell\Auto\command - cmd /C launch.bat
\Shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL cmd /C launch.bat
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
.
- - - - ORPHANS REMOVED - - - -

BHO-{3A55FFCE-5AE2-4EEB-922A-0239D924C801} - C:\WINDOWS\system32\iifebCRi.dll
BHO-{911623F1-0291-4333-A009-22207910E076} - C:\WINDOWS\system32\opnlMdaw.dll
BHO-{92c87086-c137-481c-afd9-fe1f96406a6c} - C:\WINDOWS\system32\hazmlh.dll
HKLM-Run-BM6b403fda - C:\WINDOWS\system32\ryqjghsy.dll
ShellExecuteHooks-{3A55FFCE-5AE2-4EEB-922A-0239D924C801} - C:\WINDOWS\system32\iifebCRi.dll
Notify-qoMeFwXQ - qoMeFwXQ.dll


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Alizé\Application Data\Mozilla\Firefox\Profiles\8o07s97y.default\
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-10 13:18:09
Windows 5.1.2600 Service Pack 2 FAT NTAPI

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
--------------------- DLLs a charg‚ sous des processus courants ---------------------

PROCESS: C:\WINDOWS\explorer.exe
-> C:\WINDOWS\system32\gpigrcbd.dll
.
------------------------ Other Running Processes ------------------------
.
C:\PROGRAM FILES\AHEAD\INCD\INCDSRV.EXE
C:\PROGRAM FILES\LAVASOFT\AD-AWARE\AAWSERVICE.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASWUPDSV.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\PROGRAM FILES\LOGMEIN\X86\RAMAINT.EXE
C:\PROGRAM FILES\LOGMEIN\X86\LOGMEIN.EXE
C:\PROGRAM FILES\LOGMEIN\X86\LMIGUARDIAN.EXE
C:\WINDOWS\SYSTEM32\NVSVC32.EXE
C:\WINDOWS\SYSTEM32\HPZIPM12.EXE
C:\WINDOWS\SYSTEM32\PNKBSTRA.EXE
C:\WINDOWS\SYSTEM32\WDFMGR.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\WINDOWS\SYSTEM32\RUNDLL32.EXE
C:\PROGRAM FILES\LOGMEIN\X86\LMIGUARDIAN.EXE
C:\PROGRAM FILES\APOINT2K\APNTEX.EXE
C:\PROGRAM FILES\APOINT2K\HIDFIND.EXE
C:\PROGRAM FILES\APOINT2K\APVFB.EXE
C:\WINDOWS\ATK0100\ATKOSD.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-09-10 13:20:33 - machine was rebooted [Aliz‚]
ComboFix-quarantined-files.txt 2008-09-10 11:20:32

Pre-Run: 5,423,235,072 octets libres
Post-Run: 5,788,631,040 octets libres

278 --- E O F --- 2008-08-31 10:04:31

Profil : IDNaute
Plus d'informations

docteur...

Profil : Helper
Plus d'informations

Euh tu patientes ?

Télécharge MalwareByte's Anti-Malware sur ton Bureau.
Installe-le en double-cliquant sur le fichier Download_mbam-setup.exe.

Une fois l'installation et la mise à jour effectuées, redémarre en mode sans échec.
AIDE : Redémarrer en mode sans échec

  • Exécute maintenant MalwareByte's Anti-Malware. Si cela n'est pas déjà fait, sélectionne "Exécuter un examen complet".
  • Afin de lancer la recherche, clic sur"Rechercher".
  • Une fois le scan terminé, une fenêtre s'ouvre, clic sur OK. Deux possibilités s'offrent à toi :

-- si le programme n'a rien trouvé, appuie sur OK. Un rapport va apparaître, ferme-le.
-- si des infections sont présentes, clic sur "Afficher les résultats" puis sur "Supprimer la sélection". Enregistre le rapport sur ton Bureau afin de le poster dans ta prochaine réponse.
REMARQUE : Si MalwareByte's Anti-Malware a besoin de redémarrer pour terminer la suppression, accepte en cliquant sur Ok.

AIDE : Tuto en images sur MBAM


---------------
Prévention & Protection||Vous m'aimez ? Cliquez :o
Profil : IDNaute
Plus d'informations

Malwarebytes' Anti-Malware 1.28
Version de la base de données: 1136
Windows 5.1.2600 Service Pack 2

10/09/2008 17:36:50
mbam-log-2008-09-10 (17-36-50).txt

Type de recherche: Examen complet (C:\|D:\|)
Eléments examinés: 198272
Temps écoulé: 1 hour(s), 40 minute(s), 10 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 1
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 39

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CLASSES_ROOT\AllFilesystemObjects\shellex\ContextMenuHandlers\pcsd.dll (Rogue.PCAntispyware) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shellex\ContextMenuHandlers\pcsd.dll (Rogue.PCAntispyware) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\rdfa (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\contim (Trojan.Vundo) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\aoprndtws (Trojan.Vundo) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\68730c46 (Trojan.Vundo.H) -> Quarantined and deleted successfully.

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
C:\WINDOWS\system32\gpigrcbd.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\dbcrgipg.ini (Trojan.Vundo.H) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP139\A0074365.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP139\A0075105.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP140\A0076192.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP140\A0076193.DLL (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076257.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076262.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076263.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076264.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076265.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076266.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076267.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076268.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076269.DLL (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076270.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076271.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076272.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076273.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076274.dll (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076279.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{B232632F-891C-420A-8470-571731715893}\RP141\A0076280.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\uprarpko.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\njvbfyan.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\gvrpfe.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\vpequudw.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\tshoifmy.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\utxktd.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\icvgtyhm.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\wnddwxpe.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\sfdlthgn.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\hlbzjt.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\ryqjghsy.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\dqahhjgy.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\hazmlh.dll.vir (Trojan.Vundo) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\mx23216.dll.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\WINDOWS\system32\mmx23216.dll.vir (Trojan.FakeAlert) -> Quarantined and deleted successfully.
C:\QooBox\Quarantine\C\Documents and Settings\Alizé\Application Data\Adobe\Manager.exe.vir (Trojan.Agent) -> Quarantined and deleted successfully.
C:\WINDOWS\system32\clkcnt.txt (Trojan.Vundo) -> Quarantined and deleted successfully.

Profil : Helper
Plus d'informations