Sujet Précédent Sujet Suivant

Pubs qui s'ouvrent tout le temps!!!

Fermé
probs Messages postés 45 Date d'inscription samedi 8 novembre 2008 Statut Membre Dernière intervention 26 février 2009 - 15 févr. 2009 à 23:58
probs Messages postés 45 Date d'inscription samedi 8 novembre 2008 Statut Membre Dernière intervention 26 février 2009 - 18 févr. 2009 à 02:56
Bonjour,
voilà depuis un petit moment lorsque je navigue sur internet avec firefox j'ai plein plein de pubs (pop-up et pop-down ou je sais pas quoi) qui s'ouvrent et c'est assez chiant j'aimerais savoir d'ou vient le problème et comment l'éliminer
Merciiiiii.

35 réponses

Précédent
  • 1
  • 2
Réponse 21 / 35
probs Messages postés 45 Date d'inscription samedi 8 novembre 2008 Statut Membre Dernière intervention 26 février 2009
17 févr. 2009 à 07:12
Bonjour,
le scan panda me dit 2 virus gratuits non effaçables et 4 virus payants!!! je dois donc les supprimer mais comment?


Et sinon je me demandais si tu t'y connaissais aussi bien en hardware qu'en software. J'ai 2 ports usb qui ne fonctionnent plus, j'en avais 9 maintenant plus que (lol le "plus que") 7!!! Dans le gestionnaire de periphériques il y en a bien 7 aussi alors que quand j'ai acheté le PC j'avais aucun probleme.Merci d'avance pour l'aide.
0
Réponse 22 / 35
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
17 févr. 2009 à 11:19
pour panda tu peux mettre le rapport merci, ensuite pour tes ports peut être le pilote à mettre à jour.
0
Réponse 23 / 35
probs Messages postés 45 Date d'inscription samedi 8 novembre 2008 Statut Membre Dernière intervention 26 février 2009
17 févr. 2009 à 17:20
Pour ce qui est du scan c'est en cours je suis obligé de le refaire car j'avais tout fermé et le rapport je ne sais pas ou il se trouve et pour ce qui est des ports usb je ne sais pas ou trouver les pilotes!!! J'ai un acer Aspire M5640.
0
Réponse 24 / 35
Mimie2106 Messages postés 38 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 24 février 2009
17 févr. 2009 à 17:47
Bonjour,
Je suis sous XP,
J'ai Norton, Sunbelt Kerio Firewall, Adware, Spybot ==> aucune detection
Du jour au lendemain, j'ai eu des publicités ...
Si quelq'un a une solution je prends !
Voici mon log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:40:02, on 17/02/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Logitech\Video\LogiTray.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Search Settings\SearchSettings.exe
C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\WINDOWS\system32\LVComsX.exe
C:\documents and settings\administrateur\local settings\application data\cccukas.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\WINDOWS\arservice.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = https://fr.search.yahoo.com/?fr=cb-hp06
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.emjysoft.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezoBHO.dll (file missing)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\FICHIE~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: SearchSettings Class - {E312764E-7706-43F1-8DAB-FCDD2B1E416D} - C:\Program Files\Search Settings\kb126\SearchSettings.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SearchSettings] C:\Program Files\Search Settings\SearchSettings.exe
O4 - HKLM\..\Run: [CTCheck] C:\Program Files\Creative\Creative ZEN\ZEN Media Explorer\CTCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKCU\..\Run: [cccukas] "c:\documents and settings\administrateur\local settings\application data\cccukas.exe" cccukas
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - .DEFAULT User Startup: PinMcLnk.lnk = C:\hp\bin\cloaker.exe (User 'Default user')
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (file missing)
O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {09C21411-B9A2-4DE6-8416-4E3B58577BE0} (France Telecom MDM ActiveX Control) - http://minitelweb.minitel.com/imin_data/ocx/MDM.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/pr01/resources/MSNPUpld.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su2/ocx/15035/CTPID.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F59613A8-D45F-46B0-8761-BC9213096915}: NameServer = 192.168.1.1
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 192.168.1.1
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Planificateur LiveUpdate automatique (Automatic LiveUpdate Scheduler) - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: RoxMediaDB10 - Sonic Solutions - C:\Program Files\Fichiers communs\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SessionLauncher - Unknown owner - C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\DX9\SessionLauncher.exe (file missing)
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\FICHIE~1\SYMANT~1\CCPD-LC\symlcsvc.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 35
probs Messages postés 45 Date d'inscription samedi 8 novembre 2008 Statut Membre Dernière intervention 26 février 2009
17 févr. 2009 à 18:38
Hé tu veux quoi MIMIE là t'as cru c'était le poste à tes parents? lol jrigoles bon déjà je mets mon scan panda :




;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-02-17 18:36:38
PROTECTIONS: 2
MALWARE: 6
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Windows Defender 1.1.1505.0 No Yes
SUPERAntiSpyware 4, 25, 0, 1012 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI4AEC.tmp
00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PID212.tmp
00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PIBADE.tmp
00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI8ABE.tmp
00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI794D.tmp
00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI1D7A.tmp
00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI2B75.tmp
00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI45AF.tmp
00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI4AE0.tmp
00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI51C0.tmp
00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PIEB88.tmp
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@atdmt[3].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@atdmt[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\abdel\AppData\Roaming\Microsoft\Windows\Cookies\abdel@com[2].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Cookies\invité@com[1].txt
00167642 Cookie/Com.com TrackingCookie No 0 Yes No C:\Users\abdel\AppData\Roaming\Microsoft\Windows\Cookies\abdel@com[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@smartadserver[1].txt
03429845 Bck/Hupigon.AZG Virus/Trojan No 1 No No E:\Téléchargements\Programmes\Fruity Loops Stu 8.0 RC3 XXL Producer Edition (Key Incl.) NO VIRUS\FLSTUD~1.EXE[Toxic Biohazard.dll]
03858877 Bck/Hupigon.AZG Virus/Trojan No 1 No No E:\Téléchargements\Programmes\Fruity Loops Stu 8.0 RC3 XXL Producer Edition (Key Incl.) NO VIRUS\FLSTUD~1.EXE[Toxic Biohazard.dll]
;===================================================================================================================================================================================
SUSPECTS
Sent Location E�1�
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description E�1�
;===================================================================================================================================================================================
;===================================================================================================================================================================================
0
Réponse 26 / 35
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
17 févr. 2009 à 19:21
il y a encore ça :

00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI4AEC.tmp

00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PID212.tmp

00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PIBADE.tmp

00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI8ABE.tmp

00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI794D.tmp

00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI1D7A.tmp

00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI2B75.tmp

00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI45AF.tmp

00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI4AE0.tmp

00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PI51C0.tmp

00047896 Exploit/MS04-028.gen HackTools No 0 Yes No C:\Users\Invité\AppData\Local\Temp\~PIEB88

03429845 Bck/Hupigon.AZG Virus/Trojan No 1 No No E:\Téléchargements\Programmes\Fruity Loops Stu 8.0 RC3 XXL Producer Edition (Key Incl.) NO VIRUS\FLSTUD~1.EXE[Toxic Biohazard.dll]

03858877 Bck/Hupigon.AZG Virus/Trojan No 1 No No E:\Téléchargements\Programmes\Fruity Loops Stu 8.0
0
Réponse 27 / 35
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
17 févr. 2009 à 19:22
Télécharges Rooter sur ton bureau
https://77b4795d-a-62cb3a1a-s-sites.googlegroups.com/site/eric71mespages/Rooter.exe?attachauth=ANoY7cpzQksLcJt-e1z30LGu7t4JjUhh8amzWs_oSPSJpXbXp8ythGbW2WF8ysioh5NNlarrn7zMnYCRfsT5rCwNrfw5_CZYELApylTiY_MGu0G6uKzWpLEF2YXM3tF7nKZZAWj0JSAajXlZhd8dIyI3MrZ-lAIT5ZrAdcrct9_7bshwVpaZRPizuMTv9SDvmvY31BX4Vvvh2F2Brp1cy_K0jtTTfjttEA%3D%3D&attredirects=2

* Double cliques sur rooter.exe pour le lancer
--> il va scanner ton pc

* Un rapport sera généré, postes le


Télécharge Trojan-Remover sur ton bureau

Lance l'installation, pour cela, regarde bien le Tuto


Ensuite poste le rapport obetenu + un nouvel hijackthis.
0
Réponse 28 / 35
Mimie2106 Messages postés 38 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 24 février 2009
17 févr. 2009 à 20:05
Microsoft Windows XP Professionnel ( v5.1.2600 ) Service Pack 2
X86-based PC ( Multiprocessor Free : AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ )
BIOS : Award Modular BIOS v6.00PG
USER : Administrateur ( Administrator )
BOOT : Normal boot

Antivirus : Norton AntiVirus 15.5.0.23 (Activated)
Firewall : Sunbelt Kerio Personal Firewall 4.3.635 T (Activated)

A:\ (USB)
C:\ (Local Disk) - NTFS - Total:226 Go (Free:159 Go)
D:\ (Local Disk) - FAT32 - Total:6 Go (Free:1 Go)
E:\ (CD or DVD)
F:\ (USB)
G:\ (USB)
H:\ (USB)
I:\ (USB)

17/02/2009|20:02

----------------------\\ Search..


[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cccukas"="\"c:\\documents and settings\\administrateur\\local settings\\application data\\cccukas.exe\" cccukas"

C:\WINDOWS\Pack.epk

C:\DOCUME~1\ADMINI~1\LOCALS~1\APPLIC~1\cccukas.dat
C:\DOCUME~1\ADMINI~1\LOCALS~1\APPLIC~1\cccukas.exe
C:\DOCUME~1\ADMINI~1\LOCALS~1\APPLIC~1\cccukas_nav.dat
C:\DOCUME~1\ADMINI~1\LOCALS~1\APPLIC~1\cccukas_navps.dat
C:\WINDOWS\System32\bfyhnjd.dat
C:\WINDOWS\System32\bfyhnjd_nav.dat
C:\WINDOWS\System32\bfyhnjd_navps.dat
[b]==> NAVIPROMO <==/b


1 - "C:\Rooter$\Rooter_1.txt" - 17/02/2009|20:04

----------------------\\ Scan completed at 20:04

Voici mon rapport
Je telecharge maintenant Trojan Remover !
0
Réponse 29 / 35
Mimie2106 Messages postés 38 Date d'inscription lundi 16 février 2009 Statut Membre Dernière intervention 24 février 2009
17 févr. 2009 à 20:13
Désolé me suis planté ^^
0
Réponse 30 / 35
probs Messages postés 45 Date d'inscription samedi 8 novembre 2008 Statut Membre Dernière intervention 26 février 2009
17 févr. 2009 à 23:07
Voici mon scan avec rooter :




Microsoft® Windows Vista™ Édition Familiale Premium ( v6.0.6001 ) Service Pack 1
X86-based PC ( Multiprocessor Free : Intel(R) Core(TM)2 Quad CPU Q6600 @ 2.40GHz )
BIOS : BIOS Date: 01/29/08 14:43:24 Ver: 08.00.15
USER : Defwa ( Not Administrator ! )
BOOT : Normal boot




C:\ (Local Disk) - NTFS - Total:227 Go (Free:128 Go)
D:\ (Local Disk) - NTFS - Total:465 Go (Free:231 Go)
E:\ (Local Disk) - NTFS - Total:227 Go (Free:144 Go)
F:\ (CD or DVD)
G:\ (CD or DVD)

17/02/2009|23:05

----------------------\\ Search..

No infections found !


1 - "C:\Rooter$\Rooter_1.txt" - 17/02/2009|23:05

----------------------\\ Scan completed at 23:05
0
Réponse 31 / 35
probs Messages postés 45 Date d'inscription samedi 8 novembre 2008 Statut Membre Dernière intervention 26 février 2009
17 févr. 2009 à 23:17
Voici le scan avec trojanremover :




***** NORMAL SCAN FOR ACTIVE MALWARE *****
Trojan Remover Ver 6.7.6.2564. For information, email support@simplysup.com
[Unregistered version]
Scan started at: 23:16:36 17 févr. 2009
Using Database v7288
Operating System: Windows Vista Home Premium (SP1) [Build: 6.0.6001]
File System: NTFS
User Account Control is DISABLED.
UserData directory: C:\Users\Defwa\AppData\Roaming\Simply Super Software\Trojan Remover\
Database directory: C:\Program Files\Trojan Remover\
Logfile directory: E:\Documents\Simply Super Software\Trojan Remover Logfiles\
Program directory: C:\Program Files\Trojan Remover\
Running with Administrator privileges

************************************************************
The following Anti-Malware program(s) are loaded:
[AV Warnings are suppressed]
McAfee Anti-Virus

************************************************************


************************************************************
23:16:36: ----- SCANNING FOR ROOTKIT SERVICES -----
No hidden Services were detected.

************************************************************
23:16:36: Scanning -----WINDOWS REGISTRY-----
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
This key's "Shell" value calls the following program(s):
Key value: [explorer.exe]
File: explorer.exe
C:\Windows\explorer.exe
2927104 bytes
Created: 11/12/2008 06:56
Modified: 29/10/2008 07:29
Company: Microsoft Corporation
----------
This key's "Userinit" value calls the following program(s):
Key value: [C:\Windows\system32\userinit.exe,]
File: C:\Windows\system32\userinit.exe
C:\Windows\system32\userinit.exe
25088 bytes
Created: 30/05/2008 04:43
Modified: 18/01/2008 22:33
Company: Microsoft Corporation
----------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
--------------------
Checking HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
Value Name: load
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
Value Name: Acer Tour
Value Data:
Blank entry: []
--------------------
Value Name: eRecoveryService
Value Data:
Blank entry: []
--------------------
Value Name: NVRaidService
Value Data: C:\Windows\system32\nvraidservice.exe
C:\Windows\system32\nvraidservice.exe
187936 bytes
Created: 27/05/2008 05:54
Modified: 11/09/2007 15:19
Company: NVIDIA Corporation
--------------------
Value Name: mcagent_exe
Value Data: C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
C:\Program Files\McAfee.com\Agent\mcagent.exe
582992 bytes
Created: 28/05/2008 10:16
Modified: 01/11/2007 18:12
Company: McAfee, Inc.
--------------------
Value Name: itype
Value Data: "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
C:\Program Files\Microsoft IntelliType Pro\itype.exe
1442888 bytes
Created: 10/06/2008 12:56
Modified: 10/06/2008 12:56
Company: Microsoft Corporation
--------------------
Value Name: IntelliPoint
Value Data: "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
1406024 bytes
Created: 10/06/2008 12:56
Modified: 10/06/2008 12:56
Company: Microsoft Corporation
--------------------
Value Name: RtHDVCpl
Value Data: C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
6609440 bytes
Created: 02/01/2009 01:12
Modified: 31/10/2008 13:06
Company: Realtek Semiconductor
--------------------
Value Name: SunJavaUpdateSched
Value Data: "C:\Program Files\Java\jre6\bin\jusched.exe"
C:\Program Files\Java\jre6\bin\jusched.exe
148888 bytes
Created: 11/02/2009 12:14
Modified: 11/02/2009 12:14
Company: Sun Microsystems, Inc.
--------------------
Value Name: NvCplDaemon
Value Data: RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
C:\Windows\system32\NvCpl.dll
13683232 bytes
Created: 17/10/2008 03:46
Modified: 15/01/2009 08:19
Company: NVIDIA Corporation
--------------------
Value Name: NvMediaCenter
Value Data: RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
C:\Windows\system32\NvMcTray.dll
92704 bytes
Created: 17/10/2008 03:46
Modified: 15/01/2009 08:19
Company: NVIDIA Corporation
--------------------
Value Name: TrojanScanner
Value Data: C:\Program Files\Trojan Remover\Trjscan.exe /boot
C:\Program Files\Trojan Remover\Trjscan.exe
1214856 bytes
Created: 17/02/2009 23:08
Modified: 17/02/2009 23:11
Company: Simply Super Software
--------------------
--------------------
Checking HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\Run
Value Name: RocketDock
Value Data: "C:\Program Files\RocketDock\RocketDock.exe"
C:\Program Files\RocketDock\RocketDock.exe
495616 bytes
Created: 27/05/2008 09:50
Modified: 02/09/2007 12:58
Company: [no info]
--------------------
Value Name: Rainlendar2
Value Data: C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
4067328 bytes
Created: 24/08/2008 13:01
Modified: 24/08/2008 13:01
Company:
--------------------
Value Name: fsm
Value Data:
Blank entry: []
--------------------
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunOnce
This Registry Key appears to be empty
--------------------
Checking HKCU\Software\Microsoft\Windows\CurrentVersion\RunServices
This Registry Key appears to be empty

************************************************************
23:16:38: Scanning -----SHELLEXECUTEHOOKS-----
ValueName: {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}
File: C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
C:\Program Files\SUPERAntiSpyware\SASSEH.DLL
77824 bytes
Created: 13/05/2008 09:13
Modified: 13/05/2008 09:13
Company: SuperAdBlocker.com
----------

************************************************************
23:16:38: Scanning -----HIDDEN REGISTRY ENTRIES-----
Taskdir check completed
----------
No Hidden File-loading Registry Entries found
----------

************************************************************
23:16:38: Scanning -----ACTIVE SCREENSAVER-----
ScreenSaver: C:\Windows\ACER(N~1.SCR
C:\Windows\ACER(N~1.SCR
187392 bytes
Created: 27/05/2008 05:55
Modified: 19/10/2006 09:00
Company: [no info]
--------------------

************************************************************
23:16:38: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
Key: {2C7339CF-2B09-4501-B3F3-F3508C9228ED}
Path: %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
C:\Windows\system32\themeui.dll [file not found to scan]
----------

************************************************************
23:16:38: Scanning ----- SERVICEDLL REGISTRY KEYS -----

************************************************************
23:16:39: Scanning ----- SERVICES REGISTRY KEYS -----
Key: aawservice
ImagePath: "C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe"
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
611664 bytes
Created: 12/05/2008 11:38
Modified: 20/09/2008 22:48
Company: Lavasoft
----------
Key: Acer HomeMedia Connect Service
ImagePath: "C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe"
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
269448 bytes
Created: 03/12/2007 10:00
Modified: 21/06/2007 18:33
Company: CyberLink
----------
Key: AcerMemUsageCheckService
ImagePath: C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
28672 bytes
Created: 03/12/2007 09:58
Modified: 16/04/2007 18:48
Company:
----------
Key: Adobe LM Service
ImagePath: "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
72704 bytes
Created: 24/06/2008 06:31
Modified: 24/06/2008 06:31
Company: Adobe Systems
----------
Key: blbdrive
ImagePath: \SystemRoot\system32\drivers\blbdrive.sys - file is missing - alert is globally excluded
----------
Key: driverhardwarev2
ImagePath: \??\C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
C:\Program Files\ma-config.com\Drivers\driverhardwarev2.sys
14336 bytes
Created: 24/01/2009 15:18
Modified: 24/01/2009 15:18
Company: CybelSoft
----------
Key: EagleNT
ImagePath: \??\C:\Windows\system32\drivers\EagleNT.sys
C:\Windows\system32\drivers\EagleNT.sys [file not found to scan]
----------
Key: eDataSecurity Service
ImagePath: "C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe"
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
457512 bytes
Created: 25/04/2007 16:34
Modified: 25/04/2007 16:34
Company: HiTRSUT
----------
Key: eRecoveryService
ImagePath: C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
57344 bytes
Created: 27/05/2008 05:53
Modified: 10/09/2007 14:28
Company: Acer Inc.
----------
Key: int15
ImagePath: \??\C:\Acer\Empowering Technology\eRecovery\int15.sys
C:\Acer\Empowering Technology\eRecovery\int15.sys
15392 bytes
Created: 27/05/2008 05:53
Modified: 03/07/2007 03:05
Company: Acer, Inc.
----------
Key: IpInIp
ImagePath: system32\DRIVERS\ipinip.sys - file is missing - alert is globally excluded
----------
Key: libusb0
ImagePath: system32\drivers\libusb0.sys
C:\Windows\system32\drivers\libusb0.sys
33792 bytes
Created: 17/02/2009 01:55
Modified: 09/03/2005 20:50
Company: https://sourceforge.net/p/libusb-win32/wiki/Home/
----------
Key: libusbd
ImagePath: system32\libusbd-nt.exe
C:\Windows\system32\libusbd-nt.exe
18944 bytes
Created: 17/02/2009 01:55
Modified: 09/03/2005 20:50
Company: https://sourceforge.net/p/libusb-win32/wiki/Home/
----------
Key: maconfservice
ImagePath: "C:\Program Files\ma-config.com\maconfservice.exe"
C:\Program Files\ma-config.com\maconfservice.exe
216232 bytes
Created: 24/01/2009 14:46
Modified: 24/01/2009 14:46
Company: CybelSoft
----------
Key: McAfee SiteAdvisor Service
ImagePath: "C:\Program Files\McAfee\SiteAdvisor\McSACore.exe"
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
206096 bytes
Created: 03/10/2008 16:51
Modified: 05/12/2008 15:51
Company: McAfee, Inc.
----------
Key: mcmscsvc
ImagePath: C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
767976 bytes
Created: 28/05/2008 10:16
Modified: 09/01/2008 15:50
Company: McAfee, Inc.
----------
Key: McNASvc
ImagePath: "c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe"
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
2458128 bytes
Created: 28/05/2008 10:16
Modified: 25/01/2008 00:38
Company: McAfee, Inc.
----------
Key: McODS
ImagePath: C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
378184 bytes
Created: 28/05/2008 10:17
Modified: 07/11/2007 08:35
Company: McAfee, Inc.
----------
Key: McProxy
ImagePath: c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
359248 bytes
Created: 28/05/2008 10:17
Modified: 15/08/2007 11:36
Company: McAfee, Inc.
----------
Key: McShield
ImagePath: C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
144704 bytes
Created: 28/05/2008 10:16
Modified: 24/07/2007 11:02
Company: McAfee, Inc.
----------
Key: McSysmon
ImagePath: C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
695624 bytes
Created: 28/05/2008 10:16
Modified: 05/12/2007 09:04
Company: McAfee, Inc.
----------
Key: mfeavfk
ImagePath: system32\drivers\mfeavfk.sys
C:\Windows\system32\drivers\mfeavfk.sys
79304 bytes
Created: 28/05/2008 10:16
Modified: 22/11/2007 05:44
Company: McAfee, Inc.
----------
Key: mfebopk
ImagePath: system32\drivers\mfebopk.sys
C:\Windows\system32\drivers\mfebopk.sys
35240 bytes
Created: 28/05/2008 10:16
Modified: 22/11/2007 05:44
Company: McAfee, Inc.
----------
Key: mfehidk
ImagePath: system32\drivers\mfehidk.sys
C:\Windows\system32\drivers\mfehidk.sys
201320 bytes
Created: 28/05/2008 10:16
Modified: 22/11/2007 05:44
Company: McAfee, Inc.
----------
Key: mferkdk
ImagePath: system32\drivers\mferkdk.sys
C:\Windows\system32\drivers\mferkdk.sys
33832 bytes
Created: 28/05/2008 10:16
Modified: 22/11/2007 05:44
Company: McAfee, Inc.
----------
Key: mfesmfk
ImagePath: system32\drivers\mfesmfk.sys
C:\Windows\system32\drivers\mfesmfk.sys
40488 bytes
Created: 28/05/2008 10:16
Modified: 02/12/2007 11:51
Company: McAfee, Inc.
----------
Key: MPFP
ImagePath: System32\Drivers\Mpfp.sys
C:\Windows\System32\Drivers\Mpfp.sys
125728 bytes
Created: 28/05/2008 10:16
Modified: 13/07/2007 05:21
Company: McAfee, Inc.
----------
Key: MpfService
ImagePath: "C:\Program Files\McAfee\MPF\MPFSrv.exe"
C:\Program Files\McAfee\MPF\MPFSrv.exe
856864 bytes
Created: 28/05/2008 10:17
Modified: 18/07/2007 14:54
Company: McAfee, Inc.
----------
Key: MSCamSvc
ImagePath: "C:\Program Files\Microsoft LifeCam\MSCamS32.exe"
C:\Program Files\Microsoft LifeCam\MSCamS32.exe
164896 bytes
Created: 04/08/2008 15:22
Modified: 04/08/2008 15:22
Company: Microsoft Corporation
----------
Key: msiserver
ImagePath: %systemroot%\system32\msiexec /V
----------
Key: MSK80Service
ImagePath: "C:\Program Files\McAfee\MSK\MskSrver.exe"
C:\Program Files\McAfee\MSK\MskSrver.exe
23880 bytes
Created: 28/05/2008 10:17
Modified: 26/11/2007 09:46
Company: McAfee, Inc.
----------
Key: MSSQL$SONY_MEDIAMGR
ImagePath: C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe -sSONY_MEDIAMGR
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
7520337 bytes
Created: 17/12/2002 17:26
Modified: 17/12/2002 17:26
Company: Microsoft Corporation
----------
Key: MSSQLServerADHelper
ImagePath: C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe
66112 bytes
Created: 17/12/2002 17:23
Modified: 17/12/2002 17:23
Company: Microsoft Corporation
----------
Key: Nero BackItUp Scheduler 3
ImagePath: C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [file not found to scan]
----------
Key: Nero BackItUp Scheduler 4.0
ImagePath: C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
935208 bytes
Created: 05/12/2008 16:11
Modified: 05/12/2008 16:11
Company: Nero AG
----------
Key: NMIndexingService
ImagePath: "C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe"
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
529704 bytes
Created: 28/02/2008 16:07
Modified: 28/02/2008 16:07
Company: Nero AG
----------
Key: NMSAccessU
ImagePath: C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
71096 bytes
Created: 10/12/2008 01:39
Modified: 20/10/2008 21:18
Company: [no info]
----------
Key: NTIDrvr
ImagePath: system32\DRIVERS\NTIDrvr.sys
C:\Windows\system32\DRIVERS\NTIDrvr.sys
6144 bytes
Created: 03/12/2007 09:45
Modified: 03/12/2007 09:45
Company: NewTech Infosystems, Inc.
----------
Key: NVHDA
ImagePath: system32\drivers\nvhda32v.sys
C:\Windows\system32\drivers\nvhda32v.sys
30752 bytes
Created: 16/02/2009 01:10
Modified: 16/07/2007 17:38
Company: NVIDIA Corporation
----------
Key: nvraid
ImagePath: system32\drivers\nvraid.sys
C:\Windows\system32\drivers\nvraid.sys
88680 bytes
Created: 02/11/2006 08:36
Modified: 02/11/2006 10:50
Company: NVIDIA Corporation
----------
Key: nvrd32
ImagePath: system32\drivers\nvrd32.sys
C:\Windows\system32\drivers\nvrd32.sys
123424 bytes
Created: 03/12/2007 16:40
Modified: 12/09/2007 00:19
Company: NVIDIA Corporation
----------
Key: nvsmu
ImagePath: system32\DRIVERS\nvsmu.sys
C:\Windows\system32\DRIVERS\nvsmu.sys
12032 bytes
Created: 03/12/2007 16:38
Modified: 07/07/2007 14:13
Company: NVIDIA Corporation
----------
Key: nvstor32
ImagePath: system32\drivers\nvstor32.sys
C:\Windows\system32\drivers\nvstor32.sys
114208 bytes
Created: 03/12/2007 16:40
Modified: 12/09/2007 00:19
Company: NVIDIA Corporation
----------
Key: nvsvc
ImagePath: %SystemRoot%\system32\nvvsvc.exe
C:\Windows\system32\nvvsvc.exe
207392 bytes
Created: 15/01/2009 08:19
Modified: 15/01/2009 08:19
Company: NVIDIA Corporation
----------
Key: NwlnkFlt
ImagePath: system32\DRIVERS\nwlnkflt.sys - file is missing - alert is globally excluded
----------
Key: NwlnkFwd
ImagePath: system32\DRIVERS\nwlnkfwd.sys - file is missing - alert is globally excluded
----------
Key: pavboot
ImagePath: system32\drivers\pavboot.sys
C:\Windows\system32\drivers\pavboot.sys
28544 bytes
Created: 17/02/2009 00:31
Modified: 19/06/2008 16:24
Company: Panda Security, S.L.
----------
Key: Planificateur LiveUpdate automatique
ImagePath: "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [file not found to scan]
----------
Key: PLFlash DeviceIoControl Service
ImagePath: C:\Windows\system32\IoctlSvc.exe
C:\Windows\system32\IoctlSvc.exe
81920 bytes
Created: 19/12/2006 08:30
Modified: 19/12/2006 08:30
Company: Prolific Technology Inc.
----------
Key: PSDFilter
ImagePath: system32\DRIVERS\psdfilter.sys
C:\Windows\system32\DRIVERS\psdfilter.sys
20776 bytes
Created: 25/04/2007 16:34
Modified: 25/04/2007 16:34
Company: HiTRUST
----------
Key: PSDNServ
ImagePath: system32\drivers\PSDNServ.sys
C:\Windows\system32\drivers\PSDNServ.sys
16680 bytes
Created: 25/04/2007 16:34
Modified: 25/04/2007 16:34
Company: HiTRUST
----------
Key: psdvdisk
ImagePath: system32\drivers\psdvdisk.sys
C:\Windows\system32\drivers\psdvdisk.sys
60712 bytes
Created: 25/04/2007 16:34
Modified: 25/04/2007 16:34
Company: HiTRUST
----------
Key: RichVideo
ImagePath: "C:\Program Files\CyberLink\Shared Files\RichVideo.exe"
C:\Program Files\CyberLink\Shared Files\RichVideo.exe
262247 bytes
Created: 03/12/2007 10:02
Modified: 19/07/2006 19:36
Company:
----------
Key: RTSTOR
ImagePath: system32\drivers\RTSTOR.SYS
C:\Windows\system32\drivers\RTSTOR.SYS
62464 bytes
Created: 29/05/2008 21:56
Modified: 14/10/2008 21:21
Company: Realtek Semiconductor Corp.
----------
Key: SASDIFSV
ImagePath: \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS
8944 bytes
Created: 15/01/2009 16:17
Modified: 15/01/2009 16:17
Company: SUPERAdBlocker.com and SUPERAntiSpyware.com
----------
Key: SASENUM
ImagePath: \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
C:\Program Files\SUPERAntiSpyware\SASENUM.SYS
-R- 7408 bytes
Created: 15/01/2009 16:17
Modified: 15/01/2009 16:17
Company: SUPERAdBlocker.com and SUPERAntiSpyware.com
----------
Key: SASKUTIL
ImagePath: \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys
55024 bytes
Created: 15/01/2009 16:17
Modified: 15/01/2009 16:17
Company: SUPERAdBlocker.com and SUPERAntiSpyware.com
----------
Key: sptd
ImagePath: System32\Drivers\sptd.sys - this file is globally excluded
----------
Key: SQLAgent$SONY_MEDIAMGR
ImagePath: C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE -i SONY_MEDIAMGR
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlagent.EXE
311872 bytes
Created: 17/12/2002 17:23
Modified: 17/12/2002 17:23
Company: Microsoft Corporation
----------
Key: ssm_bus
ImagePath: system32\DRIVERS\ssm_bus.sys
C:\Windows\system32\DRIVERS\ssm_bus.sys
83592 bytes
Created: 29/05/2008 22:16
Modified: 02/05/2007 10:12
Company: MCCI Corporation
----------
Key: ssm_mdfl
ImagePath: system32\DRIVERS\ssm_mdfl.sys
C:\Windows\system32\DRIVERS\ssm_mdfl.sys
15112 bytes
Created: 29/05/2008 22:16
Modified: 02/05/2007 10:12
Company: MCCI Corporation
----------
Key: ssm_mdm
ImagePath: system32\DRIVERS\ssm_mdm.sys
C:\Windows\system32\DRIVERS\ssm_mdm.sys
109704 bytes
Created: 29/05/2008 22:16
Modified: 02/05/2007 10:12
Company: MCCI Corporation
----------
Key: StarWindServiceAE
ImagePath: C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
275968 bytes
Created: 28/05/2007 17:57
Modified: 28/05/2007 17:57
Company: Rocket Division Software
----------
Key: Steam Client Service
ImagePath: C:\Program Files\Common Files\Steam\SteamService.exe /RunAsService
C:\Program Files\Common Files\Steam\SteamService.exe
316664 bytes
Created: 29/05/2008 00:19
Modified: 04/02/2009 03:22
Company: Valve Corporation
----------
Key: usnjsvc
ImagePath: "C:\Program Files\Windows Live\Messenger\usnsvc.exe"
C:\Program Files\Windows Live\Messenger\usnsvc.exe
98328 bytes
Created: 18/10/2007 11:31
Modified: 18/10/2007 11:31
Company: Microsoft Corporation
----------
Key: VX1000
ImagePath: system32\DRIVERS\VX1000.sys
C:\Windows\system32\DRIVERS\VX1000.sys
1964432 bytes
Created: 04/08/2008 15:22
Modified: 04/08/2008 15:22
Company: Microsoft Corporation
----------
Key: Wd
ImagePath: system32\drivers\wd.sys
C:\Windows\system32\drivers\wd.sys
22072 bytes
Created: 30/05/2008 04:43
Modified: 18/01/2008 22:41
Company: Microsoft Corporation
----------
Key: WLSetupSvc
ImagePath: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe"
C:\Program Files\Windows Live\installer\WLSetupSvc.exe
266240 bytes
Created: 25/10/2007 15:27
Modified: 25/10/2007 15:27
Company: Microsoft Corporation
----------
Key: WpdUsb
ImagePath: system32\DRIVERS\wpdusb.sys
C:\Windows\system32\DRIVERS\wpdusb.sys
39936 bytes
Created: 30/05/2008 04:43
Modified: 18/01/2008 21:04
Company: Microsoft Corporation
----------
Key: XDva224
ImagePath: \??\C:\Windows\system32\XDva224.sys
C:\Windows\system32\XDva224.sys [file not found to scan]
----------
Key: XPADFL02
ImagePath: system32\DRIVERS\xpadfl02.sys
C:\Windows\system32\DRIVERS\xpadfl02.sys
27904 bytes
Created: 17/02/2009 02:10
Modified: 24/12/2006 05:15
Company: Compuware Corporation
----------
Key: xusb21
ImagePath: system32\DRIVERS\xusb21.sys
C:\Windows\system32\DRIVERS\xusb21.sys
55808 bytes
Created: 28/08/2007 17:05
Modified: 28/08/2007 17:05
Company: Microsoft Corporation
----------

************************************************************
23:16:51: Scanning -----VXD ENTRIES-----
Checking the following VxD entries:

************************************************************
23:16:51: Scanning ----- WINLOGON\NOTIFY DLLS -----
Key : !SASWinLogon
DLLName: C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
356352 bytes
Created: 22/12/2008 11:05
Modified: 22/12/2008 11:05
Company: SUPERAntiSpyware.com
----------

************************************************************
23:16:51: Scanning ----- CONTEXTMENUHANDLERS -----
Key: Cover Designer
CLSID: {73FCA462-9BD5-4065-A73F-A8E5F6904EF7}
Path: C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
2667816 bytes
Created: 06/11/2008 09:40
Modified: 06/11/2008 09:40
Company: Nero AG
----------
Key: EDSshellExt
CLSID: {29FF7AB0-BE34-4992-A30B-53A9D86EE239}
File: [CLSID does not appear to reference a file]
----------
Key: McCtxMenu
CLSID: {01576F39-90DE-4D6E-A068-5B20C22BAAEE}
Path: c:\PROGRA~1\mcafee\VIRUSS~1\mcctxmnu.dll
c:\PROGRA~1\mcafee\VIRUSS~1\mcctxmnu.dll
165192 bytes
Created: 28/05/2008 10:17
Modified: 07/11/2007 08:35
Company: McAfee, Inc.
----------
Key: {100BD527-7304-4b7f-BEE2-26D97B04EBA4}
CLSID: {100BD527-7304-4b7f-BEE2-26D97B04EBA4}
File: [CLSID does not appear to reference a file]
----------
Key: {CA8ACAFA-5FBB-467B-B348-90DD488DE003}
Path: C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL
C:\Program Files\SUPERAntiSpyware\SASCTXMN.DLL
61440 bytes
Created: 27/02/2007 11:39
Modified: 27/02/2007 11:39
Company: SUPERAntiSpyware.com
----------

************************************************************
23:16:51: Scanning ----- FOLDER\COLUMNHANDLERS -----
Key: {7D4D6379-F301-4311-BEBA-E26EB0561882}
File: C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll
C:\Program Files\Common Files\Nero\Lib\NeroDigitalExt.dll
1946920 bytes
Created: 05/03/2008 10:41
Modified: 05/03/2008 10:41
Company: Nero AG
----------

************************************************************
23:16:51: Scanning ----- BROWSER HELPER OBJECTS -----
Key: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
BHO: C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
62080 bytes
Created: 22/10/2006 23:08
Modified: 22/10/2006 23:08
Company: Adobe Systems Incorporated
----------
Key: {377C180E-6F0E-4D4C-980F-F45BD3D40CF4}
BHO: c:\PROGRA~1\mcafee\msk\mcapbho.dll
c:\PROGRA~1\mcafee\msk\mcapbho.dll
324936 bytes
Created: 28/05/2008 10:17
Modified: 26/11/2007 09:46
Company: McAfee, Inc.
----------
Key: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}
BHO: C:\Users\abdel\Documents\Mes fichiers reçus\BitComet\tools\BitCometBHO_1.2.8.7.dll
C:\Users\abdel\Documents\Mes fichiers reçus\BitComet\tools\BitCometBHO_1.2.8.7.dll
656696 bytes
Created: 11/08/2008 09:12
Modified: 11/08/2008 09:12
Company: BitComet
----------
Key: {7DB2D5A0-7241-4E79-B68D-6309F01C5231}
BHO: C:\Program Files\McAfee\VirusScan\scriptsn.dll
C:\Program Files\McAfee\VirusScan\scriptsn.dll
58688 bytes
Created: 28/05/2008 10:16
Modified: 09/11/2007 11:09
Company: McAfee, Inc.
----------
Key: {9030D464-4C02-4ABF-8ECC-5164760863C6}
BHO: C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
408952 bytes
Created: 18/11/2008 13:47
Modified: 18/11/2008 13:47
Company: Microsoft Corporation
----------
Key: {B164E929-A1B6-4A06-B104-2CD0E90A88FF}
BHO: c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
150032 bytes
Created: 03/10/2008 16:51
Modified: 14/11/2008 12:25
Company: McAfee, Inc.
----------
Key: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}
BHO: C:\Program Files\Windows Live Toolbar\msntb.dll
C:\Program Files\Windows Live Toolbar\msntb.dll
546320 bytes
Created: 19/10/2007 11:20
Modified: 19/10/2007 11:20
Company: Microsoft Corporation
----------
Key: {DBC80044-A445-435b-BC74-9C25C1C588A9}
BHO: C:\Program Files\Java\jre6\bin\jp2ssv.dll
C:\Program Files\Java\jre6\bin\jp2ssv.dll
35840 bytes
Created: 11/02/2009 12:14
Modified: 11/02/2009 12:14
Company: Sun Microsystems, Inc.
----------

************************************************************
23:16:52: Scanning ----- SHELLSERVICEOBJECTS -----

************************************************************
23:16:52: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----

************************************************************
23:16:52: Scanning ----- IMAGEFILE DEBUGGERS -----
No "Debugger" entries found.

************************************************************
23:16:52: Scanning ----- APPINIT_DLLS -----
The AppInit_DLLs value is blank or does not exist

************************************************************
23:16:52: Scanning ----- SECURITY PROVIDER DLLS -----

************************************************************
23:16:52: Scanning ------ COMMON STARTUP GROUP ------
[C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup]
The Common Startup Group attempts to load the following file(s) at boot time:
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 02/11/2006 13:50
Modified: 30/05/2008 05:25
Company: [no info]
--------------------

************************************************************
23:16:52: Scanning ----- USER STARTUP GROUPS -----
Checking Startup Group for: abdel
[C:\Users\abdel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\abdel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 24/09/2008 09:45
Modified: 24/09/2008 09:45
Company: [no info]
----------
--------------------
Checking Startup Group for: Administrateur
[C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\Administrateur\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 08/11/2008 05:56
Modified: 08/11/2008 05:56
Company: [no info]
----------
--------------------
Checking Startup Group for: Defwa
[C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 27/05/2008 06:43
Modified: 27/05/2008 06:43
Company: [no info]
----------
--------------------
Checking Startup Group for: Invité
[C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup]
C:\Users\Invité\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
-HS- 174 bytes
Created: 27/05/2008 13:55
Modified: 27/05/2008 13:55
Company: [no info]
----------
--------------------

************************************************************
23:16:53: Scanning ----- SCHEDULED TASKS -----
Taskname: GoogleUpdateTaskUserS-1-5-21-3216112886-2128621009-2818871445-1000.job
File: C:\Users\Defwa\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Users\Defwa\AppData\Local\Google\Update\GoogleUpdate.exe
133104 bytes
Created: 02/09/2008 20:18
Modified: 02/09/2008 20:18
Company: Google Inc.
Parameters: /c
Next Run Time: Never
Status: La tâche est prête à s'exécuter à l'heure prévue
Creator: Defwa
Comments: Keeps your Google software up to date. If this task is disabled or stopped, your Google software will not be kept up to date, meaning security vulnerabilities that may arise cannot be fixed and features may not work. This task uninstalls itself when there is no Google software using it.
----------
Taskname: McDefragTask.job
File: c:\PROGRA~1\mcafee\mqc\QcConsol.exe
c:\PROGRA~1\mcafee\mqc\QcConsol.exe
222496 bytes
Created: 28/05/2008 10:16
Modified: 04/12/2007 12:32
Company: McAfee, Inc.
Parameters: "C:\Windows\system32\defrag.exe" C: -f
Next Run Time: 15/03/2009 01:00:00
Status: La tâche est prête à s'exécuter à l'heure prévue
Creator: Defwa
Comments: Défragmenteur de disque
----------
Taskname: McQcTask.job
File: c:\PROGRA~1\mcafee\mqc\QcConsol.exe
c:\PROGRA~1\mcafee\mqc\QcConsol.exe
222496 bytes
Created: 28/05/2008 10:16
Modified: 04/12/2007 12:32
Company: McAfee, Inc.
Parameters: 14 0
Next Run Time: 01/03/2009 01:00:00
Status: La tâche est prête à s'exécuter à l'heure prévue
Creator: Defwa
Comments: McAfee McAfee QuickClean
----------
Taskname: User_Feed_Synchronization-{D421D5AD-E81F-4DB2-A942-F4058BACD576}.job
File: C:\Windows\system32\msfeedssync.exe
C:\Windows\system32\msfeedssync.exe
12800 bytes
Created: 30/05/2008 04:44
Modified: 18/01/2008 22:33
Company: Microsoft Corporation
Parameters: sync
Next Run Time: 18/02/2009 21:22:00
Status: La tâche est prête à s'exécuter à l'heure prévue
Creator: Defwa
Comments: Updates out-of-date system feeds.
----------
Taskname: Vérifier les mises à jour de Windows Live Toolbar.job
File: C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
99856 bytes
Created: 19/10/2007 11:20
Modified: 19/10/2007 11:20
Company: Microsoft Corporation
Parameters: [blank]
Next Run Time: 17/02/2009 23:35:00
Status: La tâche est prête à s'exécuter à l'heure prévue
Creator: Defwa
Comments: [blank]
----------

************************************************************
23:16:53: Scanning ----- SHELLICONOVERLAYIDENTIFIERS -----
No ShellIconOverlayIdentifiers Registry key found to scan

************************************************************
23:16:53: ----- ADDITIONAL CHECKS -----
Heuristic checks for hidden files/drivers completed
----------
Layered Service Provider entries checks completed
----------
Windows Explorer Policies checks completed
----------
Desktop Wallpaper: C:\Users\Defwa\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
67789 bytes
Created: 14/02/2009 19:45
Modified: 14/02/2009 19:45
Company: [no info]
----------
Web Desktop Wallpaper: %APPDATA%\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows Photo Gallery\Papier peint de la Galerie de photos Windows.jpg
67789 bytes
Created: 14/02/2009 19:45
Modified: 14/02/2009 19:45
Company: [no info]
----------
Checks for rogue DNS NameServers completed
----------
----------
Additional checks completed

************************************************************
23:16:54: Scanning ----- RUNNING PROCESSES -----

C:\Windows\System32\smss.exe
--------------------
C:\Windows\system32\csrss.exe
--------------------
C:\Windows\system32\wininit.exe
--------------------
C:\Windows\system32\services.exe
--------------------
C:\Windows\system32\lsass.exe
--------------------
C:\Windows\system32\lsm.exe
--------------------
C:\Windows\system32\svchost.exe
--------------------
C:\Windows\system32\nvvsvc.exe - file already scanned
--------------------
C:\Windows\system32\svchost.exe - file already scanned
--------------------
C:\Windows\System32\svchost.exe - file already scanned
--------------------
C:\Windows\System32\svchost.exe - file already scanned
--------------------
C:\Windows\System32\svchost.exe - file already scanned
--------------------
C:\Windows\system32\svchost.exe - file already scanned
--------------------
C:\Windows\system32\SLsvc.exe
--------------------
C:\Windows\system32\svchost.exe - file already scanned
--------------------
C:\Windows\system32\svchost.exe - file already scanned
--------------------
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe - file already scanned
--------------------
C:\Windows\System32\spoolsv.exe
--------------------
C:\Windows\system32\svchost.exe - file already scanned
--------------------
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe - file already scanned
--------------------
C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe - file already scanned
--------------------
C:\Windows\system32\libusbd-nt.exe - file already scanned
--------------------
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
--------------------
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe - file already scanned
--------------------
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe - file already scanned
--------------------
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe - file already scanned
--------------------
C:\Program Files\McAfee\MPF\MPFSrv.exe - file already scanned
--------------------
C:\Program Files\Microsoft LifeCam\MSCamS32.exe - file already scanned
--------------------
C:\Program Files\McAfee\MSK\MskSrver.exe - file already scanned
--------------------
C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe - file already scanned
--------------------
C:\Program Files\CDBurnerXP\NMSAccessU.exe - file already scanned
--------------------
C:\Windows\system32\IoctlSvc.exe - file already scanned
--------------------
C:\Windows\system32\svchost.exe - file already scanned
--------------------
C:\Program Files\CyberLink\Shared Files\RichVideo.exe - file already scanned
--------------------
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe - file already scanned
--------------------
C:\Windows\system32\svchost.exe - file already scanned
--------------------
C:\Windows\System32\svchost.exe - file already scanned
--------------------
C:\Windows\system32\SearchIndexer.exe
--------------------
C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe - file already scanned
--------------------
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe - file already scanned
--------------------
C:\Program Files\Windows Media Player\wmpnetwk.exe
--------------------
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe - file already scanned
--------------------
C:\Windows\system32\wbem\wmiprvse.exe
--------------------
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe - file already scanned
--------------------
C:\Windows\system32\taskeng.exe
--------------------
C:\Windows\system32\csrss.exe
--------------------
C:\Windows\system32\winlogon.exe
--------------------
C:\Windows\system32\rundll32.exe
--------------------
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
--------------------
C:\Windows\system32\Dwm.exe
--------------------
C:\Windows\system32\taskeng.exe
--------------------
C:\Windows\System32\nvraidservice.exe - file already scanned
--------------------
C:\Program Files\Microsoft IntelliType Pro\itype.exe - file already scanned
--------------------
C:\Program Files\Microsoft IntelliPoint\ipoint.exe - file already scanned
--------------------
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe - file already scanned
--------------------
C:\Program Files\Java\jre6\bin\jusched.exe - file already scanned
--------------------
C:\Windows\System32\rundll32.exe
--------------------
C:\Program Files\RocketDock\RocketDock.exe - file already scanned
--------------------
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
--------------------
C:\Windows\system32\wbem\wmiprvse.exe
--------------------
C:\Program Files\Rainlendar2\Rainlendar2.exe - file already scanned
--------------------
C:\Windows\system32\wbem\unsecapp.exe
--------------------
C:\Program Files\Windows Media Player\wmpnscfg.exe
--------------------
C:\Windows\System32\mobsync.exe
--------------------
C:\Windows\explorer.exe - file already scanned
--------------------
C:\Program Files\Windows Live\Messenger\usnsvc.exe - file already scanned
--------------------
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
--------------------
C:\Program Files\Mozilla Firefox\firefox.exe
--------------------
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
--------------------
C:\Program Files\Trojan Remover\Rmvtrjan.exe
FileSize: 2937720
[This is a Trojan Remover component]
--------------------
C:\Windows\system32\taskeng.exe
--------------------

************************************************************
23:16:56: Checking HOSTS file
No malicious entries were found in the HOSTS file

************************************************************
------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
HKLM\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://fr.yahoo.com/
HKLM\Software\Microsoft\Internet Explorer\Main\"Local Page":
%SystemRoot%\system32\blank.htm
HKLM\Software\Microsoft\Internet Explorer\Main\"Search Page":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Page_URL":
https://fr.yahoo.com/
HKLM\Software\Microsoft\Internet Explorer\Main\"Default_Search_URL":
https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
HKCU\Software\Microsoft\Internet Explorer\Main\"Start Page":
https://www.msn.com/fr-fr/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main\"Local Page":
C:\Windows\system32\blank.htm
HKCU\Software\Microsoft\Internet Explorer\Main\"Search Page":
http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
HKCU\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchasst.htm

************************************************************
=== NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES ===
Scan completed at: 23:16:56 17 févr. 2009
Total Scan time: 00:00:20
************************************************************
0
Réponse 32 / 35
probs Messages postés 45 Date d'inscription samedi 8 novembre 2008 Statut Membre Dernière intervention 26 février 2009
17 févr. 2009 à 23:19
Et enfin le nouveau hijackthis :





Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:19:16, on 17/02/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\System32\nvraidservice.exe
C:\Program Files\Microsoft IntelliType Pro\itype.exe
C:\Program Files\Microsoft IntelliPoint\ipoint.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
C:\Program Files\Rainlendar2\Rainlendar2.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\mobsync.exe
C:\Windows\explorer.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
c:\PROGRA~1\mcafee\msc\mcuimgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.search.yahoo.com/search?fr=mcafee&p=%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: 88.191.25.98 l2authd.lineage2.com
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Users\abdel\Documents\Mes fichiers reçus\BitComet\tools\BitCometBHO_1.2.8.7.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: (no name) - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - (no file)
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [NVRaidService] C:\Windows\system32\nvraidservice.exe
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe"
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TrojanScanner] C:\Program Files\Trojan Remover\Trjscan.exe /boot
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files\Rainlendar2\Rainlendar2.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Users\abdel\Documents\Mes fichiers reçus\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Users\abdel\Documents\Mes fichiers reçus\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Users\abdel\Documents\Mes fichiers reçus\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - (no file)
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Users\abdel\Documents\Mes fichiers reçus\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: LibUsb-Win32 - Daemon, Version 0.1.10.1 (libusbd) - http://libusb-win32.sourceforge.net - C:\Windows\system32\libusbd-nt.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Ma-Config Service (maconfservice) - CybelSoft - C:\Program Files\ma-config.com\maconfservice.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver.exe
O23 - Service: Nero BackItUp Scheduler 3 - Unknown owner - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Unknown owner - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe (file missing)
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
0
Réponse 33 / 35
pimprenelle27 Messages postés 20857 Date d'inscription lundi 10 décembre 2007 Statut Contributeur sécurité Dernière intervention 8 octobre 2019 2 502
17 févr. 2009 à 23:27
fait moi quand même un nouveau malware et SAS. Merci.
0
Réponse 34 / 35
probs Messages postés 45 Date d'inscription samedi 8 novembre 2008 Statut Membre Dernière intervention 26 février 2009
18 févr. 2009 à 02:45
Scan malwarebytes :



Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1765
Windows 6.0.6001 Service Pack 1

18/02/2009 01:29:44
mbam-log-2009-02-18 (01-29-44).txt

Type de recherche: Examen complet (C:\|D:\|E:\|F:\|G:\|)
Eléments examinés: 289015
Temps écoulé: 1 hour(s), 59 minute(s), 16 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 0
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 0
Fichier(s) infecté(s): 0

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
(Aucun élément nuisible détecté)

Fichier(s) infecté(s):
(Aucun élément nuisible détecté)
0
Réponse 35 / 35
probs Messages postés 45 Date d'inscription samedi 8 novembre 2008 Statut Membre Dernière intervention 26 février 2009
18 févr. 2009 à 02:56
SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 02/18/2009 at 00:53 AM

Application Version : 4.25.1012

Core Rules Database Version : 3760
Trace Rules Database Version: 1722

Scan type : Complete Scan
Total Scan Time : 01:20:47

Memory items scanned : 763
Memory threats detected : 0
Registry items scanned : 8778
Registry threats detected : 0
File items scanned : 43042
File threats detected : 17

Adware.Tracking Cookie
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@smartadserver[2].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@adtech[1].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@advertising[1].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@atdmt[3].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@fr.classic.clickintext[1].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@himedia.individuad[2].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@clickintext[1].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@advertstream[2].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@track.effiliation[1].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@msnportal.112.2o7[2].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@tracking.publicidees[1].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@tradedoubler[1].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@ad.zanox[1].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@xiti[1].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@smartadserver[1].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@atdmt[2].txt
C:\Users\Defwa\AppData\Roaming\Microsoft\Windows\Cookies\defwa@msnportal.112.2o7[1].txt
0

Discussions similaires

Acces à snapchat temporairement désactivé
Anto_1234 -
Tom888_ -

91 réponses
Indicateur d’activité sur Snapchat
Dominique -
Dominique -

0 réponse
Combien de temps dure le sablier Snapchat ?
Snapeeejdvjz -
shashanouu -

7 réponses
Quel est le délai de validation sur Le Bon coin?
Ddaavviid -
jeanbern -

1 réponse
Je tiens combien de temps avec 2Go d'internet ?
champi100 -
dadout -

7 réponses