Sujet Précédent Sujet Suivant

Probleme de virus

secro -  
 secro -
Bonjour,
j'ai telechargé un film sous limewire dès qu'il etait terminé en chargement sans que je le visionne dans mon dossier musique il m'a ralenti mon pc et je n'arrive pas a supprimer ce fichier de maniere classique pouvez vos m'indiquer la procedure comme anti virus j'ai antivir
merci
A voir également:

43 réponses

Réponse 1 / 43
secro
 
cel fait 8 heures que le scan tourne et ce n est pas encore fini es ce normal ?et comment faire pour oter le fichier de 660 Mdans le dossier incomplete
1
Réponse 2 / 43
secro
 
voila j'ai fait ce que tu m'a dit j'ai coché les fichiers et redemarer et maintenant svp merci
1
Réponse 3 / 43
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Bonjour,
Tu n'as pas peur de te faire prendre en téléchargeant illégalement avec la nouvelle lois?

Pour commencer : faire un petit nettoyage de l'ordi et du registre avec Ccleaner, regarde bien le Tuto CCleaner

Ensuite :

Télécharge le fichier d'installation d'HijackThis.

Enregistre HJTInstall.exe sur ton bureau.

Renomme Hijackthis en Tutu

Double-clique sur HJTInstall.exe (tutu) pour lancer le programme

Par défaut, il s'installera là :
C:\Program Files\Trend Micro\HijackThis

Accepte la licence en cliquant sur le bouton "I Accept"

Choisis l'option "Do a system scan and save a log file"

Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note

Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport

Colle le rapport que tu viens de copier sur ce forum

Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement

Tutoriaux (ne fixe rien pour le moment !!)

Pour ceux qui ont vista, ne pas oublier de désactiver Le contrôle des comptes utilisateurs
0
Réponse 4 / 43
secro
 
voici le bloc note
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:41:56, on 14/03/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek Semiconductor Corp\Realtek Card Reader Monitor\CardReaderMonitor.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [CardReaderMonitor] C:\Program Files\Realtek Semiconductor Corp.\Realtek Card Reader Monitor\CardReaderMonitor.exe
O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
O4 - Global Startup: e-Carte Bleue Banque Populaire.lnk = C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 43
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Fait ceci et poste moi le rapport à la suite de la question êtes vous aider par quelqu'un, répondre oui. Merci.

Télécharge GenProc sur ton bureau (Attention le fichier est un fichier zip)
Dézippe le dossier, double-clique sur GenProc.bat
En final, poste le contenu du rapport qui s'affiche.
Comment utiliser GenProc

Pour ceux qui ont vista, ne pas oublier de désactiver Le contrôle des comptes utilisateurs

IMPORTANT : poste le rapport et ne fais rien d'autre pour l'instant ( souvent il faut ajouter des consignes à la manipe indiquée pour que cela fonctionne parfaitement )

0
Réponse 6 / 43
secro
 
voila si tu t en sort

Rapport GenProc 2.431 [1] - 14/03/2009 à 20:23:21 - Windows Vista

GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :

Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
- coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
- C:\Program Files\EsetOnlineScanner\log.txt

----------------------------------------------------------------------
Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
----------------------------------------------------------------------
0
Réponse 7 / 43
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
ok rien détecté, maintenant fait ceci :

Telecharge malwarebytes

NB : S'il te manque COMCTL32.OCX alors télécharge le ici

Tu l´instale; le programme va se mettre automatiquement a jour.

Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

Puis click sur "rechercher".

Laisse le scanner le pc...

Si des elements on ete trouvés > click sur supprimer la selection.

si il t´es demandé de redemarrer > click sur "yes".

A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
Copie et colle le rapport stp.

PS : les rapport sont aussi rangé dans l onglet rapport/log

Tutoriaux

0
Réponse 8 / 43
secro
 
voila
Malwarebytes' Anti-Malware 1.34
Version de la base de données: 1848
Windows 6.0.6001 Service Pack 1

14/03/2009 21:27:47
mbam-log-2009-03-14 (21-27-47).txt

Type de recherche: Examen complet (C:\|)
Eléments examinés: 169785
Temps écoulé: 55 minute(s), 11 second(s)

Processus mémoire infecté(s): 0
Module(s) mémoire infecté(s): 0
Clé(s) du Registre infectée(s): 5
Valeur(s) du Registre infectée(s): 0
Elément(s) de données du Registre infecté(s): 0
Dossier(s) infecté(s): 1
Fichier(s) infecté(s): 2

Processus mémoire infecté(s):
(Aucun élément nuisible détecté)

Module(s) mémoire infecté(s):
(Aucun élément nuisible détecté)

Clé(s) du Registre infectée(s):
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c80b7ff6-ce60-4079-935e-520c045c30a6} (Adware.EGDAccess) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Foxicle (Adware.Foxicle) -> Quarantined and deleted successfully.

Valeur(s) du Registre infectée(s):
(Aucun élément nuisible détecté)

Elément(s) de données du Registre infecté(s):
(Aucun élément nuisible détecté)

Dossier(s) infecté(s):
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

Fichier(s) infecté(s):
C:\Users\Schneider\AppData\Local\Temp\GenProc\GenProc\outil\curl.exe (Trojan.Agent) -> Quarantined and deleted successfully.
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.lnk (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
merci
0
Réponse 9 / 43
secro
 
le fichier defectueux se trouve dans le dossier incomplete et je n'arrive pas a le supprimer de maniere classique comment je peut faire merci
0
Réponse 10 / 43
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
ok maintenant fais ceci :

Pour commencer : faire un petit nettoyage de l'ordi et du registre avec Ccleaner, regarde bien le Tuto CCleaner

Télécharge Superantispyware (SAS)

Choisis "enregistrer" et enregistre-le sur ton bureau.

Double-clique sur l'icône d'installation qui vient de se créer et suis les instructions.

Créé une icône sur le bureau.

Double-clique sur l'icône de SAS (une tête dans un cercle rouge barré) pour le lancer.

- Si l'outil te demande de mettre à jour le programme ("update the program definitions", clique sur yes.
- Sous Configuration and Preferences, clique sur le bouton "Preferences"
- Clique sur l'onglet "Scanning Control "
- Dans "Scanner Options ", assure toi que la case devant lles lignes suivantes est cochée :

Close browsers before scanning
Scan for tracking cookies
Terminate memory threats before quarantining
- Laisse les autres lignes décochées.

- Clique sur le bouton "Close" pour quitter l'écran du centre de contrôle.

- Dans la fenêtre principale, clique, dans "Scan for Harmful Software", sur "Scan your computer".

Dans la colonne de gauche, coche C:\Fixed Drive.

Dans la colonne de droite, sous "Complete scan", clique sur "Perform Complete Scan"

Clique sur "next" pour lancer le scan. Patiente pendant la durée du scan.

A la fin du scan, une fenêtre de résultats s'ouvre . Clique sur OK.

Assure toi que toutes les lignes de la fenêtre blanche sont cochées et clique sur "Next".

Tout ce qui a été trouvé sera mis en quarantaine. S'il t'es demandé de redémarrer l'ordi ("reboot"), clique sur Yes.

Pour recopier les informations sur le forum, fais ceci :

- après le redémarrage de l'ordi, double-clique sur l'icône pour lancer SAS.
- Clique sur "Preferences" puis sur l'onglet "Statistics/Logs ".
- Dans "scanners logs", double-clique sur SUPERAntiSpyware Scan Log.

- Le rapport va s'ouvrir dans ton éditeur de texte par défaut.

- Copie son contenu dans ta réponse.

Regarde bien le tuto SUPERAntiSpyware il est très bien expliqué.

0
Réponse 11 / 43
secro
 
le superantispyware tourne depuis 8 heures es ce normal?
merci
0
Réponse 12 / 43
secro
 
qq'un peut il m aider
0
Réponse 13 / 43
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
oui c'est normale ça dépend des fichiers que tu as sur ton pc.
0
Réponse 14 / 43
secro
 
je n ai quasiment aucun fichier sur ce pc et cela fait 12 heures
0
Réponse 15 / 43
secro
 
Le files items ne bouge plus depuis 3 heures mais le scanning tourne tourne toujours
0
Réponse 16 / 43
secro
 
SUPERAntiSpyware Scan Log
https://www.superantispyware.com/

Generated 03/15/2009 at 12:18 PM

Application Version : 4.25.1014

Core Rules Database Version : 3795
Trace Rules Database Version: 1751

Scan type : Complete Scan
Total Scan Time : 12:38:00

Memory items scanned : 672
Memory threats detected : 0
Registry items scanned : 7122
Registry threats detected : 0
File items scanned : 1937742
File threats detected : 367

Adware.Tracking Cookie
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@ad.yieldmanager[1].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@adserver.qplaygames[1].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@adtech[1].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@advertising[2].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@atdmt[2].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@bluestreak[2].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@doubleclick[2].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@fastclick[1].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@fl01.ct2.comclick[1].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@guigoz.solution.weborama[2].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@imrworldwide[1].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@mediaplex[1].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@msnportal.112.2o7[1].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@server.cpmstar[1].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@smartadserver[1].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@statsweb.bnpparibas[1].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@tradedoubler[2].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@weborama[1].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@xiti[2].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\natividade@atdmt[2].txt
C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\natividade@bluestreak[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@ad.yieldmanager[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@adserver.qplaygames[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@adtech[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@advertising[2].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@atdmt[2].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@bluestreak[2].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@doubleclick[2].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@fastclick[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@fl01.ct2.comclick[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@guigoz.solution.weborama[2].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@imrworldwide[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@mediaplex[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@msnportal.112.2o7[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@server.cpmstar[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@smartadserver[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@statsweb.bnpparibas[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@tradedoubler[2].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@weborama[1].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@xiti[2].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\natividade@atdmt[2].txt
C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\natividade@bluestreak[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@ad.yieldmanager[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@adserver.qplaygames[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@adtech[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@advertising[2].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@atdmt[2].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@bluestreak[2].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@doubleclick[2].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@fastclick[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@fl01.ct2.comclick[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@guigoz.solution.weborama[2].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@imrworldwide[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@mediaplex[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@msnportal.112.2o7[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@server.cpmstar[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@smartadserver[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@statsweb.bnpparibas[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@tradedoubler[2].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@weborama[1].txt
C:\Documents and Settings\Natividade\Cookies\Low\natividade@xiti[2].txt
C:\Documents and Settings\Natividade\Cookies\natividade@atdmt[2].txt
C:\Documents and Settings\Natividade\Cookies\natividade@bluestreak[1].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@ad.yieldmanager[1].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adrevolver[2].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@ads.gamesbannernet[2].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adtech[1].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adv.ertisement[1].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@atdmt[1].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@bs.serving-sys[1].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@casalemedia[2].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@doubleclick[1].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@fl01.ct2.comclick[1].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[2].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[3].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@msnportal.112.2o7[1].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@server.cpmstar[2].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@serving-sys[2].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@sexetc[1].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@tradedoubler[2].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@tribalfusion[2].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[1].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[3].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[4].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[5].txt
C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@xiti[1].txt
.tradedoubler.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
fl01.ct2.comclick.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
fl01.ct2.comclick.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
fl01.ct2.comclick.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.hotbar.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
server.cpmstar.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
server.cpmstar.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.opodo.122.2o7.net [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.hotelopia.112.2o7.net [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@ad.yieldmanager[1].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@adrevolver[2].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@ads.gamesbannernet[2].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@adtech[1].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@adv.ertisement[1].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@atdmt[1].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@bs.serving-sys[1].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@casalemedia[2].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@doubleclick[1].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@fl01.ct2.comclick[1].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[2].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[3].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@msnportal.112.2o7[1].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@server.cpmstar[2].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@serving-sys[2].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@sexetc[1].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@tradedoubler[2].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@tribalfusion[2].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[1].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[3].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[4].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[5].txt
C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@xiti[1].txt
.tradedoubler.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.tradedoubler.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.doubleclick.net [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
fl01.ct2.comclick.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
fl01.ct2.comclick.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
fl01.ct2.comclick.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.atdmt.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.hotbar.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
www.googleadservices.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
server.cpmstar.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
server.cpmstar.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.opodo.122.2o7.net [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.hotelopia.112.2o7.net [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
C:\Documents and Settings\Yoann\Cookies\Low\yoann@ad.yieldmanager[1].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@adrevolver[2].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@ads.gamesbannernet[2].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@adtech[1].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@adv.ertisement[1].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@atdmt[1].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@bs.serving-sys[1].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@casalemedia[2].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@doubleclick[1].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@fl01.ct2.comclick[1].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@media.adrevolver[2].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@media.adrevolver[3].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@msnportal.112.2o7[1].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@server.cpmstar[2].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@serving-sys[2].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@sexetc[1].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@tradedoubler[2].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@tribalfusion[2].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@www.googleadservices[1].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@www.googleadservices[3].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@www.googleadservices[4].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@www.googleadservices[5].txt
C:\Documents and Settings\Yoann\Cookies\Low\yoann@xiti[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@2o7[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adtech[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@doubleclick[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@fl01.ct2.comclick[2].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@gamenextfr.oberon-media[2].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@msnportal.112.2o7[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@oberon-media[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@statse.webtrendslive[2].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@tradedoubler[2].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@2o7[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@adtech[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@doubleclick[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@fl01.ct2.comclick[2].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@gamenextfr.oberon-media[2].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@msnportal.112.2o7[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@oberon-media[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@statse.webtrendslive[2].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@tradedoubler[2].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@2o7[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@adtech[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@doubleclick[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@fl01.ct2.comclick[2].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@gamenextfr.oberon-media[2].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@msnportal.112.2o7[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@oberon-media[1].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@statse.webtrendslive[2].txt
C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@tradedoubler[2].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@ad.yieldmanager[1].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@adserver.qplaygames[1].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@adtech[1].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@advertising[2].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@atdmt[2].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@bluestreak[2].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@doubleclick[2].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@fastclick[1].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@fl01.ct2.comclick[1].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@guigoz.solution.weborama[2].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@imrworldwide[1].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@mediaplex[1].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@msnportal.112.2o7[1].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@server.cpmstar[1].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@smartadserver[1].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@statsweb.bnpparibas[1].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@tradedoubler[2].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@weborama[1].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@xiti[2].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\natividade@atdmt[2].txt
C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\natividade@bluestreak[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@ad.yieldmanager[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@adserver.qplaygames[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@adtech[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@advertising[2].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@atdmt[2].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@bluestreak[2].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@doubleclick[2].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@fastclick[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@fl01.ct2.comclick[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@guigoz.solution.weborama[2].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@imrworldwide[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@mediaplex[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@msnportal.112.2o7[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@server.cpmstar[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@smartadserver[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@statsweb.bnpparibas[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@tradedoubler[2].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@weborama[1].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@xiti[2].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\natividade@atdmt[2].txt
C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\natividade@bluestreak[1].txt
C:\Users\Natividade\Cookies\Low\natividade@ad.yieldmanager[1].txt
C:\Users\Natividade\Cookies\Low\natividade@adserver.qplaygames[1].txt
C:\Users\Natividade\Cookies\Low\natividade@adtech[1].txt
C:\Users\Natividade\Cookies\Low\natividade@advertising[2].txt
C:\Users\Natividade\Cookies\Low\natividade@atdmt[2].txt
C:\Users\Natividade\Cookies\Low\natividade@bluestreak[2].txt
C:\Users\Natividade\Cookies\Low\natividade@doubleclick[2].txt
C:\Users\Natividade\Cookies\Low\natividade@fastclick[1].txt
C:\Users\Natividade\Cookies\Low\natividade@fl01.ct2.comclick[1].txt
C:\Users\Natividade\Cookies\Low\natividade@guigoz.solution.weborama[2].txt
C:\Users\Natividade\Cookies\Low\natividade@imrworldwide[1].txt
C:\Users\Natividade\Cookies\Low\natividade@mediaplex[1].txt
C:\Users\Natividade\Cookies\Low\natividade@msnportal.112.2o7[1].txt
C:\Users\Natividade\Cookies\Low\natividade@server.cpmstar[1].txt
C:\Users\Natividade\Cookies\Low\natividade@smartadserver[1].txt
C:\Users\Natividade\Cookies\Low\natividade@statsweb.bnpparibas[1].txt
C:\Users\Natividade\Cookies\Low\natividade@tradedoubler[2].txt
C:\Users\Natividade\Cookies\Low\natividade@weborama[1].txt
C:\Users\Natividade\Cookies\Low\natividade@xiti[2].txt
C:\Users\Natividade\Cookies\natividade@atdmt[2].txt
C:\Users\Natividade\Cookies\natividade@bluestreak[1].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@ad.yieldmanager[1].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adrevolver[2].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@ads.gamesbannernet[2].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adtech[1].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adv.ertisement[1].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@atdmt[1].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@bs.serving-sys[1].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@casalemedia[2].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@doubleclick[1].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@fl01.ct2.comclick[1].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[2].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[3].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@msnportal.112.2o7[1].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@server.cpmstar[2].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@serving-sys[2].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@sexetc[1].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@tradedoubler[2].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@tribalfusion[2].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[1].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[3].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[4].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[5].txt
C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@xiti[1].txt
.tradedoubler.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.tradedoubler.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.tradedoubler.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.doubleclick.net [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
fl01.ct2.comclick.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
fl01.ct2.comclick.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
fl01.ct2.comclick.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.atdmt.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.hotbar.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
www.googleadservices.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
server.cpmstar.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
server.cpmstar.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.opodo.122.2o7.net [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.hotelopia.112.2o7.net [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@ad.yieldmanager[1].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@adrevolver[2].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@ads.gamesbannernet[2].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@adtech[1].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@adv.ertisement[1].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@atdmt[1].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@bs.serving-sys[1].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@casalemedia[2].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@doubleclick[1].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@fl01.ct2.comclick[1].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[2].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[3].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@msnportal.112.2o7[1].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@server.cpmstar[2].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@serving-sys[2].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@sexetc[1].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@tradedoubler[2].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@tribalfusion[2].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[1].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[3].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[4].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[5].txt
C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@xiti[1].txt
.tradedoubler.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.tradedoubler.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.tradedoubler.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.doubleclick.net [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
fl01.ct2.comclick.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
fl01.ct2.comclick.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
fl01.ct2.comclick.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.msnportal.112.2o7.net [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.atdmt.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.hotbar.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
ad.yieldmanager.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
www.googleadservices.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
server.cpmstar.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
server.cpmstar.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.opodo.122.2o7.net [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
.hotelopia.112.2o7.net [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
C:\Users\Yoann\Cookies\Low\yoann@ad.yieldmanager[1].txt
C:\Users\Yoann\Cookies\Low\yoann@adrevolver[2].txt
C:\Users\Yoann\Cookies\Low\yoann@ads.gamesbannernet[2].txt
C:\Users\Yoann\Cookies\Low\yoann@adtech[1].txt
C:\Users\Yoann\Cookies\Low\yoann@adv.ertisement[1].txt
voici le resultat

C:\Users\Yoann\Cookies\Low\yoann@atdmt[1].txt
C:\Users\Yoann\Cookies\Low\yoann@bs.serving-sys[1].txt
C:\Users\Yoann\Cookies\Low\yoann@casalemedia[2].txt
C:\Users\Yoann\Cookies\Low\yoann@doubleclick[1].txt
C:\Users\Yoann\Cookies\Low\yoann@fl01.ct2.comclick[1].txt
C:\Users\Yoann\Cookies\Low\yoann@media.adrevolver[2].txt
C:\Users\Yoann\Cookies\Low\yoann@media.adrevolver[3].txt
C:\Users\Yoann\Cookies\Low\yoann@msnportal.112.2o7[1].txt
C:\Users\Yoann\Cookies\Low\yoann@server.cpmstar[2].txt
C:\Users\Yoann\Cookies\Low\yoann@serving-sys[2].txt
C:\Users\Yoann\Cookies\Low\yoann@sexetc[1].txt
C:\Users\Yoann\Cookies\Low\yoann@tradedoubler[2].txt
C:\Users\Yoann\Cookies\Low\yoann@tribalfusion[2].txt
C:\Users\Yoann\Cookies\Low\yoann@www.googleadservices[1].txt
C:\Users\Yoann\Cookies\Low\yoann@www.googleadservices[3].txt
C:\Users\Yoann\Cookies\Low\yoann@www.googleadservices[4].txt
C:\Users\Yoann\Cookies\Low\yoann@www.googleadservices[5].txt
C:\Users\Yoann\Cookies\Low\yoann@xiti[1].txt
0
Réponse 17 / 43
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
il était bien fini? tu peux supprimer tout ce qu'il à trouvé, ensuite me faire ceci :

Télécharger RemoveIT Pro

Fais un scan et poste moi le full rapport log.
0
Réponse 18 / 43
secro
 
il m'a touvé trois virus dont deux dangeureux win 32.unknown random x et sys 32 regxpcom et je n'arrive pas a t envoyer le fichier le logiciel m'a demander un second scan et il m'a trouvé le troisieme virus et maintenant quand je redait le scan il ne trouve plus rien comment faire pour t envoyer le fichier
0
Réponse 19 / 43
secro
 
voici le fichier
RemoveIT Pro v4 - SE (Build date: 6.6.2008) full information log file.
Generated at: 15/03/2009 on 13:15:30
Microsoft Windows Vista Home Edition Service Pack 1 (Build 6001)
Author: Damjan Irgolic
https://www.incodesolutions.com/
support@incodesolutions.com

Running processes: (24)
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek Semiconductor Corp\Realtek Card Reader Monitor\CardReaderMonitor.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
C:\Program Files\Picasa2\PicasaMediaDetector.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\InCode Solutions\RemoveIT Pro v4 - SE\removeit.exe

Startup files:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Sidebar
[C:\Program Files\Windows Sidebar\sidebar.exe]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\SmpcSys
[C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ISUSPM
["C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ehTray.exe
[C:\Windows\ehome\ehTray.exe]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\swg
[C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\SUPERAntiSpyware
[C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Windows Defender
[%ProgramFiles%\Windows Defender\MSASCui.exe -hide]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SynTPEnh
[C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\CardReaderMonitor
[C:\Program Files\Realtek Semiconductor Corp.\Realtek Card Reader Monitor\CardReaderMonitor.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\
[]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\RoxWatchTray
["C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Google Desktop Search
["C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MSPService
[C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Picasa Media Detector
[C:\Program Files\Picasa2\PicasaMediaDetector.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\toolbar_eula_launcher
[C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched
["C:\Program Files\Java\jre6\bin\jusched.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\NvSvc
[RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\NvCplDaemon
[RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\NvMediaCenter
[RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Adobe Reader Speed Launcher
["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"]
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\avast!
[C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe]

Detail report: (86)
Clsid c:\progra~1\google\google~3\goec62~1.dll[2b55a02ab2bf30636ffc7aad9f9d95c5][113664]
Clsid c:\program files\superantispyware\saswinlo.dll[972edede23ac8d59aac0c09799c6f18a][356352]
Clsid C:\Windows\system32\iconcodecservice.dll[08578f3ca5365f896d90ce2bf97fd000][9728]
Proc C:\Program Files\Alwil Software\Avast4\ashDisp.exe[fc242dbd786557ac641726dc5c13f060][81000]
Proc C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[23518aa08d8b22cd27aa54fc21d0ac87][205480]
Proc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2d4040f03702e79f6fa98d2e76ba831f][17656]
Proc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[bf38c273c3ec524880af0aeb2e7ce160][232184]
Proc C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe[e26642c193b81f2aa06d6013d4e07d03][102400]
Proc C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[6542dc2e93bce4d4289fa70a4d367dc2][29744]
Proc C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[5d61be7db55b026a5d61a3eed09d0ead][39408]
Proc C:\Program Files\InCode Solutions\RemoveIT Pro v4 - SE\removeit.exe[1ec5a876a537b62f07c92e5bc8103149][550912]
Proc C:\Program Files\Java\jre6\bin\jusched.exe[b98ffa8288efaabc436c30d198608345][136600]
Proc C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe[b1d8669cd13163585ca133332edd60e3][1120568]
Proc C:\Program Files\Picasa2\PicasaMediaDetector.exe[0a44c06a0bb2ebc8b08df7039a2248d1][366400]
Proc C:\Program Files\Realtek Semiconductor Corp\Realtek Card Reader Monitor\CardReaderMonitor.exe[ff32c2770bd4ad29178b00e77f92197c][643072]
Proc C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[11afbca9eac51cf988918bffe935e6ee][1830128]
Proc C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[e4e99677636ef949b546a1751c9b3a35][845360]
Proc C:\Program Files\Windows Defender\MSASCui.exe[0d392ede3b97e0b3131b2f63ef1db94e][1008184]
Proc C:\Program Files\Windows Sidebar\sidebar.exe[fd278e51a7d6f52d22fce6c67e037ad6][1233920]
Proc C:\Windows\ehome\ehmsas.exe[0f4195b9b348de5cf9b822f81704b20e][37376]
Proc C:\Windows\ehome\ehtray.exe[bf08674925f151bd4537b89a493e3e0c][125952]
Proc C:\Windows\Explorer.EXE[4f554999d7d5f05daaebba7b5ba1089d][2927104]
Proc C:\Windows\system32\Dwm.exe[59903071d7ace6a02093c47e9e38af97][81920]
Proc C:\Windows\System32\rundll32.exe[4b555106290bd117334e9a08761c035a][44544]
Proc C:\Windows\system32\taskeng.exe[5f109032ce46b7184ed9e50f9fe8489e][169472]
RegRun c:\progra~1\alwils~1\avast4\ashdisp.exe[fc242dbd786557ac641726dc5c13f060][81000]
RegRun c:\program files\adobe\reader 9.0\reader\reader_sl.exe[452fa961163ef4aee4815796a13ab2cf][35696]
RegRun c:\program files\common files\installshield\updateservice\isuspm.exe [23518aa08d8b22cd27aa54fc21d0ac87][205480]
RegRun c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe[bf38c273c3ec524880af0aeb2e7ce160][232184]
RegRun c:\program files\cyberlink\magicsports\kernel\magicsports\mspmirage.exe[e26642c193b81f2aa06d6013d4e07d03][102400]
RegRun c:\program files\google\google desktop search\googledesktop.exe [6542dc2e93bce4d4289fa70a4d367dc2][29744]
RegRun c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe[5d61be7db55b026a5d61a3eed09d0ead][39408]
RegRun c:\program files\java\jre6\bin\jusched.exe[b98ffa8288efaabc436c30d198608345][136600]
RegRun c:\program files\packard bell\google_eula\eulalauncher.exe[a7a7ad08ba72ac90dcd5511ed895369b][28672]
RegRun c:\program files\packard bell\setupmypc\smpsys.exe[b1d8669cd13163585ca133332edd60e3][1120568]
RegRun c:\program files\picasa2\picasamediadetector.exe[0a44c06a0bb2ebc8b08df7039a2248d1][366400]
RegRun c:\program files\realtek semiconductor corp.\realtek card reader monitor\cardreadermonitor.exe[ff32c2770bd4ad29178b00e77f92197c][643072]
RegRun c:\program files\superantispyware\superantispyware.exe[11afbca9eac51cf988918bffe935e6ee][1830128]
RegRun c:\program files\synaptics\syntp\syntpenh.exe[e4e99677636ef949b546a1751c9b3a35][845360]
RegRun c:\program files\windows sidebar\sidebar.exe[fd278e51a7d6f52d22fce6c67e037ad6][1233920]
RegRun c:\windows\ehome\ehtray.exe[bf08674925f151bd4537b89a493e3e0c][125952]
RegRun c:\windows\system32\nvcpl.dll[217e2b91eaaeafdaff1db718b062c7a0][8497696]
RegRun c:\windows\system32\nvmctray.dll[7f493300e035fec8dbe031969b291766][81920]
RegRun c:\windows\system32\nvsvc.dll[48769100e4a0c3335f8c775be8bf9e34][86016]
Service c:\program files\alwil software\avast4\ashmaisv.exe [f09461c8eccace33c271cc229f11e281][254040]
Service c:\program files\alwil software\avast4\ashserv.exe[62889d40a3fb1a9012428e16fe0dc67a][138680]
Service c:\program files\alwil software\avast4\ashwebsv.exe [23ca3e54474ae5ffdbc0f97b9e1815db][352920]
Service c:\program files\alwil software\avast4\aswupdsv.exe[b4253776ee034f6770fcee32c28490b0][18752]
Service c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe[1cf03c69b49acb70c722df92755c0c8c][69632]
Service c:\program files\common files\microsoft shared\office12\odserv.exe[e54aa592a65f317390eee386a8821692][443776]
Service c:\program files\common files\microsoft shared\source engine\ose.exe[5a432a042dae460abe7199b758e8606c][145184]
Service c:\program files\common files\nero\nero backitup 4\nbservice.exe[b90e093e7a7250906f1054418b5339c0][935208]
Service c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe[9638e5820858593a12005c753b03ceae][887544]
Service c:\program files\common files\roxio shared\9.0\sharedcom\roxwatch9.exe[910fba95ee4f56449aa81315884c8efd][166648]
Service c:\program files\common files\surething shared\stllssvr.exe[51778fd315c9882f1cbd932743e62a72][73728]
Service c:\program files\cyberlink\shared files\richvideo.exe[c3162ac1b592ceb43abe2f972a7222d3][266343]
Service c:\program files\google\common\google updater\googleupdaterservice.exe[1bf044e23206fddc16891a32922d571b][137200]
Service c:\program files\google\google desktop search\googledesktop.exe[6542dc2e93bce4d4289fa70a4d367dc2][29744]
Service c:\program files\windows live\installer\wlsetupsvc.exe[94a85e956a065e23e0010a6a7826243b][266240]
Service c:\program files\windows live\messenger\usnsvc.exe[9d19b042a4fd5c02195071ea2fe0c821][98328]
Service c:\program files\windows media player\wmpnetwk.exe[3978704576a121a9204f8cc49a301a9b][896512]
Service c:\windows\ehome\ehrecvr.exe[9be3744d295a7701eb425332014f0797][292352]
Service c:\windows\ehome\ehsched.exe[ad1870c8e5d6dd340c829e6074bf3c3f][131072]
Service c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe[a4af4201bd519971f8f34724f3ca9dbb][70144]
Service c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe[e7cc3aeaed9893a88876744cd439f76c][864256]
Service c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe[f9102685f97f9ba85f4a70afcf722cfe][122880]
Service c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe[993883524aa9cf1c90e1545411a9ac9c][36864]
Service c:\windows\servicing\trustedinstaller.exe[16613a1bad034d4ecf957af18b7c2ff5][39424]
Service c:\windows\system32\alg.exe[a1545b731579895d8cc44fc0481c1192][59392]
Service c:\windows\system32\dfsr.exe[fa3463f25f9cc9c3bcf1e7912feff099][2091520]
Service c:\windows\system32\dllhost.exe [be01e566d1f569aab32d0335613e1eea][7168]
Service c:\windows\system32\locator.exe[5123f83cbc4349d065534eeb6bbdc42b][7680]
Service c:\windows\system32\lsass.exe[dcf733788c7d088d814e5f80eb4b3e0f][9728]
Service c:\windows\system32\msdtc.exe[fd7520cc3a80c5fc8c48852bb24c6ded][105984]
Service c:\windows\system32\searchindexer.exe [7778bdfa3f6f6fba0e75b9594098f737][439808]
Service c:\windows\system32\slsvc.exe[0ba91e1358ad25236863039bb2609a2e][2623488]
Service c:\windows\system32\snmptrap.exe[2a146a055b4401c16ee62d18b8e2a032][12800]
Service c:\windows\system32\spoolsv.exe[846cdf9a3cf4da9b306adfb7d55ee4c2][125952]
Service c:\windows\system32\svchost.exe [3794b461c45882e06856f282eef025af][21504]
Service c:\windows\system32\ui0detect.exe[ecef404f62863755951e09c802c94ad5][35840]
Service c:\windows\system32\vds.exe[b13bc395b9d6116628f5af47e0802ac4][382976]
Service c:\windows\system32\vssvc.exe[d5fb73d19c46ade183f968e13f186b23][1054720]
Service c:\windows\system32\wbem\wmiapsrv.exe[aba4cf9f856d9a3a25f4ddd7690a6e9d][137728]
Startup c:\programdata\microsoft\windows\start menu\programs\startup\desktop.ini[7f1698bab066b764a314a589d338daae][174]
Startup c:\users\schneider\appdata\roaming\microsoft\windows\start menu\programs\startup\desktop.ini[7f1698bab066b764a314a589d338daae][174]
System.ini c:\windows\system32\svchost.exe [3794b461c45882e06856f282eef025af][21504]

Startup folder: (2)
Startup name: desktop.ini
Command: C:\Users\Schneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
Startup name: desktop.ini
Command: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

Win.ini Startup: (1)
Path: No additional driver found!

Win.ini Startup: (1)
Path: No additional driver found!

Keyboard drivers: (1)
Name: No Keyboard Filter driver found!

Services: (141)
Service Name: Accès du périphérique d'interface utilisateur [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Acquisition d'image Windows (WIA) [Running],
Path: C:\Windows\system32\svchost.exe -k imgsvc
Service Name: Agent de protection d’accès réseau [Stopped],
Path: C:\Windows\System32\svchost.exe -k NetworkService
Service Name: Agent de stratégie IPsec [Running],
Path: C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
Service Name: Appel de procédure distante (RPC) [Running],
Path: C:\Windows\system32\svchost.exe -k rpcss
Service Name: Application système COM+ [Stopped],
Path: C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
Service Name: Assistance IP [Running],
Path: C:\Windows\System32\svchost.exe -k NetSvcs
Service Name: Assistance NetBIOS sur TCP/IP [Running],
Path: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Audio Windows [Running],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: avast! Antivirus [Running],
Path: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
Service Name: avast! iAVS4 Control Service [Running],
Path: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
Service Name: avast! Mail Scanner [Running],
Path: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
Service Name: avast! Web Scanner [Running],
Path: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
Service Name: Cache de police de Windows Presentation Foundation 3.0.0.0 [Stopped],
Path: C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
Service Name: Carte à puce [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Carte de performance WMI [Stopped],
Path: C:\Windows\system32\wbem\WmiApSrv.exe
Service Name: Centre de sécurité [Running],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Cliché instantané de volume [Stopped],
Path: C:\Windows\system32\vssvc.exe
Service Name: Client de stratégie de groupe [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Client de suivi de lien distribué [Running],
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Client DHCP [Running],
Path: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Client DNS [Running],
Path: C:\Windows\system32\svchost.exe -k NetworkService
Service Name: Collecteur d'événements de Windows [Stopped],
Path: C:\Windows\system32\svchost.exe -k NetworkService
Service Name: Configuration automatique de réseau câblé [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Configuration des services Terminal Server [Stopped],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Connaissance des emplacements réseau [Running],
Path: C:\Windows\System32\svchost.exe -k NetworkService
Service Name: Connexions réseau [Running],
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Contrôle parental [Running],
Path: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Coordinateur de transactions distribuées [Stopped],
Path: C:\Windows\System32\msdtc.exe
Service Name: Cyberlink RichVideo Service(CRVS) [Running],
Path: "C:\Program Files\CyberLink\Shared Files\RichVideo.exe"
Service Name: Découverte SSDP [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Détection de services interactifs [Stopped],
Path: C:\Windows\system32\UI0Detect.exe
Service Name: Détection matériel noyau [Running],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Disque virtuel [Stopped],
Path: C:\Windows\System32\vds.exe
Service Name: Emplacement protégé [Stopped],
Path: C:\Windows\system32\lsass.exe
Service Name: Énumérateur de bus IP PnP-X [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Expérience audio-vidéo haute qualité Windows [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Expérience d’application [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Explorateur d'ordinateurs [Running],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Fournisseur de cliché instantané de logiciel Microsoft [Stopped],
Path: C:\Windows\System32\svchost.exe -k swprv
Service Name: Générateur de points de terminaison du service Audio Windows [Running],
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Gestion à distance de Windows (Gestion WSM) [Stopped],
Path: C:\Windows\System32\svchost.exe -k NetworkService
Service Name: Gestion des clés et des certificats d'intégrité [Stopped],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Gestionnaire de comptes de sécurité [Running],
Path: C:\Windows\system32\lsass.exe
Service Name: Gestionnaire de connexion automatique d'accès distant [Stopped],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Gestionnaire de connexions d'accès distant [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Gestionnaire de sessions du Gestionnaire de fenêtrage [Running],
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Gestionnaire d'identité réseau homologue [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Google Desktop Manager 5.7.806.10245 [Stopped],
Path: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"
Service Name: Google Updater Service [Stopped],
Path: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
Service Name: Groupement de mise en réseau de pairs [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Horloge Windows [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Hôte de périphérique UPnP [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Hôte du fournisseur de découverte de fonctions [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Hôte système de diagnostics [Running],
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Informations d'application [Stopped],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Infrastructure de gestion Windows [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: InstallDriver Table Manager [Stopped],
Path: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
Service Name: Interruption SNMP [Stopped],
Path: C:\Windows\System32\snmptrap.exe
Service Name: Isolation de clé CNG [Running],
Path: C:\Windows\system32\lsass.exe
Service Name: Journal d’événements Windows [Running],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Journaux & alertes de performance [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Service Name: Lanceur de processus serveur DCOM [Running],
Path: C:\Windows\system32\svchost.exe -k DcomLaunch
Service Name: Lanceur des services Windows Media Center [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Service Name: Licence du logiciel [Running],
Path: C:\Windows\system32\SLsvc.exe
Service Name: Localisateur d'appels de procédure distante (RPC) [Stopped],
Path: C:\Windows\system32\locator.exe
Service Name: Mappage de découverte de topologie de la couche de liaison [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalService
Service Name: Microsoft .NET Framework NGEN v2.0.50727_X86 [Stopped],
Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
Service Name: Microsoft Office Diagnostics Service [Stopped],
Path: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
Service Name: Modules de génération de clés IKE et AuthIP [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Moteur de filtrage de base [Running],
Path: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Service Name: Nero BackItUp Scheduler 4.0 [Running],
Path: C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
Service Name: Netlogon [Stopped],
Path: C:\Windows\system32\lsass.exe
Service Name: Office Source Engine [Stopped],
Path: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
Service Name: Ouverture de session secondaire [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Pare-feu Windows [Running],
Path: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
Service Name: Partage de connexion Internet (ICS) [Stopped],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Planificateur de classes multimédias [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Planificateur de tâches [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Plug-and-Play [Running],
Path: C:\Windows\system32\svchost.exe -k DcomLaunch
Service Name: Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration [Stopped],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Programme d’installation de modules Windows [Stopped],
Path: C:\Windows\servicing\TrustedInstaller.exe
Service Name: Propagation du certificat [Stopped],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Protocole de résolution de noms d'homologues [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Protocole EAP (Extensible Authentication Protocol) [Running],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Publication des ressources de découverte de fonctions [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Registre à distance [Stopped],
Path: C:\Windows\system32\svchost.exe -k regsvc
Service Name: Réplication DFS [Stopped],
Path: C:\Windows\system32\DFSR.exe
Service Name: Routage et accès distant [Stopped],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Roxio Hard Drive Watcher 9 [Running],
Path: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe"
Service Name: RoxMediaDB9 [Running],
Path: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe"
Service Name: Sauvegarde Windows [Stopped],
Path: C:\Windows\system32\svchost.exe -k SDRSVC
Service Name: Serveur [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Serveur de priorités des threads [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Service de configuration automatique WLAN [Running],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Service de découverte automatique de Proxy Web pour les services HTTP Windows [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Service de l’Assistant Compatibilité des programmes [Running],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Service de la passerelle de la couche Application [Stopped],
Path: C:\Windows\System32\alg.exe
Service Name: Service de notification d’événements système [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Service de notification de l’interface utilisateur SL [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Service de partage de ports Net.Tcp [Stopped],
Path: "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
Service Name: Service de planification Windows Media Center [Stopped],
Path: C:\Windows\ehome\ehsched.exe
Service Name: Service de profil utilisateur [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Service de publication des noms d’ordinateurs PNRP [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
Service Name: Service de rapport d'erreurs Windows [Running],
Path: C:\Windows\System32\svchost.exe -k WerSvcGroup
Service Name: Service de réception Windows Media Center [Stopped],
Path: C:\Windows\ehome\ehRecvr.exe
Service Name: Service de stratégie de diagnostic [Running],
Path: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
Service Name: Service de transfert intelligent en arrière-plan [Running],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: Service Énumérateur d’appareil mobile [Running],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Service hôte WDIServiceHost [Stopped],
Path: C:\Windows\System32\svchost.exe -k wdisvc
Service Name: Service Initiateur iSCSI de Microsoft [Stopped],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Service Interface du magasin réseau [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Service KtmRm pour Distributed Transaction Coordinator [Running],
Path: C:\Windows\System32\svchost.exe -k NetworkService
Service Name: Service Liste des réseaux [Running],
Path: C:\Windows\System32\svchost.exe -k LocalService
Service Name: Service Messenger Sharing Folders USN Journal Reader [Stopped],
Path: "C:\Program Files\Windows Live\Messenger\usnsvc.exe"
Service Name: Service Panneau de saisie Tablet PC [Running],
Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Service Partage réseau du Lecteur Windows Media [Stopped],
Path: "C:\Program Files\Windows Media Player\wmpnetwk.exe"
Service Name: Service ReadyBoost [Running],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Service Windows Media Center Extender [Stopped],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Service SSTP (Secure Socket Tunneling Protocol) [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Services de base de module de plateforme sécurisée [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalService
Service Name: Services de chiffrement [Running],
Path: C:\Windows\system32\svchost.exe -k NetworkService
Service Name: Services Terminal Server [Running],
Path: C:\Windows\System32\svchost.exe -k NetworkService
Service Name: Spouleur d'impression [Running],
Path: C:\Windows\System32\spoolsv.exe
Service Name: Station de travail [Running],
Path: C:\Windows\System32\svchost.exe -k LocalService
Service Name: stllssvr [Stopped],
Path: "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"
Service Name: Stratégie de retrait de la carte à puce [Stopped],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Service Name: Superfetch [Running],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Système de couleurs Windows [Stopped],
Path: C:\Windows\system32\svchost.exe -k wcssvc
Service Name: Système d'événement COM+ [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Téléphonie [Running],
Path: C:\Windows\System32\svchost.exe -k NetworkService
Service Name: Thèmes [Running],
Path: C:\Windows\System32\svchost.exe -k netsvcs
Service Name: WebClient [Running],
Path: C:\Windows\system32\svchost.exe -k LocalService
Service Name: Windows CardSpace [Stopped],
Path: "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
Service Name: Windows Connect Now - Registre de configuration [Stopped],
Path: C:\Windows\System32\svchost.exe -k LocalService
Service Name: Windows Defender [Running],
Path: C:\Windows\System32\svchost.exe -k secsvcs
Service Name: Windows Driver Foundation - Infrastructure de pilote mode-utilisateur [Running],
Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
Service Name: Windows Installer [Stopped],
Path: C:\Windows\system32\msiexec /V
Service Name: Windows Live Setup Service [Stopped],
Path: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe"
Service Name: Windows Search [Running],
Path: C:\Windows\system32\SearchIndexer.exe /Embedding
Service Name: Windows Update [Running],
Path: C:\Windows\system32\svchost.exe -k netsvcs
Finished...
0
Réponse 20 / 43
pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 502
 
Je pense qu'il a du les supprimer mais regarde s'il ne sont pas en quarantaine. ensuite, tu va me faire un nouvel hijackthis et ceci pour m'assurer qu'il n'y a vraiment plus de virus :

Fais un scan en ligne avec Internet explorer
Rend toi sur ce site : https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan

Voici un tutoriel
0
secro
 
;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-03-15 16:18:26
PROTECTIONS: 2
MALWARE: 1
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Windows Defender 1.1.1505.0 No Yes
SUPERAntiSpyware 4, 25, 0, 1014 No Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00040722 adware/navipromo Adware No 1 Yes No hkey_current_user\software\mc
;===================================================================================================================================================================================
SUSPECTS
Sent Location x�/��{39
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description x�/��{39
;===================================================================================================================================================================================
;===================================================================================================================================================================================
0

Discussions similaires

Softonic,est-ce un virus ?
techmel1 -
techmel1 -

6 réponses
Désinstaller Softonic
Diguimette -
lilidurhone -

5 réponses
virus Artemis!
mabiche37 -
Malekal_morte- -

14 réponses
Message Apple virus !!
Souclik67 -
MPMP10 -

3 réponses