Gros problème infecté par plusieur virus et trojan

guigui14100 · Juillet 19, 2008, 9:22

Ok pas grave

A tu fait un scan avec housecall?

dan_distributeck · Juillet 19, 2008, 9:26

je sais pas ci sa peut d’aider mes j’ai trouver c’est deux fichier louches je tenvois voici le log

celui ci est msvcp80.dll

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 - - -
AntiVir - - -
Authentium - - -
Avast - - -
AVG - - -
BitDefender - - -
CAT-QuickHeal - - -
ClamAV - - -
DrWeb - - -
eSafe - - -
eTrust-Vet - - -
Ewido - - -
F-Prot - - -
F-Secure - - -
FileAdvisor - - -
Fortinet - - -
Ikarus - - -
Kaspersky - - -
McAfee - - -
Microsoft - - -
NOD32v2 - - -
Norman - - -
Panda - - -
Prevx1 - - -
Rising - - -
Sophos - - -
Sunbelt - - -
Symantec - - -
TheHacker - - -
VBA32 - - -
VirusBuster - - -
Webwasher-Gateway - - BlockReason.0
Information additionnelle
MD5: 2f54b17eb09dfc6d57201e455f771b55
SHA1: 265229b9a9201563c2b9d74ce6ceeb27feb774c9
SHA256: 9ec27a9931617911651c4de5718026b2fddfcc9b69db66d10874b2eba0a54fc5
SHA512: 98822bab65beb47e7bfdc99556373c81dbf2dfb875f3bc29949969918a2df5334f6a610188ee5729a50686403bf65256da38a42f89e1ab5cda01e4734d1cbbfd

et voila le 2 em , c’est msvcr80.dll et il a na long à dire

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.7.17.0 2008.07.18 -
AntiVir 7.8.0.68 2008.07.18 -
Authentium 5.1.0.4 2008.07.18 -
Avast 4.8.1195.0 2008.07.18 -
AVG 8.0.0.130 2008.07.18 -
BitDefender 7.2 2008.07.18 -
CAT-QuickHeal 9.50 2008.07.17 -
ClamAV 0.93.1 2008.07.18 -
DrWeb 4.44.0.09170 2008.07.18 -
eSafe 7.0.17.0 2008.07.17 -
eTrust-Vet 31.6.5965 2008.07.18 -
Ewido 4.0 2008.07.18 -
F-Prot 4.4.4.56 2008.07.18 -
F-Secure 7.60.13501.0 2008.07.18 -
Fortinet 3.14.0.0 2008.07.18 -
GData 2.0.7306.1023 2008.07.18 -
Ikarus T3.1.1.34.0 2008.07.18 -
Kaspersky 7.0.0.125 2008.07.18 -
McAfee 5341 2008.07.18 -
Microsoft 1.3704 2008.07.18 -
NOD32v2 3278 2008.07.18 -
Norman 5.80.02 2008.07.18 -
Panda 9.0.0.4 2008.07.17 -
Prevx1 V2 2008.07.18 -
Rising 20.53.42.00 2008.07.18 -
Sophos 4.31.0 2008.07.18 -
Sunbelt 3.1.1536.1 2008.07.17 -
Symantec 10 2008.07.18 -
TheHacker 6.2.96.381 2008.07.16 -
TrendMicro 8.700.0.1004 2008.07.18 -
VBA32 3.12.8.0 2008.07.17 -
VirusBuster 4.5.11.0 2008.07.17 -
Webwasher-Gateway 6.6.2 2008.07.18 -
Information additionnelle
File size: 614400 bytes
MD5…: 1cd7330ecac7f89a88d959c4b620ddc2
SHA1…: fc5af327fbcb99eadc151a63ff9b84248f6c230a
SHA256: 045fd28d3d8f75fe950bdbe9f791e4246cc94176679f641da0f55e492ba52ab9
SHA512: 9b414714833225c6d6fef4431698129f9166eae1016c8cc5eb660d56a386b751
4a25ed7d53c9b24a1d1ffcf09fe2a7a646375341ea2611af04585d8530c233a3
PEiD…: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x7c371ca7
timedatestamp…: 0x425732e9 (Sat Apr 09 01:42:01 2005)
machinetype…: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x6088d 0x61000 6.78 4791dbbeb3a23c5db4da6bc77722719d
.rdata 0x62000 0x29a1c 0x2a000 6.78 1273150dcc74ffa65735ae0bd4922633
.data 0x8c000 0x70a8 0x5000 3.15 700c4251ca5bca498beb75211f621857
.rsrc 0x94000 0x3c8 0x1000 1.03 efa9b33a0065d41dea2453d440b5b040
.reloc 0x95000 0x37ba 0x4000 5.94 d122251512a6a753f36bec893554190a

( 2 imports )

msvcrt.dll: _getdrives
KERNEL32.dll: QueryPerformanceCounter, GetLocalTime, GetModuleFileNameA, GetModuleFileNameW, ExitProcess, GetProcAddress, GetModuleHandleA, WriteFile, GetStdHandle, GetCurrentThreadId, GetCommandLineA, HeapFree, GetVersionExA, HeapAlloc, GetProcessHeap, DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, ExitThread, CloseHandle, GetLastError, ResumeThread, CreateThread, TlsAlloc, InterlockedIncrement, SetLastError, InterlockedDecrement, GetCurrentThread, TlsFree, TlsSetValue, TlsGetValue, FindNextFileA, FindFirstFileA, FindClose, FindNextFileW, FindFirstFileW, Sleep, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, HeapReAlloc, VirtualAlloc, SetHandleCount, GetFileType, GetStartupInfoA, GetCPInfo, GetACP, GetOEMCP, UnhandledExceptionFilter, SetUnhandledExceptionFilter, WriteConsoleW, SetConsoleCtrlHandler, FreeLibrary, InterlockedExchange, LoadLibraryA, InitializeCriticalSection, MultiByteToWideChar, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, GetCommandLineW, WideCharToMultiByte, LCMapStringA, LCMapStringW, GetStringTypeA, GetStringTypeW, LoadLibraryW, RtlUnwind, VirtualQuery, SetEnvironmentVariableA, SetEnvironmentVariableW, GetUserDefaultLCID, GetLocaleInfoA, EnumSystemLocalesA, IsValidLocale, IsValidCodePage, SetLocalTime, GetTickCount, GetCurrentProcessId, GetSystemTimeAsFileTime, TerminateProcess, GetCurrentProcess, GetLocaleInfoW, GetTimeFormatA, GetDateFormatA, GetTimeZoneInformation, HeapSize, GetConsoleCP, GetConsoleMode, FlushFileBuffers, SetFilePointer, WriteConsoleA, GetConsoleOutputCP, SetStdHandle, CreateFileA, CompareStringA, CompareStringW, Beep, FileTimeToSystemTime, FileTimeToLocalFileTime, GetDiskFreeSpaceA, GetLogicalDrives, SetErrorMode, GetFileAttributesA, GetCurrentDirectoryA, SetCurrentDirectoryA, SetFileAttributesA, GetFullPathNameA, GetDriveTypeA, CreateDirectoryA, RemoveDirectoryA, DeleteFileA, GetFileAttributesW, GetCurrentDirectoryW, SetCurrentDirectoryW, SetFileAttributesW, GetFullPathNameW, CreateDirectoryW, DeleteFileW, MoveFileW, RemoveDirectoryW, GetDriveTypeW, MoveFileA, RaiseException, GetExitCodeProcess, WaitForSingleObject, CreateProcessA, CreateProcessW, HeapValidate, HeapCompact, HeapWalk, VirtualProtect, GetSystemInfo, IsDBCSLeadByteEx, ReadConsoleA, ReadConsoleW, SetConsoleMode, SetEndOfFile, DuplicateHandle, GetFileInformationByHandle, PeekNamedPipe, ReadConsoleInputA, PeekConsoleInputA, GetNumberOfConsoleInputEvents, ReadConsoleInputW, LockFile, UnlockFile, CreatePipe, ReadFile, CreateFileW, SetFileTime, LocalFileTimeToFileTime, SystemTimeToFileTime

( 1434 exports )
$I10_OUTPUT, __0__non_rtti_object@std@@QAE@ABV01@@Z, __0bad_cast@std@@QAE@ABV01@@Z, __0bad_cast@std@@QAE@PBD@Z, __0bad_typeid@std@@QAE@ABV01@@Z, __0bad_typeid@std@@QAE@PBD@Z, __0exception@std@@QAE@ABQBD@Z, __0exception@std@@QAE@ABQBDH@Z, __0exception@std@@QAE@ABV01@@Z, __0exception@std@@QAE@XZ, __1__non_rtti_object@std@@UAE@XZ, __1bad_cast@std@@UAE@XZ, __1bad_typeid@std@@UAE@XZ, __1exception@std@@UAE@XZ, __1type_info@@UAE@XZ, __2@YAPAXI@Z, __3@YAXPAX@Z, __4__non_rtti_object@std@@QAEAAV01@ABV01@@Z, __4bad_cast@std@@QAEAAV01@ABV01@@Z, __4bad_typeid@std@@QAEAAV01@ABV01@@Z, __4exception@std@@QAEAAV01@ABV01@@Z, __8type_info@@QBE_NABV0@@Z, __9type_info@@QBE_NABV0@@Z, ___7__non_rtti_object@std@@6B@, ___7bad_cast@std@@6B@, ___7bad_typeid@std@@6B@, ___7exception@@6B@, ___7exception@std@@6B@, ___Fbad_cast@std@@QAEXXZ, ___Fbad_typeid@std@@QAEXXZ, ___U@YAPAXI@Z, ___V@YAXPAX@Z, __Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z, __Type_info_dtor@type_info@@CAXPAV1@@Z, __ValidateExecute@@YAHP6GHXZ@Z, __ValidateRead@@YAHPBXI@Z, __ValidateWrite@@YAHPAXI@Z, __inconsistency@@YAXXZ, __invalid_parameter@@YAXPBG00II@Z, __is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z, __open@@YAHPBDHH@Z, __query_new_handler@@YAP6AHI@ZXZ, __query_new_mode@@YAHXZ, __set_new_handler@@YAP6AHI@ZH@Z, __set_new_handler@@YAP6AHI@ZP6AHI@Z@Z, __set_new_mode@@YAHH@Z, __set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z, __set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z, __sopen@@YAHPBDHHH@Z, __wopen@@YAHPB_WHH@Z, __wsopen@@YAHPB_WHHH@Z, _before@type_info@@QBEHABV1@@Z, _name@type_info@@QBEPBDPAU__type_info_node@@@Z, _raw_name@type_info@@QBEPBDXZ, _set_new_handler@@YAP6AXXZP6AXXZ@Z, _set_terminate@@YAP6AXXZH@Z, _set_terminate@@YAP6AXXZP6AXXZ@Z, _set_unexpected@@YAP6AXXZH@Z, _set_unexpected@@YAP6AXXZP6AXXZ@Z, _swprintf@@YAHPAGIPBGZZ, _swprintf@@YAHPA_WIPB_WZZ, _terminate@@YAXXZ, _unexpected@@YAXXZ, _vswprintf@@YAHPA_WIPB_WPAD@Z, _what@exception@std@@UBEPBDXZ, @_calloc_crt@8, @_malloc_crt@4, @_realloc_crt@8, _CIacos, _CIasin, _CIatan, _CIatan2, _CIcos, _CIcosh, _CIexp, _CIfmod, _CIlog, _CIlog10, _CIpow, _CIsin, _CIsinh, _CIsqrt, _CItan, _CItanh, _CRT_RTC_INIT, _CRT_RTC_INITW, _CreateFrameInfo, _CxxThrowException, _EH_prolog, _FindAndUnlinkFrame, _Getdays, _Getmonths, _Gettnames, _HUGE, _IsExceptionObjectToBeDestroyed, _NLG_Dispatch2, _NLG_Return, _NLG_Return2, _Strftime, _XcptFilter, __AdjustPointer, __BuildCatchObject, __BuildCatchObjectHelper, __CppXcptFilter, __CxxCallUnwindDelDtor, __CxxCallUnwindDtor, __CxxCallUnwindStdDelDtor, __CxxCallUnwindVecDtor, __CxxDetectRethrow, __CxxExceptionFilter, __CxxFrameHandler, __CxxFrameHandler2, __CxxFrameHandler3, __CxxLongjmpUnwind, __CxxQueryExceptionSize, __CxxRegisterExceptionObject, __CxxUnregisterExceptionObject, __DestructExceptionObject, __FrameUnwindFilter, __RTCastToVoid, __RTDynamicCast, __RTtypeid, __STRINGTOLD, __TypeMatch, ___fls_getvalue@4, ___fls_setvalue@8, ___lc_codepage_func, ___lc_collate_cp_func, ___lc_handle_func, ___mb_cur_max_func, ___setlc_active_func, ___unguarded_readlc_active_add_func, __argc, __argv, __badioinfo, __clean_type_info_names_internal, __control87_2, __create_locale, __crtCompareStringA, __crtCompareStringW, __crtGetLocaleInfoW, __crtGetStringTypeW, __crtLCMapStringA, __crtLCMapStringW, __daylight, __dllonexit, __doserrno, __dstbias, __fpecode, __free_locale, __get_app_type, __get_current_locale, __get_tlsindex, __getmainargs, __initenv, __iob_func, __isascii, __iscsym, __iscsymf, __iswcsym, __iswcsymf, __lc_clike, __lc_codepage, __lc_collate_cp, __lc_handle, __lconv, __lconv_init, __libm_sse2_acos, __libm_sse2_acosf, __libm_sse2_asin, __libm_sse2_asinf, __libm_sse2_atan, __libm_sse2_atan2, __libm_sse2_atanf, __libm_sse2_cos, __libm_sse2_cosf, __libm_sse2_exp, __libm_sse2_expf, __libm_sse2_log, __libm_sse2_log10, __libm_sse2_log10f, __libm_sse2_logf, __libm_sse2_pow, __libm_sse2_powf, __libm_sse2_sin, __libm_sse2_sinf, __libm_sse2_tan, __libm_sse2_tanf, __mb_cur_max, __p___argc, __p___argv, __p___initenv, __p___mb_cur_max, __p___wargv, __p___winitenv, __p__acmdln, __p__amblksiz, __p__commode, __p__daylight, __p__dstbias, __p__environ, __p__fmode, __p__iob, __p__mbcasemap, __p__mbctype, __p__osplatform, __p__osver, __p__pctype, __p__pgmptr, __p__pwctype, __p__timezone, __p__tzname, __p__wcmdln, __p__wenviron, __p__winmajor, __p__winminor, __p__winver, __p__wpgmptr, __pctype_func, __pioinfo, __pwctype_func, __pxcptinfoptrs, __report_gsfailure, __security_error_handler, __set_app_type, __setlc_active, __setusermatherr, __strncnt, __sys_errlist, __sys_nerr, __threadhandle, __threadid, __timezone, __toascii, __tzname, __unDName, __unDNameEx, __uncaught_exception, __unguarded_readlc_active, __wargv, __wcserror, __wcserror_s, __wcsncnt, __wgetmainargs, __winitenv, _abnormal_termination, _abs64, _access, _access_s, _acmdln, _adj_fdiv_m16i, _adj_fdiv_m32, _adj_fdiv_m32i, _adj_fdiv_m64, _adj_fdiv_r, _adj_fdivr_m16i, _adj_fdivr_m32, _adj_fdivr_m32i, _adj_fdivr_m64, _adj_fpatan, _adj_fprem, _adj_fprem1, _adj_fptan, _adjust_fdiv, _aexit_rtn, _aligned_free, _aligned_malloc, _aligned_offset_malloc, _aligned_offset_realloc, _aligned_realloc, _amsg_exit, _assert, _atodbl, _atodbl_l, _atof_l, _atoflt, _atoflt_l, _atoi64, _atoi64_l, _atoi_l, _atol_l, _atoldbl, _atoldbl_l, _beep, _beginthread, _beginthreadex, _byteswap_uint64, _byteswap_ulong, _byteswap_ushort, _c_exit, _cabs, _callnewh, _calloc_crt, _cexit, _cgets, _cgets_s, _cgetws, _cgetws_s, _chdir, _chdrive, _chgsign, _chkesp, _chmod, _chsize, _chsize_s, _clearfp, _close, _commit, _commode, _configthreadlocale, _control87, _controlfp, _controlfp_s, _copysign, _cprintf, _cprintf_l, _cprintf_p, _cprintf_p_l, _cprintf_s, _cprintf_s_l, _cputs, _cputws, _creat, _create_locale, _crt_debugger_hook, _cscanf, _cscanf_l, _cscanf_s, _cscanf_s_l, _ctime32, _ctime32_s, _ctime64, _ctime64_s, _cwait, _cwprintf, _cwprintf_l, _cwprintf_p, _cwprintf_p_l, _cwprintf_s, _cwprintf_s_l, _cwscanf, _cwscanf_l, _cwscanf_s, _cwscanf_s_l, _daylight, _difftime32, _difftime64, _dosmaperr, _dstbias, _dup, _dup2, _dupenv_s, _ecvt, _ecvt_s, _endthread, _endthreadex, _environ, _eof, _errno, _except_handler2, _except_handler3, _execl, _execle, _execlp, _execlpe, _execv, _execve, _execvp, _execvpe, _exit, _expand, _fclose_nolock, _fcloseall, _fcvt, _fcvt_s, _fdopen, _fflush_nolock, _fgetchar, _fgetwchar, _filbuf, _filelength, _filelengthi64, _fileno, _findclose, _findfirst32, _findfirst32i64, _findfirst64, _findfirst64i32, _findnext32, _findnext32i64, _findnext64, _findnext64i32, _finite, _flsbuf, _flushall, _fmode, _fpclass, _fpieee_flt, _fpreset, _fprintf_l, _fprintf_p, _fprintf_p_l, _fprintf_s_l, _fputchar, _fputwc_nolock, _fputwchar, _fread_nolock, _free_locale, _freea_s, _fscanf_l, _fscanf_s_l, _fseek_nolock, _fseeki64, _fseeki64_nolock, _fsopen, _fstat32, _fstat32i64, _fstat64, _fstat64i32, _ftell_nolock, _ftelli64, _ftelli64_nolock, _ftime32, _ftime32_s, _ftime64, _ftime64_s, _ftol, _fullpath, _futime32, _futime64, _fwprintf_l, _fwprintf_p, _fwprintf_p_l, _fwprintf_s_l, _fwrite_nolock, _fwscanf_l, _fwscanf_s_l, _gcvt, _gcvt_s, _get_amblksiz, _get_current_locale, _get_daylight, _get_doserrno, _get_dstbias, _get_errno, _get_fmode, _get_heap_handle, _get_invalid_parameter_handler, _get_osfhandle, _get_osplatform, _get_osver, _get_output_format, _get_pgmptr, _get_printf_count_output, _get_purecall_handler, _get_sbh_threshold, _get_terminate, _get_timezone, _get_tzname, _get_unexpected, _get_winmajor, _get_winminor, _get_winver, _get_wpgmptr, _getch, _getche, _getcwd, _getdcwd, _getdcwd_nolock, _getdiskfree, _getdllprocaddr, _getdrive, _getdrives, _getmaxstdio, _getmbcp, _getpid, _getptd, _getsystime, _getw, _getwch, _getwche, _getws, _getws_s, _global_unwind2, _gmtime32, _gmtime32_s, _gmtime64, _gmtime64_s, _heapadd, _heapchk, _heapmin, _heapset, _heapused, _heapwalk, _hypot, _hypotf, _i64toa, _i64toa_s, _i64tow, _i64tow_s, _initptd, _initterm, _initterm_e, _inp, _inpd, _inpw, _invalid_parameter, _invoke_watson, _iob, _isalnum_l, _isalpha_l, _isatty, _iscntrl_l, _isctype, _isctype_l, _isdigit_l, _isgraph_l, _isleadbyte_l, _islower_l, _ismbbalnum, _ismbbalnum_l, _ismbbalpha, _ismbbalpha_l, _ismbbgraph, _ismbbgraph_l, _ismbbkalnum, _ismbbkalnum_l, _ismbbkana, _ismbbkana_l, _ismbbkprint, _ismbbkprint_l, _ismbbkpunct, _ismbbkpunct_l, _ismbblead, _ismbblead_l, _ismbbprint, _ismbbprint_l, _ismbbpunct, _ismbbpunct_l, _ismbbtrail, _ismbbtrail_l, _ismbcalnum, _ismbcalnum_l, _ismbcalpha, _ismbcalpha_l, _ismbcdigit, _ismbcdigit_l, _ismbcgraph, _ismbcgraph_l, _ismbchira, _ismbchira_l, _ismbckata, _ismbckata_l, _ismbcl0, _ismbcl0_l, _ismbcl1, _ismbcl1_l, _ismbcl2, _ismbcl2_l, _ismbclegal, _ismbclegal_l, _ismbclower, _ismbclower_l, _ismbcprint, _ismbcprint_l, _ismbcpunct, _ismbcpunct_l, _ismbcspace, _ismbcspace_l, _ismbcsymbol, _ismbcsymbol_l, _ismbcupper, _ismbcupper_l, _ismbslead, _ismbslead_l, _ismbstrail, _ismbstrail_l, _isnan, _isprint_l, _isspace_l, _isupper_l, _iswalnum_l, _iswalpha_l, _iswcntrl_l, _iswcsym_l, _iswcsymf_l, _iswctype_l, _iswdigit_l, _iswgraph_l, _iswlower_l, _iswprint_l, _iswpunct_l, _iswspace_l, _iswupper_l, _iswxdigit_l, _isxdigit_l, _itoa, _itoa_s, _itow, _itow_s, _j0, _j1, _jn, _kbhit, _lfind, _lfind_s, _loaddll, _local_unwind2, _localtime32, _localtime32_s, _localtime64, _localtime64_s, _lock, _lock_file, _locking, _logb, _longjmpex, _lrotl, _lrotr, _lsearch, _lsearch_s, _lseek, _lseeki64, _ltoa, _ltoa_s, _ltow, _ltow_s, _makepath, _makepath_s, _malloc_crt, _mbbtombc, _mbbtombc_l, _mbbtype, _mbbtype_l, _mbcasemap, _mbccpy, _mbccpy_l, _mbccpy_s, _mbccpy_s_l, _mbcjistojms, _mbcjistojms_l, _mbcjmstojis, _mbcjmstojis_l, _mbclen, _mbclen_l, _mbctohira, _mbctohira_l, _mbctokata, _mbctokata_l, _mbctolower, _mbctolower_l, _mbctombb, _mbctombb_l, _mbctoupper, _mbctoupper_l, _mbctype, _mblen_l, _mbsbtype, _mbsbtype_l, _mbscat, _mbscat_s, _mbscat_s_l, _mbschr, _mbschr_l, _mbscmp, _mbscmp_l, _mbscoll, _mbscoll_l, _mbscpy, _mbscpy_s, _mbscpy_s_l, _mbscspn, _mbscspn_l, _mbsdec, _mbsdec_l, _mbsdup, _mbsicmp, _mbsicmp_l, _mbsicoll, _mbsicoll_l, _mbsinc, _mbsinc_l, _mbslen, _mbslen_l, _mbslwr, _mbslwr_l, _mbslwr_s, _mbslwr_s_l, _mbsnbcat, _mbsnbcat_l, _mbsnbcat_s, _mbsnbcat_s_l, _mbsnbcmp, _mbsnbcmp_l, _mbsnbcnt, _mbsnbcnt_l, _mbsnbcoll, _mbsnbcoll_l, _mbsnbcpy, _mbsnbcpy_l, _mbsnbcpy_s, _mbsnbcpy_s_l, _mbsnbicmp, _mbsnbicmp_l, _mbsnbicoll, _mbsnbicoll_l, _mbsnbset, _mbsnbset_l, _mbsnbset_s, _mbsnbset_s_l, _mbsncat, _mbsncat_l, _mbsncat_s, _mbsncat_s_l, _mbsnccnt, _mbsnccnt_l, _mbsncmp, _mbsncmp_l, _mbsncoll, _mbsncoll_l, _mbsncpy, _mbsncpy_l, _mbsncpy_s, _mbsncpy_s_l, _mbsnextc, _mbsnextc_l, _mbsnicmp, _mbsnicmp_l, _mbsnicoll, _mbsnicoll_l, _mbsninc, _mbsninc_l, _mbsnlen, _mbsnlen_l, _mbsnset, _mbsnset_l, _mbsnset_s, _mbsnset_s_l, _mbspbrk, _mbspbrk_l, _mbsrchr, _mbsrchr_l, _mbsrev, _mbsrev_l, _mbsset, _mbsset_l, _mbsset_s, _mbsset_s_l, _mbsspn, _mbsspn_l, _mbsspnp, _mbsspnp_l, _mbsstr, _mbsstr_l, _mbstok, _mbstok_l, _mbstok_s, _mbstok_s_l, _mbstowcs_l, _mbstowcs_s_l, _mbstrlen, _mbstrlen_l, _mbstrnlen, _mbstrnlen_l, _mbsupr, _mbsupr_l, _mbsupr_s, _mbsupr_s_l, _mbtowc_l, _memccpy, _memicmp, _memicmp_l, _mkdir, _mkgmtime32, _mkgmtime64, _mktemp, _mktemp_s, _mktime32, _mktime64, _msize, _nextafter, _onexit, _open, _open_osfhandle, _osplatform, _osver, _outp, _outpd, _outpw, _pclose, _pctype, _pgmptr, _pipe, _popen, _printf_l, _printf_p, _printf_p_l, _printf_s_l, _purecall, _putch, _putenv, _putenv_s, _putw, _putwch, _putws, _pwctype, _read, _realloc_crt, _resetstkoflw, _rmdir, _rmtmp, _rotl, _rotl64, _rotr, _rotr64, _safe_fdiv, _safe_fdivr, _safe_fprem, _safe_fprem1, _scalb, _scanf_l, _scanf_s_l, _scprintf, _scprintf_l, _scprintf_p, _scprintf_p_l, _scwprintf, _scwprintf_l, _scwprintf_p, _scwprintf_p_l, _searchenv, _searchenv_s, _seh_longjmp_unwind, _set_SSE2_enable, _set_abort_behavior, _set_amblksiz, _set_controlfp, _set_doserrno, _set_errno, _set_error_mode, _set_fmode, _set_invalid_parameter_handler, _set_malloc_crt_max_wait, _set_output_format, _set_printf_count_output, _set_purecall_handler, _set_sbh_threshold, _seterrormode, _setjmp, _setjmp3, _setmaxstdio, _setmbcp, _setmode, _setsystime, _sleep, _snprintf, _snprintf_c, _snprintf_c_l, _snprintf_l, _snprintf_s, _snprintf_s_l, _snscanf, _snscanf_l, _snscanf_s, _snscanf_s_l, _snwprintf, _snwprintf_l, _snwprintf_s, _snwprintf_s_l, _snwscanf, _snwscanf_l, _snwscanf_s, _snwscanf_s_l, _sopen, _sopen_s, _spawnl, _spawnle, _spawnlp, _spawnlpe, _spawnv, _spawnve, _spawnvp, _spawnvpe, _splitpath, _splitpath_s, _sprintf_l, _sprintf_p_l, _sprintf_s_l, _sscanf_l, _sscanf_s_l, _stat32, _stat32i64, _stat64, _stat64i32, _statusfp, _statusfp2, _strcmpi, _strcoll_l, _strdate, _strdate_s, _strdup, _strerror, _strerror_s, _strftime_l, _stricmp, _stricmp_l, _stricoll, _stricoll_l, _strlwr, _strlwr_l, _strlwr_s, _strlwr_s_l, _strncoll, _strncoll_l, _strnicmp, _strnicmp_l, _strnicoll, _strnicoll_l, _strnset, _strnset_s, _strrev, _strset, _strset_s, _strtime, _strtime_s, _strtod_l, _strtoi64, _strtoi64_l, _strtol_l, _strtoui64, _strtoui64_l, _strtoul_l, _strupr, _strupr_l, _strupr_s, _strupr_s_l, _strxfrm_l, _swab, _swprintf, _swprintf_c, _swprintf_p_l, _swprintf_s_l, _swscanf_l, _swscanf_s_l, _sys_errlist, _sys_nerr, _tell, _telli64, _tempnam, _time32, _time64, _timezone, _tolower, _tolower_l, _toupper, _toupper_l, _towlower_l, _towupper_l, _tzname, _tzset, _ui64toa, _ui64toa_s, _ui64tow, _ui64tow_s, _ultoa, _ultoa_s, _ultow, _ultow_s, _umask, _umask_s, _ungetc_nolock, _ungetch, _ungetwc_nolock, _ungetwch, _unlink, _unloaddll, _unlock, _unlock_file, _utime32, _utime64, _vcprintf, _vcprintf_l, _vcprintf_p, _vcprintf_p_l, _vcprintf_s, _vcprintf_s_l, _vcwprintf, _vcwprintf_l, _vcwprintf_p, _vcwprintf_p_l, _vcwprintf_s, _vcwprintf_s_l, _vfprintf_l, _vfprintf_p, _vfprintf_p_l, _vfprintf_s_l, _vfwprintf_l, _vfwprintf_p, _vfwprintf_p_l, _vfwprintf_s_l, _vprintf_l, _vprintf_p, _vprintf_p_l, _vprintf_s_l, _vscprintf, _vscprintf_l, _vscprintf_p, _vscprintf_p_l, _vscwprintf, _vscwprintf_l, _vscwprintf_p, _vscwprintf_p_l, _vsnprintf, _vsnprintf_c, _vsnprintf_c_l, _vsnprintf_l, _vsnprintf_s, _vsnprintf_s_l, _vsnwprintf, _vsnwprintf_l, _vsnwprintf_s, _vsnwprintf_s_l, _vsprintf_l, _vsprintf_p, _vsprintf_p_l, _vsprintf_s_l, _vswprintf, _vswprintf_c, _vswprintf_c_l, _vswprintf_l, _vswprintf_p, _vswprintf_p_l, _vswprintf_s_l, _vwprintf_l, _vwprintf_p, _vwprintf_p_l, _vwprintf_s_l, _waccess, _waccess_s, _wasctime, _wasctime_s, _wassert, _wchdir, _wchmod, _wcmdln, _wcreat, _wcscoll_l, _wcsdup, _wcserror, _wcserror_s, _wcsftime_l, _wcsicmp, _wcsicmp_l, _wcsicoll, _wcsicoll_l, _wcslwr, _wcslwr_l, _wcslwr_s, _wcslwr_s_l, _wcsncoll, _wcsncoll_l, _wcsnicmp, _wcsnicmp_l, _wcsnicoll, _wcsnicoll_l, _wcsnset, _wcsnset_s, _wcsrev, _wcsset, _wcsset_s, _wcstod_l, _wcstoi64, _wcstoi64_l, _wcstol_l, _wcstombs_l, _wcstombs_s_l, _wcstoui64, _wcstoui64_l, _wcstoul_l, _wcsupr, _wcsupr_l, _wcsupr_s, _wcsupr_s_l, _wcsxfrm_l, _wctime32, _wctime32_s, _wctime64, _wctime64_s, _wctomb_l, _wctomb_s_l, _wctype, _wdupenv_s, _wenviron, _wexecl, _wexecle, _wexeclp, _wexeclpe, _wexecv, _wexecve, _wexecvp, _wexecvpe, _wfdopen, _wfindfirst32, _wfindfirst32i64, _wfindfirst64, _wfindfirst64i32, _wfindnext32, _wfindnext32i64, _wfindnext64, _wfindnext64i32, _wfopen, _wfopen_s, _wfreopen, _wfreopen_s, _wfsopen, _wfullpath, _wgetcwd, _wgetdcwd, _wgetdcwd_nolock, _wgetenv, _wgetenv_s, _winmajor, _winminor, _winver, _wmakepath, _wmakepath_s, _wmkdir, _wmktemp, _wmktemp_s, _wopen, _wperror, _wpgmptr, _wpopen, _wprintf_l, _wprintf_p, _wprintf_p_l, _wprintf_s_l, _wputenv, _wputenv_s, _wremove, _wrename, _write, _wrmdir, _wscanf_l, _wscanf_s_l, _wsearchenv, _wsearchenv_s, _wsetlocale, _wsopen, _wsopen_s, _wspawnl, _wspawnle, _wspawnlp, _wspawnlpe, _wspawnv, _wspawnve, _wspawnvp, _wspawnvpe, _wsplitpath, _wsplitpath_s, _wstat32, _wstat32i64, _wstat64, _wstat64i32, _wstrdate, _wstrdate_s, _wstrtime, _wstrtime_s, _wsystem, _wtempnam, _wtmpnam, _wtmpnam_s, _wtof, _wtof_l, _wtoi, _wtoi64, _wtoi64_l, _wtoi_l, _wtol, _wtol_l, _wunlink, _wutime32, _wutime64, _y0, _y1, _yn, abort, abs, acos, asctime, asctime_s, asin, atan, atan2, atexit, atof, atoi, atol, bsearch, bsearch_s, btowc, calloc, ceil, clearerr, clearerr_s, clock, cos, cosh, div, exit, exp, fabs, fclose, feof, ferror, fflush, fgetc, fgetpos, fgets, fgetwc, fgetws, floor, fmod, fopen, fopen_s, fprintf, fprintf_s, fputc, fputs, fputwc, fputws, fread, free, freopen, freopen_s, frexp, fscanf, fscanf_s, fseek, fsetpos, ftell, fwprintf, fwprintf_s, fwrite, fwscanf, fwscanf_s, getc, getchar, getenv, getenv_s, gets, gets_s, getwc, getwchar, is_wctype, isalnum, isalpha, iscntrl, isdigit, isgraph, isleadbyte, islower, isprint, ispunct, isspace, isupper, iswalnum, iswalpha, iswascii, iswcntrl, iswctype, iswdigit, iswgraph, iswlower, iswprint, iswpunct, iswspace, iswupper, iswxdigit, isxdigit, labs, ldexp, ldiv, localeconv, log, log10, longjmp, malloc, mblen, mbrlen, mbrtowc, mbsrtowcs, mbsrtowcs_s, mbstowcs, mbstowcs_s, mbtowc, memchr, memcmp, memcpy, memcpy_s, memmove, memmove_s, memset, modf, perror, pow, printf, printf_s, putc, putchar, puts, putwc, putwchar, qsort, qsort_s, raise, rand, rand_s, realloc, remove, rename, rewind, scanf, scanf_s, setbuf, setlocale, setvbuf, signal, sin, sinh, sprintf, sprintf_s, sqrt, srand, sscanf, sscanf_s, strcat, strcat_s, strchr, strcmp, strcoll, strcpy, strcpy_s, strcspn, strerror, strerror_s, strftime, strlen, strncat, strncat_s, strncmp, strncpy, strncpy_s, strnlen, strpbrk, strrchr, strspn, strstr, strtod, strtok, strtok_s, strtol, strtoul, strxfrm, swprintf, swprintf_s, swscanf, swscanf_s, system, tan, tanh, tmpfile, tmpfile_s, tmpnam, tmpnam_s, tolower, toupper, towlower, towupper, ungetc, ungetwc, vfprintf, vfprintf_s, vfwprintf, vfwprintf_s, vprintf, vprintf_s, vsnprintf, vsnprintf_s, vsprintf, vsprintf_s, vswprintf, vswprintf_s, vwprintf, vwprintf_s, wcrtomb, wcrtomb_s, wcscat, wcscat_s, wcschr, wcscmp, wcscoll, wcscpy, wcscpy_s, wcscspn, wcsftime, wcslen, wcsncat, wcsncat_s, wcsncmp, wcsncpy, wcsncpy_s, wcsnlen, wcspbrk, wcsrchr, wcsrtombs, wcsrtombs_s, wcsspn, wcsstr, wcstod, wcstok, wcstok_s, wcstol, wcstombs, wcstombs_s, wcstoul, wcsxfrm, wctob, wctomb, wctomb_s, wprintf, wprintf_s, wscanf, wscanf_s

guigui14100 · Juillet 19, 2008, 9:28

Non c’est fichier son clean il font parti de logiciel microsoft

dan_distributeck · Juillet 19, 2008, 9:29

je vais tenté de le refaire le scan avec housecall hière il ne voulais plus mes j’ai d’esintallé housecall je vais retenté le coup

guigui14100 · Juillet 19, 2008, 9:29

Repost un log hijackthis

dan_distributeck · Juillet 19, 2008, 9:34

la sa marche avec housecall je n’ai surment ppour la journée avant qu’ill finisse et puije faire un hijack même ci housecall fonctionne

guigui14100 · Juillet 19, 2008, 9:35

Ok merci

dan_distributeck · Juillet 19, 2008, 9:40

lolll puije refaire un hijack même ci housecall est en execution

guigui14100 · Juillet 19, 2008, 9:46

Oui tu peut

dan_distributeck · Juillet 19, 2008, 9:53

Merci, alors voici le nouveau log de hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:51:55, on 2008-07-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM…\Run: [HPLJ Config] “C:\Program Files\Hewlett-Packard\hp LaserJet 1010 Series\SetConfig.exe” -c Direct -p DOT4_001 -pn “hp LaserJet 1010 Series Driver” -n 0 -l 1036 -sl 120000
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe”
O4 - HKLM…\Run: [StatusClient] “C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe” /auto
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [nwiz] “nwiz.exe” /install
O4 - HKLM…\Run: [NvMediaCenter] “RUNDLL32.EXE” C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [NvCplDaemon] “RUNDLL32.EXE” C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM…\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM…\Run: [HP Software Update] “C:\Program Files\HP\HP Software Update\HPWuSchd2.exe”
O4 - HKLM…\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM…\Run: [Adobe Acrobat Speed Launcher] “C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat_sl.exe”
O4 - HKLM…\Run: [Acrobat Assistant 8.0] “C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe”
O4 - HKLM…\Run: [SBCSTray] “C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe”
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [TomcatStartup] “C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe”
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” /background
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE…
O8 - Extra context menu item: Rechercher sur eBay - C:\Program… Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU)
O9 - Extra button: Dictionnaire - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU)
O9 - Extra button: Synonymes - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote S - IE 6.htm (HKCU)
O9 - Extra button: Conjugueur - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote C - IE 6.htm (HKCU)
O9 - Extra button: Grammaire - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.google.ca/fr
O15 - Trusted Zone: asia.msi.com.tw…
O15 - Trusted Zone: global.msi.com.tw…
O15 - Trusted Zone: www.msi.com.tw…
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - www.king.com…
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - h20264.www2.hp.com…
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - h20436.www2.hp.com…
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - liveupdate.msi.com.tw…
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - fichiers.touslesdrivers.com…
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BvrpKrnl - Unknown owner - C:\Program Files\WinFax eXPert\BVRPKrnl.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

–
End of file - 11497 bytes

guigui14100 · Juillet 19, 2008, 10:01

Dans les rapport je voit rien

desinstalle ComboFix en copiant_collant la ligne ci dessous dans executer et valide la:

supprime si restant c:\qoobox, c:\bug , c:\combofix

Finit le scan est post le rapport

dan_distributeck · Juillet 19, 2008, 10:14

j’ai suprimé comboFix comme spécifié et j’ai refait un hijack voici le log

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:12:29, on 2008-07-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\Trend Micro\HijackThis\hjt.exe
C:\WINDOWS\system32\wuauclt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM…\Run: [HPLJ Config] “C:\Program Files\Hewlett-Packard\hp LaserJet 1010 Series\SetConfig.exe” -c Direct -p DOT4_001 -pn “hp LaserJet 1010 Series Driver” -n 0 -l 1036 -sl 120000
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe”
O4 - HKLM…\Run: [StatusClient] “C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe” /auto
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [nwiz] “nwiz.exe” /install
O4 - HKLM…\Run: [NvMediaCenter] “RUNDLL32.EXE” C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [NvCplDaemon] “RUNDLL32.EXE” C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM…\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM…\Run: [HP Software Update] “C:\Program Files\HP\HP Software Update\HPWuSchd2.exe”
O4 - HKLM…\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM…\Run: [Adobe Acrobat Speed Launcher] “C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat_sl.exe”
O4 - HKLM…\Run: [Acrobat Assistant 8.0] “C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe”
O4 - HKLM…\Run: [SBCSTray] “C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe”
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [TomcatStartup] “C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe”
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” /background
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE…
O8 - Extra context menu item: Rechercher sur eBay - C:\Program… Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU)
O9 - Extra button: Dictionnaire - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU)
O9 - Extra button: Synonymes - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote S - IE 6.htm (HKCU)
O9 - Extra button: Conjugueur - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote C - IE 6.htm (HKCU)
O9 - Extra button: Grammaire - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.google.ca/fr
O15 - Trusted Zone: asia.msi.com.tw…
O15 - Trusted Zone: global.msi.com.tw…
O15 - Trusted Zone: www.msi.com.tw…
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - www.king.com…
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - h20264.www2.hp.com…
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - h20436.www2.hp.com…
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - liveupdate.msi.com.tw…
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - fichiers.touslesdrivers.com…
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BvrpKrnl - Unknown owner - C:\Program Files\WinFax eXPert\BVRPKrnl.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe

–
End of file - 11564 bytes

et pour housecall il me dit que sa va prendre 5HR Alors la suite plutard

dan_distributeck · Juillet 21, 2008, 5:56

me revoila excuse moi pour le délais j’ai finalement réussi a faire le scan avec housecall mes je n’ais pas u le temps de tous copier le résulta du scan mes il a fait la réparation des itème détecté il avais detecté 1 virus et 4 cookies et par la suite il à refectuer un scan et la il à rien détecté mes voici ce que j’ai réussi a copier et je voulais savoir aussi il a un plusieur log de housecall dans mes fichier caché il en à peut etre un la dedans que tu voudrais voir mes voici ce que j’ai .

Programmes malveillants/virus détectés

1 Infection(s)
Remarque : la suppression complète des programmes malveillants répertoriés ci-dessous a échoué ! Pour obtenir des conseils et des astuces générales sur la résolution du problème, cliquez ici . Des informations spécifiques sur les programmes malveillants sont disponibles dans la section relative aux programmes malveillants.
TROJ_AGENT.GBX
1 Infection(s)

Transfert d’informations supplémentaires sur ce programme malveillant…
Informations générales sur ce type de programme malveillant.
Aucune information supplémentaire sur ce programme malveillant n’est actuellement disponible…
Informations générales sur ce type de programme malveillant.
Pseudonymes : aucun autre pseudonyme connu
Plate-forme : Non spécifié
Première occurrence: Non spécifié
Taux de risque général Très faibleFaibleMoyenÉlevé
Informations générales sur ce type de programme malveillant.
Certaines infections provoquées par ce programme malveillant n’ont pas pu être supprimées automatiquement ! Vous pouvez sélectionner manuellement « Supprimer » et exécuter un nouveau nettoyage pour tenter de résoudre le problème.
Sinon, vous pouvez cliquer ici pour obtenir des instructions détaillées sur la méthode de suppression manuelle des infections.
Options de nettoyage Nettoyer automatiquement toutes les infections détectées
Sélectionner une action individuelle pour chaque infection détectée.

et voici un nouveau log de hijack

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:55:38, on 2008-07-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Hewlett-Packard\Toolbox2.0\Javasoft\JRE\1.3.1\bin\javaw.exe
C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Trend Micro\HijackThis\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.ca…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = go.microsoft.com…
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = go.microsoft.com…
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d’Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Programme d’aide de l’Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM…\Run: [HPLJ Config] “C:\Program Files\Hewlett-Packard\hp LaserJet 1010 Series\SetConfig.exe” -c Direct -p DOT4_001 -pn “hp LaserJet 1010 Series Driver” -n 0 -l 1036 -sl 120000
O4 - HKLM…\Run: [SunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe”
O4 - HKLM…\Run: [StatusClient] “C:\Program Files\Hewlett-Packard\Toolbox2.0\Apache Tomcat 4.0\webapps\Toolbox\StatusClient\StatusClient.exe” /auto
O4 - HKLM…\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [nwiz] “nwiz.exe” /install
O4 - HKLM…\Run: [NvMediaCenter] “RUNDLL32.EXE” C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [NvCplDaemon] “RUNDLL32.EXE” C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM…\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM…\Run: [HP Software Update] “C:\Program Files\HP\HP Software Update\HPWuSchd2.exe”
O4 - HKLM…\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM…\Run: [Adobe Acrobat Speed Launcher] “C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrobat_sl.exe”
O4 - HKLM…\Run: [Acrobat Assistant 8.0] “C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe”
O4 - HKLM…\Run: [SBCSTray] “C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe”
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\QTTask.exe” -atboottime
O4 - HKLM…\Run: [TomcatStartup] “C:\Program Files\Hewlett-Packard\Toolbox2.0\hpbpsttp.exe”
O4 - HKCU…\Run: [msnmsgr] “C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe” /background
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE LOCAL’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SERVICE RÉSEAU’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O8 - Extra context menu item: Ajouter au fichier PDF existant - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir en Adobe PDF - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - C:\Program… Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE…
O8 - Extra context menu item: Rechercher sur eBay - C:\Program… Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Correcteur - {F7C8E5F6-B6D1-45db-8D91-2BCFA5DF11A9} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote K - IE 6.htm (HKCU)
O9 - Extra button: Dictionnaire - {FB4AE6A3-EE20-442c-9189-251885352358} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote D - IE 6.htm (HKCU)
O9 - Extra button: Synonymes - {FDD637F8-2693-49ce-817E-1AD59574900C} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote S - IE 6.htm (HKCU)
O9 - Extra button: Conjugueur - {FF229BEC-9E1F-48c1-99A6-AF34ABEFAB0A} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote C - IE 6.htm (HKCU)
O9 - Extra button: Grammaire - {FFB5EE7F-726F-423e-83C2-572FE7CEB3F0} - C:\PROGRA~1\Druide\Antidote\Antidote\Internet Explorer\6\Antidote G - IE 6.htm (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.google.ca/fr
O15 - Trusted Zone: asia.msi.com.tw…
O15 - Trusted Zone: global.msi.com.tw…
O15 - Trusted Zone: www.msi.com.tw…
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} -
O16 - DPF: {45A0A292-ECC6-4D8F-9EA9-A4BD411D24C1} (king.com) - www.king.com…
O16 - DPF: {54BE6B6F-3056-470B-97E1-BB92E051B6C4} (DeviceEnum Class) - h20264.www2.hp.com…
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) - h20436.www2.hp.com…
O16 - DPF: {8167C273-DF59-4416-B647-C8BB2C7EE83E} (WebSDev Control) - liveupdate.msi.com.tw…
O16 - DPF: {867E13F2-7F31-44FB-AC97-CD38E0DC46EF} (HardwareDetection Control) - fichiers.touslesdrivers.com…
O20 - AppInit_DLLs: acaptuser32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BvrpKrnl - Unknown owner - C:\Program Files\WinFax eXPert\BVRPKrnl.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l’iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C:\Program Files\Autodesk\3dsMax8\mentalray\satellite\raysat_3dsmax8server.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: Moteur Webroot Spy Sweeper (WebrootSpySweeperService) - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
javascript:void();

End of file - 11530 bytes

merci
cordialement
dandistributeck

dan_distributeck · Juillet 21, 2008, 6:23

re salut encore des problème je suis toujours pas capable d’ouvrir mon panneau de configuration , il me dise explorer.exe doit fermé ,j’ai réussi un coup et je n’ai pas eté capable d’ouvire le cente de sécurité pour réactivé avast et je ne suis toujour pas capable d’activé avast.
sa val mal la QUE FAIRE le rapport d’erreur pour explorer.exe me dise ceci C:\DOCUME~1\dan\LOCALS~1\Temp\d8f8_appcompat.txt

Et merci encore de ton temps et ta patience c’est très apprécié
Edité le 21/07/2008 à 06:27

guigui14100 · Juillet 21, 2008, 10:34

Upload ce fichier sur virus total

dan_distributeck · Juillet 21, 2008, 8:15

et conter spy a détecté ceci à matin. Je fait faire les scans de ce que tu me demande je te le poste dans pas long

Bifrost
Type: Backdoor
Author: EvilEyeSoftware.com

pour le premier dans c windows sd2543af1.tmp je ne l'ai pas et pour le 2em KingComIE.dll voici le log

Antivirus Version Dernière mise à jour Résultat
AhnLab-V3 2008.7.21.1 2008.07.21 -
AntiVir 7.8.1.11 2008.07.21 -
Authentium 5.1.0.4 2008.07.20 -
Avast 4.8.1195.0 2008.07.20 -
AVG 8.0.0.130 2008.07.21 -
BitDefender 7.2 2008.07.21 -
CAT-QuickHeal 9.50 2008.07.21 -
ClamAV 0.93.1 2008.07.21 -
DrWeb 4.44.0.09170 2008.07.21 -
eSafe 7.0.17.0 2008.07.21 -
eTrust-Vet 31.6.5971 2008.07.21 -
Ewido 4.0 2008.07.21 -
F-Prot 4.4.4.56 2008.07.20 -
F-Secure 7.60.13501.0 2008.07.21 -
Fortinet 3.14.0.0 2008.07.21 -
GData 2.0.7306.1023 2008.07.21 -
Ikarus T3.1.1.34.0 2008.07.21 -
Kaspersky 7.0.0.125 2008.07.21 -
McAfee 5343 2008.07.21 -
Microsoft 1.3704 2008.07.21 -
NOD32v2 3284 2008.07.21 -
Norman 5.80.02 2008.07.21 -
Panda 9.0.0.4 2008.07.21 -
PCTools 4.4.2.0 2008.07.21 -
Prevx1 V2 2008.07.21 -
Rising 20.54.02.00 2008.07.21 -
Sophos 4.31.0 2008.07.21 -
Sunbelt 3.1.1536.1 2008.07.18 -
Symantec 10 2008.07.21 -
TheHacker 6.2.96.385 2008.07.20 -
TrendMicro 8.700.0.1004 2008.07.21 -
VBA32 3.12.8.1 2008.07.21 -
VirusBuster 4.5.11.0 2008.07.21 -
Webwasher-Gateway 6.6.2 2008.07.21 -
Information additionnelle
File size: 316672 bytes
MD5…: 8755a7ca1e241c59b3dc2b1429f5560c
SHA1…: 5cb05d00b39c35b229d12d9305ac2b9015caa26b
SHA256: 6b755d093afa16a82cdd7a4988c7d63f4b1e3f6855340fb3843806d6f95bf5fb
SHA512: 494d5792b0906f83493e6753b7f84386e0d35f55b9fcfca34479cd0fc949ef9f
19653c52090830efe61847b1121e5e21991a0218d2457a7341c8101524282e5b
PEiD…: -
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x1001df6e
timedatestamp…: 0x486e0514 (Fri Jul 04 11:10:12 2008)
machinetype…: 0x14c (I386)

( 6 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x2e883 0x2f000 6.67 36218f9e9d68e21cad39432b843b71c7
.orpc 0x30000 0x2d 0x1000 0.13 fb19e8099be972c81d8dd0f43eba0f05
.rdata 0x31000 0xf0e6 0x10000 5.45 7545044e56f279315478d402156a023b
.data 0x41000 0x5560 0x4000 4.39 603b5e482c5986cc01737771a5a53b5a
.rsrc 0x47000 0x1914 0x2000 4.82 b7da8d701309055ffb8c7f66980f54b8
.reloc 0x49000 0x455e 0x5000 5.22 4bfa97418fa3a77b2013bf1310c68ed7

( 12 imports )

CRYPT32.dll: CertFreeCertificateContext, CertFreeCertificateChain, CertGetCertificateChain, CryptMsgGetAndVerifySigner, CertFindCertificateInStore, CryptMsgGetParam, CryptQueryObject
WININET.dll: InternetSetOptionA, InternetConnectA, InternetOpenA, InternetCloseHandle, InternetReadFile, InternetQueryDataAvailable, HttpQueryInfoA, HttpSendRequestA, HttpOpenRequestA, HttpAddRequestHeadersA
VERSION.dll: GetFileVersionInfoA, GetFileVersionInfoSizeA, VerQueryValueA
KERNEL32.dll: GetModuleHandleA, SetThreadLocale, GetThreadLocale, MulDiv, LoadLibraryA, FlushInstructionCache, GetCurrentProcess, GlobalAlloc, SetLastError, GetCurrentThreadId, GlobalUnlock, GlobalLock, LockResource, GlobalFree, GlobalHandle, lstrcmpA, RemoveDirectoryA, DeleteFileA, GetProcAddress, GetVersionExA, GetWindowsDirectoryA, GetFileAttributesA, CreateDirectoryA, CreateThread, CloseHandle, ResumeThread, WaitForSingleObject, TerminateThread, GetTickCount, SetFileAttributesA, WriteFile, Sleep, CreateFileA, GetFileSize, ReadFile, GetFileType, SetHandleCount, HeapSize, TlsFree, TlsSetValue, TlsAlloc, TlsGetValue, GetStdHandle, ExitProcess, HeapCreate, HeapDestroy, VirtualFree, GetProcessHeap, GetCommandLineA, IsDebuggerPresent, SetUnhandledExceptionFilter, UnhandledExceptionFilter, TerminateProcess, HeapReAlloc, RtlUnwind, VirtualQuery, GetSystemInfo, VirtualAlloc, VirtualProtect, HeapFree, HeapAlloc, FreeEnvironmentStringsA, GetEnvironmentStrings, FreeEnvironmentStringsW, GetEnvironmentStringsW, QueryPerformanceCounter, GetCurrentProcessId, GetSystemTimeAsFileTime, GetCPInfo, GetACP, GetOEMCP, IsValidCodePage, InterlockedExchange, SetFilePointer, GetConsoleCP, GetConsoleMode, GetUserDefaultLCID, GetLocaleInfoA, EnumSystemLocalesA, IsValidLocale, GetStringTypeA, GetStringTypeW, LCMapStringA, LCMapStringW, GetLocaleInfoW, SetStdHandle, WriteConsoleA, GetConsoleOutputCP, WriteConsoleW, FlushFileBuffers, LoadLibraryExA, FindResourceA, LoadResource, SizeofResource, FreeLibrary, InterlockedDecrement, InterlockedIncrement, IsDBCSLeadByte, GetModuleFileNameA, lstrcmpiA, lstrlenA, GetLastError, DeleteCriticalSection, InitializeCriticalSection, LeaveCriticalSection, EnterCriticalSection, RaiseException, lstrlenW, WideCharToMultiByte, MultiByteToWideChar, IsProcessorFeaturePresent, InterlockedCompareExchange, GetStartupInfoA
USER32.dll: BeginPaint, CallWindowProcA, GetDesktopWindow, EnumChildWindows, CreateAcceleratorTableA, DestroyAcceleratorTable, EndPaint, FillRect, PtInRect, ReleaseCapture, UnionRect, SetWindowRgn, OffsetRect, EqualRect, IntersectRect, PostThreadMessageA, PeekMessageA, GetMessageA, TranslateMessage, DispatchMessageA, GetClassInfoExA, RegisterWindowMessageA, CreateDialogIndirectParamA, SetFocus, GetClassNameA, IsWindow, GetKeyState, ClientToScreen, ScreenToClient, InvalidateRect, InvalidateRgn, RedrawWindow, SetCapture, UnregisterClassA, LoadCursorA, RegisterClassExA, GetWindowTextLengthA, GetWindowTextA, SetWindowTextA, DefWindowProcA, SystemParametersInfoA, SetWindowContextHelpId, GetDlgItem, GetWindow, SendDlgItemMessageA, ShowWindow, SetWindowPos, CreateWindowExA, GetWindowLongA, SetWindowLongA, MapDialogRect, GetSysColor, DrawTextA, DestroyWindow, GetFocus, GetParent, SendMessageA, GetDC, ReleaseDC, GetDialogBaseUnits, IsChild, GetClientRect, MoveWindow, CharNextA
GDI32.dll: CreateRectRgnIndirect, CreateSolidBrush, BitBlt, CreateCompatibleDC, CreateCompatibleBitmap, LPtoDP, SaveDC, SetMapMode, SetWindowOrgEx, SetViewportOrgEx, DeleteDC, RestoreDC, CreateDCA, GetObjectA, SetBkColor, GetStockObject, Rectangle, SetTextColor, SetBkMode, GetDeviceCaps, CreateFontIndirectA, SelectObject, GetTextMetricsA, GetTextExtentPointA, DeleteObject
ADVAPI32.dll: RegDeleteValueA, RegCloseKey, RegCreateKeyExA, RegOpenKeyExA, RegSetValueExA, RegQueryInfoKeyA, RegEnumKeyExA, RegDeleteKeyA
SHELL32.dll: SHGetSpecialFolderPathA
ole32.dll: OleLockRunning, OleUninitialize, OleInitialize, CoGetClassObject, CoCreateInstance, StringFromGUID2, CoTaskMemFree, CoTaskMemRealloc, CoTaskMemAlloc, CLSIDFromProgID, CLSIDFromString, OleLoadFromStream, OleRegEnumVerbs, OleRegGetUserType, OleRegGetMiscStatus, CreateOleAdviseHolder, WriteClassStm, OleSaveToStream, CoInitialize, CoUninitialize, CreateStreamOnHGlobal
OLEAUT32.dll: -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -, -
RPCRT4.dll: IUnknown_QueryInterface_Proxy, NdrDllUnregisterProxy, NdrDllRegisterProxy, NdrCStdStubBuffer2_Release, NdrDllCanUnloadNow, NdrDllGetClassObject, NdrOleAllocate, NdrOleFree, IUnknown_AddRef_Proxy, IUnknown_Release_Proxy, NdrStubForwardingFunction, NdrStubCall2
urlmon.dll: CreateURLMoniker

( 4 exports )
DllCanUnloadNow, DllGetClassObject, DllRegisterServer, DllUnregisterServer

dan_distributeck · Juillet 21, 2008, 8:20

et pour les 2 dernier :C:\WINDOWS\system32\SBRC.dat C:\WINDOWS\system32\SBFC.dat il dise ceci

0 bytes size received / Se ha recibido un archivo vacio

guigui14100 · Juillet 21, 2008, 8:21

ok

Enregistre CFScript.txt au même endroit que combofix
Puis fait glisser le fichier sur l’icone de combofix

dan_distributeck · Juillet 21, 2008, 8:28

ok je vais le réinstalle cars tu me la fait d’esintallé , et je sais pas ci sa peut d’aider mes quant je vais dans mon panneau de config sa plante et le rapport est :

signature de l’erreur
AppName: explorer.exe AppVer: 6.0.2900.3156 ModName: shell32.dll
ModVer: 6.0.2900.3241 Offset: 0002ac20

guigui14100 · Juillet 21, 2008, 8:37

Oui dsl de te le refaire remettre…

Pour le panneau de config sa doit être que tu es toujours infecter
Edité le 21/07/2008 à 20:37