Sujet Précédent Sujet Suivant

Page de pub !! comment y mettre fin ?

Résolu
sephorabelle Messages postés 90 Statut Membre -  
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité -
Bonjour,

tout est dans le titre !!
a chaque fois que j'ouvre une page internet, une page de pub apparait !!
COMODO sa serre pas a ça?? car je les sur mon ordi ..............
merci de votre aide

42 réponses

Précédent
Réponse 21 / 42
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
oui. Merci.
0
Réponse 22 / 42
sephorabelle Messages postés 90 Statut Membre
 
DSL j'ai pas vu ton mess plus tot !!
voici le resultat
----------\\ ToolBar S&D 1.2.8 XP/Vista

Microsoft Windows XP Édition familiale ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3800+ )
BIOS : BIOS Date: 03/16/06 21:31:05 Ver: 08.00.12
USER : Marilyne Lebrat ( Administrator )
BOOT : Normal boot
Antivirus : Avira AntiVir PersonalEdition 8.0.1.30 (Activated)
Firewall : COMODO Firewall 3.5 (Activated)
C:\ (Local Disk) - NTFS - Total:70 Go (Free:50 Go)
D:\ (CD or DVD) - CDFS - Total:0 Go (Free:0 Go)
E:\ (USB)
F:\ (USB)
G:\ (USB)
H:\ (USB)

"C:\ToolBar SD" ( MAJ : 21-12-2008|20:47 )
Option : [2] ( 10/02/2009|13:44 )

-----------\\ Recherche de Fichiers / Dossiers ...

-----------\\ [..\Internet Explorer\Main]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Local Page"="C:\\WINDOWS\\system32\\blank.htm"
"Start Page"="https://www.google.fr"
"Search Page"="https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC"
"Search Bar"="https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC"
"SearchMigratedDefaultURL"="https://www.bing.com/?scope=web&mkt=fr-FR{searchTerms}&src={referrer:source?}"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="https://www.msn.com/fr-fr/?ocid=iehp"
"Default_Search_URL"="https://actus.sfr.fr"
"Search Page"="https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF"
"Start Page"="https://www.msn.com/fr-fr/"

--------------------\\ Recherche d'autres infections

Aucune autre infection trouvée !

1 - "C:\ToolBar SD\TB_1.txt" - 09/02/2009|13:17 - Option : [1]
2 - "C:\ToolBar SD\TB_2.txt" - 09/02/2009|13:24 - Option : [2]
3 - "C:\ToolBar SD\TB_3.txt" - 10/02/2009|13:37 - Option : [1]
4 - "C:\ToolBar SD\TB_4.txt" - 10/02/2009|13:46 - Option : [2]

-----------\\ Fin du rapport a 13:46:33,25
0
Réponse 23 / 42
sephorabelle Messages postés 90 Statut Membre
 
je suis en trin de faire une analyse Malwarebytes , sa t'interesse de voir le resultat?
hier il y avait encore une infection
merci
0
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
oui.
0
sephorabelle Messages postés 90 Statut Membre > pimprenelle27 Messages postés 22182 Statut Contributeur sécurité
 
voici le resultat de malwarebytes


mbam-log-2009-02-10 (16-47-12).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|H:\|)
Eléments examinés: 152647
Temps écoulé: 43 minute(s), 12 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 24 / 42
sephorabelle Messages postés 90 Statut Membre
 
en voilas un peu
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:15:10, on 10/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\VPro530.exe
C:\Program Files\StarOffice7\program\soffice.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-18\..\RunOnce: [HPSoftwareUpdate] C:\Program Files\HP\HP Software Update\HPWUCli.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [HPSoftwareUpdate] C:\Program Files\HP\HP Software Update\HPWUCli.exe (User 'Default user')
O4 - .DEFAULT User Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe (User 'Default user')
O4 - Startup: SM.lnk = C:\Program Files\SM\skymessnet.exe
O4 - Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: VPro530.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sephorabelle78.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{97A12646-25F6-4F47-8341-B2051135F548}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 42
sephorabelle Messages postés 90 Statut Membre
 
je trouve pas ou cliquer pour Télécharge Superantispyware (SAS) en cliquant sur ce lien ????
0
Réponse 26 / 42
sephorabelle Messages postés 90 Statut Membre
 
en faite c enregister que je ne trouve pas !! sa me dit de payer ! snif
0
Réponse 27 / 42
sephorabelle Messages postés 90 Statut Membre
 
j'ai trouvé lol
0
Réponse 28 / 42
sephorabelle Messages postés 90 Statut Membre
 
Resultat de SUPERantiSpyware

SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 02/10/2009 at 06:45 PM

Application Version : 4.25.1012

Core Rules Database Version : 3748
Trace Rules Database Version: 1715

Scan type : Quick Scan
Total Scan Time : 00:07:46

Memory items scanned : 619
Memory threats detected : 0
Registry items scanned : 477
Registry threats detected : 1
File items scanned : 5099
File threats detected : 252

Adware.Tracking Cookie
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@tracking.publicidees[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@advertising[2].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@xiti[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@smartadserver[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@ad.yieldmanager[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@adtech[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@boursoramabanque.solution.weborama[2].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@estat[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@ad.zanox[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@atdmt[2].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@overture[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@bluestreak[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@tradedoubler[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@adrevolver[2].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@yourmedia[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@adopt.euroclick[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@media6degrees[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@ads.us.e-planning[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@adserver.bleucom[2].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@247realmedia[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@doubleclick[2].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@weborama[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@media.adrevolver[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@mediaplex[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@track.effiliation[1].txt
C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@apmebf[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@bnpparibasnet.solution.weborama[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@www.smartadserver[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@statse.webtrendslive[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@zedo[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@bluestreak[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@ad.yieldmanager[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@adlegend[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan lebrat@xiti[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@www.googleadservices[10].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@www.googleadservices[11].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@ads.createreach[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@stat.dealtime[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@01netgroupe.solution.weborama[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@boursoramabanque.solution.weborama[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@vahine.solution.weborama[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@adserver.easyad[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@ads.gamesbannernet[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@media.mtvnservices[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@im.banner.t-online[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@fastclick[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@cgm.adbureau[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@ads1.cashtrafic[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@aolfr.122.2o7[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan lebrat@aimfar.solution.weborama[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@overture[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@kontera[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@media6degrees[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@at.atwola[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@eas.apm.emediate[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@atdmt[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@media.adrevolver[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@casalemedia[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@aem.solution.weborama[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@media.adrevolver[3].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@indextools[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@fl01.ct2.comclick[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@fr.at.atwola[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@adbrite.122.2o7[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@weborama[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@adopt.euroclick[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@cetelem.solution.weborama[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@bs.serving-sys[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@adtech[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@apmebf[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@adbrite[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@advertstream[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@serving-sys[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@atwola[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@www6.addfreestats[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@tribalfusion[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@adviva[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@ad.caradisiac[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@www.adbrite[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@track.effiliation[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@2o7[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@fr.classic.clickintext[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@adrevolver[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@tracking.publicidees[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@ad.zanox[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@track.adform[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@ads.adap[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@hollywood.solution.weborama[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@tradedoubler[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@clicks.pangora[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@specificclick[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@server.cpmstar[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@advertising[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@questionmarket[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@nestlecereals.solution.weborama[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@content.yieldmanager[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@content.yieldmanager[3].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@clickintext[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@247realmedia[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@www.googleadservices[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@www.googleadservices[6].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@garnierpure.solution.weborama[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@ads.ad4game[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@www.googleadservices[3].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@www.googleadservices[4].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@www.googleadservices[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@www.googleadservices[5].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@imrworldwide[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@yadro[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@dynamic.media.adrevolver[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@adserver.aol[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@yourmedia[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@doubleclick[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@oberon-media[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@tacoda[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@clickinvideo[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@ads.pointroll[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@windowsmedia[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@ehg-foxmovies.hitbox[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@www.windowsmedia[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@hitbox[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@hotlog[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@track.webgains[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@mediaplex[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@content.yieldmanager.edgesuite[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@nextag[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@smartadserver[1].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@a.websponsors[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@statcounter[2].txt
C:\Documents and Settings\dylan lebrat\Cookies\dylan lebrat@msnportal.112.2o7[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.sexyavenue[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.tvsexe[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@mcm.solution.weborama[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@advertstream[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@adbrite[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@media6degrees[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@ads.twenga[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@weborama[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@dekio.solution.weborama[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@aimfar.solution.weborama[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@tribalfusion[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@2o7[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@serving-sys[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@ad.zanox[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@cdiscount[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@content.yieldmanager[3].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@accounts.pkr[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@yourmedia[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@content.yieldmanager[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@media.adrevolver[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.googleadservices[4].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@fl01.ct2.comclick[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.googleadservices[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.googleadservices[5].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.googleadservices[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.googleadservices[6].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@zone-adulte[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.googleadservices[3].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.googleadservices[7].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@bs.serving-sys[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.sexeautop[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@bluestreak[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@mediaplex[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@adopt.euroclick[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@adultfriendfinder[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@bizrate[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@tradedoubler[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@advertising[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@altimasa.112.2o7[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@parents.solution.weborama[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@doubleclick[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@clickintext[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@comclick[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@track.effiliation[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@247realmedia[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@adserver.aol[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@interhome.solution.weborama[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@stats.searchtrack[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@rider-discount[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@fastclick[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@specificclick[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@content.yieldmanager.edgesuite[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@atdmt[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@tracking.veille-referencement[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@dealtime[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@cetelem.solution.weborama[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@630.stats.misstrends[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@porn[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@635.stats.misstrends[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@notrefamille.112.2o7[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@xiti[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.rider-discount[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@adtech[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@apmebf[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@boursoramabanque.solution.weborama[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@ads.pointroll[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@track.webgains[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@adviva[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@fr.classic.clickintext[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@lagarderefrance.solution.weborama[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@overture[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@yoplait.solution.weborama[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@webpopulation.112.2o7[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@adrevolver[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@smartadserver[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@optimost[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.etracker[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@cgm.adbureau[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@weba.cdiscount[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@stat.dealtime[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@dynamic.media.adrevolver[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@elle.solution.weborama[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@tracking.publicidees[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.videos-xxx[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@www.smartadserver[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@ad.yieldmanager[1].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@casalemedia[2].txt
C:\Documents and Settings\fernando silva cardo\Cookies\fernando silva cardo@msnportal.112.2o7[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@ad.yieldmanager[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@media6degrees[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@advertstream[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@doubleclick[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@content.yieldmanager.edgesuite[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@hollywood.solution.weborama[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@trackers.1st-affiliation[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@www.socialtrack[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@msnaccountservices.112.2o7[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@nestlecereals.solution.weborama[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@account.live[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@adrevolver[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@atdmt[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@yourmedia[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@content.yieldmanager[3].txt
C:\Documents and Settings\YOANN\Cookies\yoann@content.yieldmanager[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@advertising[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@adopt.euroclick[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@ad.zanox[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@bluestreak[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@bs.serving-sys[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@cetelem.solution.weborama[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@media.adrevolver[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@media.adrevolver[3].txt
C:\Documents and Settings\YOANN\Cookies\yoann@mediaplex[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@msnportal.112.2o7[1].txt
C:\Documents and Settings\YOANN\Cookies\yoann@serving-sys[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@richmedia.yahoo[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@tradedoubler[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@zedo[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@weborama[2].txt
C:\Documents and Settings\YOANN\Cookies\yoann@xiti[1].txt
C:\Lop SD\Backup-Lop\DOCUME~1\MARILY~1\Cookies\marilyne_lebrat@advertising[1].txt

Trojan.DNSChanger-Codec
HKU\S-1-5-21-390084847-499120632-3489069195-1007\Software\fcn
0
Réponse 29 / 42
sephorabelle Messages postés 90 Statut Membre
 
impossible de fair l'analyse kaspersky, voici le message:
echec du chargement, du control activeX kaspersky vous devez jouir des privileges d'administrateur sur ce poste; en outre il faut configurer le niveau de securité IE sur moyen
0
Réponse 30 / 42
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Essaye avec celui ci.
0
Réponse 31 / 42
sephorabelle Messages postés 90 Statut Membre
 
je n'avais pas enlever mon enti virus...... sa viend ptetre de la?
0
Réponse 32 / 42
sephorabelle Messages postés 90 Statut Membre
 
oui sa viend de la !! mise a jour en cour..............
0
Réponse 33 / 42
sephorabelle Messages postés 90 Statut Membre
 
pas de trace de kaspersky dans mon poste de travail !! grrrrrrr
0
Réponse 34 / 42
sephorabelle Messages postés 90 Statut Membre
 
merci, l'analyse est en cour, elle n'est pas très bonne ..........
0
Réponse 35 / 42
sephorabelle Messages postés 90 Statut Membre
 
voici le resultat:
ANALYSIS: 2009-02-11 17:46:43
PROTECTIONS: 1
MALWARE: 14
SUSPECTS: 1
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Avira AntiVir PersonalEdition 8.0.1.30 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@doubleclick[3].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@atdmt[1].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@tradedoubler[1].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@tradedoubler[3].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@xiti[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@ad.yieldmanager[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@ad.yieldmanager[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\fernando silva cardo\Cookies\fernando_silva_cardo@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@apmebf[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@bs.serving-sys[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@weborama[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@advertising[3].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@advertising[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@zedo[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@bluestreak[1].txt
00194327 Cookie/Go TrackingCookie No 0 Yes No C:\Documents and Settings\dylan lebrat\Cookies\dylan_lebrat@go[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@smartadserver[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Marilyne Lebrat\Cookies\marilyne_lebrat@smartadserver[3].txt
;===================================================================================================================================================================================
SUSPECTS
Sent Location )
;===================================================================================================================================================================================
No C:\Documents and Settings\Marilyne Lebrat\Mes documents\LopSD.exe )
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description )
;===================================================================================================================================================================================
;===================================================================================================================================================================================
0
Réponse 36 / 42
sephorabelle Messages postés 90 Statut Membre
 
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:10:26, on 12/02/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\DNA\btdna.exe
C:\Program Files\Windows Media Player\WMPNSCFG.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\WINDOWS\VPro530.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\StarOffice7\program\soffice.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://actus.sfr.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [COMODO Internet Security] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKCU\..\Run: [Philips Intelligent Agent] "C:\Program Files\Philips\Intelligent Agent\Philips Intelligent Agent.exe" /SILENT
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [HPSoftwareUpdate] C:\Program Files\HP\HP Software Update\HPWUCli.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [HPSoftwareUpdate] C:\Program Files\HP\HP Software Update\HPWUCli.exe (User 'Default user')
O4 - .DEFAULT User Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe (User 'Default user')
O4 - Startup: SM.lnk = C:\Program Files\SM\skymessnet.exe
O4 - Startup: StarOffice 7.lnk = C:\Program Files\StarOffice7\program\quickstart.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: VPro530.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) - http://copainsdavant.linternaute.com/...
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://sephorabelle78.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D71F9A27-723E-4B8B-B428-B725E47CBA3E} (Imikimi_activex_plugin Control) - http://imikimi.com/download/imikimi_plugin_0.5.1.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{97A12646-25F6-4F47-8341-B2051135F548}: NameServer = 192.168.1.1
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: COMODO Internet Security Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
0
Réponse 37 / 42
sephorabelle Messages postés 90 Statut Membre
 
c fait !!! c super deja g plus SM qui saffiche quand j'allume mon pc !! merci merci
0
Réponse 38 / 42
sephorabelle Messages postés 90 Statut Membre
 
[ Rapport ToolsCleaner version 2.3.0 (par A.Rothstein & dj QUIOU) ]

-->- Recherche:

C:\fixnavi.txt: trouvé !
C:\cleannavi.txt: trouvé !
C:\lopR.txt: trouvé !
C:\TB.txt: trouvé !
C:\Lop SD: trouvé !
C:\Toolbar SD: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: trouvé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: trouvé !
C:\Documents and Settings\Marilyne Lebrat\Mes documents\LopSD.exe: trouvé !
C:\Documents and Settings\Marilyne Lebrat\Mes documents\Navilog1.exe: trouvé !
C:\Program Files\Navilog1: trouvé !
C:\Program Files\Navilog1\Navilog1.bat: trouvé !
C:\Program Files\Trend Micro\HijackThis: trouvé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: trouvé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: trouvé !

---------------------------------
-->- Suppression:

C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis\HijackThis.lnk: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1\Navilog1.lnk: supprimé !
C:\Documents and Settings\Marilyne Lebrat\Mes documents\LopSD.exe: supprimé !
C:\Documents and Settings\Marilyne Lebrat\Mes documents\Navilog1.exe: supprimé !
C:\Program Files\Navilog1\Navilog1.bat: supprimé !
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe: supprimé !
C:\fixnavi.txt: supprimé !
C:\cleannavi.txt: supprimé !
C:\lopR.txt: supprimé !
C:\TB.txt: supprimé !
C:\Program Files\Trend Micro\HijackThis\hijackthis.log: supprimé !
C:\Lop SD: supprimé !
C:\Toolbar SD: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\HijackThis: supprimé !
C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Navilog1: supprimé !
C:\Program Files\Navilog1: supprimé !
C:\Program Files\Trend Micro\HijackThis: supprimé !
0
Réponse 39 / 42
sephorabelle Messages postés 90 Statut Membre
 
mon PC ce porte à merveille !! je te remerie tres sincerement
J'ai encore quelques questions à te poser:
* Que me conseils-tu pour que toutes ces anomalies ne revienent pas?
* J'ai comodo, je ne c pas a quoi sa sert, d'apres toi, je le garde?
* Tout ce que tu ma fait telecherger, dois-je tout garder? esque sa va me servire?
* Comment dois-je faire pour analiser un fichier avant de l'ouvrir sur ma boite MSN? car tout doit venir de la.....!
encore merci
0
Réponse 40 / 42
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Tout ce que tu ma fait telecherger, dois-je tout garder? esque sa va me servire? ils ont été éffacés par toolscleaner

à part malware que tu peux garder pour faire des scans de temps en temps.

Comment dois-je faire pour analiser un fichier avant de l'ouvrir sur ma boite MSN? car tout doit venir de la.....!

As tu une messagerie sur ton bureau?

J'ai comodo, je ne c pas a quoi sa sert, d'apres toi, je le garde comodo est un firewal, je ne sais pas ce qu'il vaut car moi j'ai celui de mon antivirus?

Que me conseils-tu pour que toutes ces anomalies ne revienent pas? tu as Avira AntiVir PersonalEdition 8.0.1.30 je ne sais pas ce qu'il vaut je ne fait pas très confiance au antivirus gratuit, je préfère les payants. Docn à toi de voir mais fait attention ou tu vas sur internet de télécharge pas n'importe quoi, met bien à jour ton pc et ses logiciels et ses pilotes. puis programme un scan toute les semaines avec ton antivirus.
0

Discussions similaires

Ouvrir un fichier .pub sans Publisher
baissaoui -
baissaoui -

0 réponse
Code source couleur de fond
Mehdi-Amg -
Techno01 -

9 réponses