Probleme de virus

secro -  
 secro -
Bonjour,
j'ai telechargé un film sous limewire dès qu'il etait terminé en chargement sans que je le visionne dans mon dossier musique il m'a ralenti mon pc et je n'arrive pas a supprimer ce fichier de maniere classique pouvez vos m'indiquer la procedure comme anti virus j'ai antivir
merci
Configuration: Windows vista
Internet Explorer 6.0

43 réponses

  • 1
  • 2
  • 3
Résumé de la discussion

Un utilisateur signale qu’un téléchargement via LimeWire ralentit l’ordinateur et qu’un fichier reste difficile à supprimer, nécessitant une procédure de nettoyage sous Windows Vista et Internet Explorer 6.
Plusieurs solutions préconisent l’usage d’antivirus ou d’outils de détection en ligne, notamment Nod32 et Eset Online Scanner, afin d’identifier infections et éléments indésirables et de cookies potentiels.
Des rapports de scan suggèrent d’éviter une désinfection hâtive et d’analyser minutieusement les résultats, voire de consulter un spécialiste avant toute suppression manuelle ou utilisation d’autres outils notamment.
En pratique, les échanges révèlent que certains fichiers signalés peuvent être légitimes et que l’interprétation des résultats nécessite une vérification croisée, afin d’éviter des suppressions involontaires.

Généré automatiquement par IA
sur la base des meilleures réponses
  1. secro
     
    cel fait 8 heures que le scan tourne et ce n est pas encore fini es ce normal ?et comment faire pour oter le fichier de 660 Mdans le dossier incomplete
    1
  2. secro
     
    voila j'ai fait ce que tu m'a dit j'ai coché les fichiers et redemarer et maintenant svp merci
    1
  3. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    Bonjour,
    Tu n'as pas peur de te faire prendre en téléchargeant illégalement avec la nouvelle lois?

    Pour commencer : faire un petit nettoyage de l'ordi et du registre avec Ccleaner, regarde bien le Tuto CCleaner

    Ensuite :

    Télécharge le fichier d'installation d'HijackThis.

    Enregistre HJTInstall.exe sur ton bureau.

    Renomme Hijackthis en Tutu

    Double-clique sur HJTInstall.exe (tutu) pour lancer le programme

    Par défaut, il s'installera là :
    C:\Program Files\Trend Micro\HijackThis

    Accepte la licence en cliquant sur le bouton "I Accept"

    Choisis l'option "Do a system scan and save a log file"

    Clique sur "Save log" pour enregistrer le rapport qui s'ouvrira avec le bloc-note

    Clique sur "Edition -> Sélectionner tout", puis sur "Edition -> Copier" pour copier tout le contenu du rapport

    Colle le rapport que tu viens de copier sur ce forum

    Ne fixe encore AUCUNE ligne, cela pourrait empêcher ton PC de fonctionner correctement

    Tutoriaux (ne fixe rien pour le moment !!)

    Pour ceux qui ont vista, ne pas oublier de désactiver Le contrôle des comptes utilisateurs
    0
  4. secro
     
    voici le bloc note
    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:41:56, on 14/03/2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Realtek Semiconductor Corp\Realtek Card Reader Monitor\CardReaderMonitor.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\wpcumi.exe
    C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
    C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\mobsync.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
    O2 - BHO: CBrowserHelperObject Object - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Google\Google_BAE\BAE.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [CardReaderMonitor] C:\Program Files\Realtek Semiconductor Corp.\Realtek Card Reader Monitor\CardReaderMonitor.exe
    O4 - HKLM\..\Run: [RoxWatchTray] "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [MSPService] C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
    O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe
    O4 - HKLM\..\Run: [toolbar_eula_launcher] C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
    O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe
    O4 - HKCU\..\Run: [SmpcSys] C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'SERVICE LOCAL')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'SERVICE RÉSEAU')
    O4 - Global Startup: e-Carte Bleue Banque Populaire.lnk = C:\Program Files\e-Carte Bleue Banque Populaire\ecbl-nxbp.exe
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
    O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
    O13 - Gopher Prefix:
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL
    O23 - Service: Planificateur Avira AntiVir Personal - Free Antivirus (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
    O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
    O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    Fait ceci et poste moi le rapport à la suite de la question êtes vous aider par quelqu'un, répondre oui. Merci.

    Télécharge GenProc sur ton bureau (Attention le fichier est un fichier zip)
    Dézippe le dossier, double-clique sur GenProc.bat
    En final, poste le contenu du rapport qui s'affiche.
    Comment utiliser GenProc

    Pour ceux qui ont vista, ne pas oublier de désactiver Le contrôle des comptes utilisateurs

    IMPORTANT : poste le rapport et ne fais rien d'autre pour l'instant ( souvent il faut ajouter des consignes à la manipe indiquée pour que cela fonctionne parfaitement )

    0
  7. secro
     
    voila si tu t en sort

    Rapport GenProc 2.431 [1] - 14/03/2009 à 20:23:21 - Windows Vista

    GenProc n'a détecté aucune infection caractéristique et suggère de suivre la procédure suivante :

    Poste un rapport Nod32 https://www.eset.com/ (il faut utiliser Internet Explorer)
    - coche toutes les cases à chaque fois, et lorsque c'est terminé, colle le rapport :
    - C:\Program Files\EsetOnlineScanner\log.txt

    ----------------------------------------------------------------------
    Sites officiels GenProc : www.alt-shift-return.org et www.genproc.com
    ----------------------------------------------------------------------
    0
  8. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    ok rien détecté, maintenant fait ceci :

    Telecharge malwarebytes

    NB : S'il te manque COMCTL32.OCX alors télécharge le ici

    Tu l´instale; le programme va se mettre automatiquement a jour.

    Une fois a jour, le programme va se lancer; click sur l´onglet parametre, et coche la case : "Arreter internet explorer pendant la suppression".

    Click maintenant sur l´onglet recherche et coche la case : "executer un examen complet".

    Puis click sur "rechercher".

    Laisse le scanner le pc...

    Si des elements on ete trouvés > click sur supprimer la selection.

    si il t´es demandé de redemarrer > click sur "yes".

    A la fin un rapport va s´ouvrir; sauvegarde le de maniere a le retrouver en vu de le poster sur le forum.
    Copie et colle le rapport stp.

    PS : les rapport sont aussi rangé dans l onglet rapport/log

    Tutoriaux

    0
  9. secro
     
    voila
    Malwarebytes' Anti-Malware 1.34
    Version de la base de données: 1848
    Windows 6.0.6001 Service Pack 1

    14/03/2009 21:27:47
    mbam-log-2009-03-14 (21-27-47).txt

    Type de recherche: Examen complet (C:\|)
    Eléments examinés: 169785
    Temps écoulé: 55 minute(s), 11 second(s)

    Processus mémoire infecté(s): 0
    Module(s) mémoire infecté(s): 0
    Clé(s) du Registre infectée(s): 5
    Valeur(s) du Registre infectée(s): 0
    Elément(s) de données du Registre infecté(s): 0
    Dossier(s) infecté(s): 1
    Fichier(s) infecté(s): 2

    Processus mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Module(s) mémoire infecté(s):
    (Aucun élément nuisible détecté)

    Clé(s) du Registre infectée(s):
    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{c80b7ff6-ce60-4079-935e-520c045c30a6} (Adware.EGDAccess) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\MediaHoldings (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\PlayMP3 (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\fcn (Rogue.Residue) -> Quarantined and deleted successfully.
    HKEY_CURRENT_USER\SOFTWARE\Foxicle (Adware.Foxicle) -> Quarantined and deleted successfully.

    Valeur(s) du Registre infectée(s):
    (Aucun élément nuisible détecté)

    Elément(s) de données du Registre infecté(s):
    (Aucun élément nuisible détecté)

    Dossier(s) infecté(s):
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z (Adware.PlayMP3Z) -> Quarantined and deleted successfully.

    Fichier(s) infecté(s):
    C:\Users\Schneider\AppData\Local\Temp\GenProc\GenProc\outil\curl.exe (Trojan.Agent) -> Quarantined and deleted successfully.
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMP3z\Run PlayMP3z.lnk (Adware.PlayMP3Z) -> Quarantined and deleted successfully.
    merci
    0
  10. secro
     
    le fichier defectueux se trouve dans le dossier incomplete et je n'arrive pas a le supprimer de maniere classique comment je peut faire merci
    0
  11. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    ok maintenant fais ceci :

    Pour commencer : faire un petit nettoyage de l'ordi et du registre avec Ccleaner, regarde bien le Tuto CCleaner

    Télécharge Superantispyware (SAS)

    Choisis "enregistrer" et enregistre-le sur ton bureau.

    Double-clique sur l'icône d'installation qui vient de se créer et suis les instructions.

    Créé une icône sur le bureau.

    Double-clique sur l'icône de SAS (une tête dans un cercle rouge barré) pour le lancer.

    - Si l'outil te demande de mettre à jour le programme ("update the program definitions", clique sur yes.
    - Sous Configuration and Preferences, clique sur le bouton "Preferences"
    - Clique sur l'onglet "Scanning Control "
    - Dans "Scanner Options ", assure toi que la case devant lles lignes suivantes est cochée :

    Close browsers before scanning
    Scan for tracking cookies
    Terminate memory threats before quarantining
    - Laisse les autres lignes décochées.

    - Clique sur le bouton "Close" pour quitter l'écran du centre de contrôle.

    - Dans la fenêtre principale, clique, dans "Scan for Harmful Software", sur "Scan your computer".

    Dans la colonne de gauche, coche C:\Fixed Drive.

    Dans la colonne de droite, sous "Complete scan", clique sur "Perform Complete Scan"

    Clique sur "next" pour lancer le scan. Patiente pendant la durée du scan.

    A la fin du scan, une fenêtre de résultats s'ouvre . Clique sur OK.

    Assure toi que toutes les lignes de la fenêtre blanche sont cochées et clique sur "Next".

    Tout ce qui a été trouvé sera mis en quarantaine. S'il t'es demandé de redémarrer l'ordi ("reboot"), clique sur Yes.

    Pour recopier les informations sur le forum, fais ceci :

    - après le redémarrage de l'ordi, double-clique sur l'icône pour lancer SAS.
    - Clique sur "Preferences" puis sur l'onglet "Statistics/Logs ".
    - Dans "scanners logs", double-clique sur SUPERAntiSpyware Scan Log.

    - Le rapport va s'ouvrir dans ton éditeur de texte par défaut.

    - Copie son contenu dans ta réponse.

    Regarde bien le tuto SUPERAntiSpyware il est très bien expliqué.

    0
  12. secro
     
    le superantispyware tourne depuis 8 heures es ce normal?
    merci
    0
  13. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    oui c'est normale ça dépend des fichiers que tu as sur ton pc.
    0
  14. secro
     
    je n ai quasiment aucun fichier sur ce pc et cela fait 12 heures
    0
  15. secro
     
    Le files items ne bouge plus depuis 3 heures mais le scanning tourne tourne toujours
    0
  16. secro
     
    SUPERAntiSpyware Scan Log
    https://www.superantispyware.com/

    Generated 03/15/2009 at 12:18 PM

    Application Version : 4.25.1014

    Core Rules Database Version : 3795
    Trace Rules Database Version: 1751

    Scan type : Complete Scan
    Total Scan Time : 12:38:00

    Memory items scanned : 672
    Memory threats detected : 0
    Registry items scanned : 7122
    Registry threats detected : 0
    File items scanned : 1937742
    File threats detected : 367

    Adware.Tracking Cookie
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@ad.yieldmanager[1].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@adserver.qplaygames[1].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@adtech[1].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@advertising[2].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@atdmt[2].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@bluestreak[2].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@doubleclick[2].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@fastclick[1].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@fl01.ct2.comclick[1].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@guigoz.solution.weborama[2].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@imrworldwide[1].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@mediaplex[1].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@server.cpmstar[1].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@smartadserver[1].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@statsweb.bnpparibas[1].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@tradedoubler[2].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@weborama[1].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@xiti[2].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\natividade@atdmt[2].txt
    C:\Documents and Settings\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\natividade@bluestreak[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@ad.yieldmanager[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@adserver.qplaygames[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@adtech[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@advertising[2].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@atdmt[2].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@bluestreak[2].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@doubleclick[2].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@fastclick[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@fl01.ct2.comclick[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@guigoz.solution.weborama[2].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@imrworldwide[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@mediaplex[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@server.cpmstar[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@smartadserver[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@statsweb.bnpparibas[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@tradedoubler[2].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@weborama[1].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@xiti[2].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\natividade@atdmt[2].txt
    C:\Documents and Settings\Natividade\Application Data\Microsoft\Windows\Cookies\natividade@bluestreak[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@ad.yieldmanager[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@adserver.qplaygames[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@adtech[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@advertising[2].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@atdmt[2].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@bluestreak[2].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@doubleclick[2].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@fastclick[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@fl01.ct2.comclick[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@guigoz.solution.weborama[2].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@imrworldwide[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@mediaplex[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@server.cpmstar[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@smartadserver[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@statsweb.bnpparibas[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@tradedoubler[2].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@weborama[1].txt
    C:\Documents and Settings\Natividade\Cookies\Low\natividade@xiti[2].txt
    C:\Documents and Settings\Natividade\Cookies\natividade@atdmt[2].txt
    C:\Documents and Settings\Natividade\Cookies\natividade@bluestreak[1].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@ad.yieldmanager[1].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adrevolver[2].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@ads.gamesbannernet[2].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adtech[1].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adv.ertisement[1].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@atdmt[1].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@bs.serving-sys[1].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@casalemedia[2].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@doubleclick[1].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@fl01.ct2.comclick[1].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[2].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[3].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@server.cpmstar[2].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@serving-sys[2].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@sexetc[1].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@tradedoubler[2].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@tribalfusion[2].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[1].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[3].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[4].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[5].txt
    C:\Documents and Settings\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@xiti[1].txt
    .tradedoubler.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .tradedoubler.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .tradedoubler.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .doubleclick.net [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    fl01.ct2.comclick.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    fl01.ct2.comclick.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    fl01.ct2.comclick.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .msnportal.112.2o7.net [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .atdmt.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .hotbar.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    www.googleadservices.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    server.cpmstar.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    server.cpmstar.com [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .opodo.122.2o7.net [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .hotelopia.112.2o7.net [ C:\Documents and Settings\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@ad.yieldmanager[1].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@adrevolver[2].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@ads.gamesbannernet[2].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@adtech[1].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@adv.ertisement[1].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@atdmt[1].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@bs.serving-sys[1].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@casalemedia[2].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@doubleclick[1].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@fl01.ct2.comclick[1].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[2].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[3].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@server.cpmstar[2].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@serving-sys[2].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@sexetc[1].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@tradedoubler[2].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@tribalfusion[2].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[1].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[3].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[4].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[5].txt
    C:\Documents and Settings\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@xiti[1].txt
    .tradedoubler.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .tradedoubler.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .tradedoubler.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .doubleclick.net [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    fl01.ct2.comclick.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    fl01.ct2.comclick.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    fl01.ct2.comclick.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .msnportal.112.2o7.net [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .atdmt.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .hotbar.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    www.googleadservices.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    server.cpmstar.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    server.cpmstar.com [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .opodo.122.2o7.net [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .hotelopia.112.2o7.net [ C:\Documents and Settings\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@ad.yieldmanager[1].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@adrevolver[2].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@ads.gamesbannernet[2].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@adtech[1].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@adv.ertisement[1].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@atdmt[1].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@bs.serving-sys[1].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@casalemedia[2].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@doubleclick[1].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@fl01.ct2.comclick[1].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@media.adrevolver[2].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@media.adrevolver[3].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@server.cpmstar[2].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@serving-sys[2].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@sexetc[1].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@tradedoubler[2].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@tribalfusion[2].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@www.googleadservices[1].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@www.googleadservices[3].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@www.googleadservices[4].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@www.googleadservices[5].txt
    C:\Documents and Settings\Yoann\Cookies\Low\yoann@xiti[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@2o7[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adtech[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@doubleclick[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@fl01.ct2.comclick[2].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@gamenextfr.oberon-media[2].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@msnportal.112.2o7[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@oberon-media[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@statse.webtrendslive[2].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@tradedoubler[2].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@2o7[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@adtech[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@doubleclick[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@fl01.ct2.comclick[2].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@gamenextfr.oberon-media[2].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@msnportal.112.2o7[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@oberon-media[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@statse.webtrendslive[2].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Application Data\Microsoft\Windows\Cookies\Low\yoann@tradedoubler[2].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@2o7[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@adtech[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@doubleclick[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@fl01.ct2.comclick[2].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@gamenextfr.oberon-media[2].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@msnportal.112.2o7[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@oberon-media[1].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@statse.webtrendslive[2].txt
    C:\Documents and Settings\yoann.PC-de-Schneider.000\Cookies\Low\yoann@tradedoubler[2].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@ad.yieldmanager[1].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@adserver.qplaygames[1].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@adtech[1].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@advertising[2].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@atdmt[2].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@bluestreak[2].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@doubleclick[2].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@fastclick[1].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@fl01.ct2.comclick[1].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@guigoz.solution.weborama[2].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@imrworldwide[1].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@mediaplex[1].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@msnportal.112.2o7[1].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@server.cpmstar[1].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@smartadserver[1].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@statsweb.bnpparibas[1].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@tradedoubler[2].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@weborama[1].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\Low\natividade@xiti[2].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\natividade@atdmt[2].txt
    C:\Users\Natividade\AppData\Roaming\Microsoft\Windows\Cookies\natividade@bluestreak[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@ad.yieldmanager[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@adserver.qplaygames[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@adtech[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@advertising[2].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@atdmt[2].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@bluestreak[2].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@doubleclick[2].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@fastclick[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@fl01.ct2.comclick[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@guigoz.solution.weborama[2].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@imrworldwide[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@mediaplex[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@msnportal.112.2o7[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@server.cpmstar[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@smartadserver[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@statsweb.bnpparibas[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@tradedoubler[2].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@weborama[1].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\Low\natividade@xiti[2].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\natividade@atdmt[2].txt
    C:\Users\Natividade\Application Data\Microsoft\Windows\Cookies\natividade@bluestreak[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@ad.yieldmanager[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@adserver.qplaygames[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@adtech[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@advertising[2].txt
    C:\Users\Natividade\Cookies\Low\natividade@atdmt[2].txt
    C:\Users\Natividade\Cookies\Low\natividade@bluestreak[2].txt
    C:\Users\Natividade\Cookies\Low\natividade@doubleclick[2].txt
    C:\Users\Natividade\Cookies\Low\natividade@fastclick[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@fl01.ct2.comclick[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@guigoz.solution.weborama[2].txt
    C:\Users\Natividade\Cookies\Low\natividade@imrworldwide[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@mediaplex[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@msnportal.112.2o7[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@server.cpmstar[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@smartadserver[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@statsweb.bnpparibas[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@tradedoubler[2].txt
    C:\Users\Natividade\Cookies\Low\natividade@weborama[1].txt
    C:\Users\Natividade\Cookies\Low\natividade@xiti[2].txt
    C:\Users\Natividade\Cookies\natividade@atdmt[2].txt
    C:\Users\Natividade\Cookies\natividade@bluestreak[1].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@ad.yieldmanager[1].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adrevolver[2].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@ads.gamesbannernet[2].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adtech[1].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@adv.ertisement[1].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@atdmt[1].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@bs.serving-sys[1].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@casalemedia[2].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@doubleclick[1].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@fl01.ct2.comclick[1].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[2].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[3].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@msnportal.112.2o7[1].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@server.cpmstar[2].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@serving-sys[2].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@sexetc[1].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@tradedoubler[2].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@tribalfusion[2].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[1].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[3].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[4].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[5].txt
    C:\Users\Yoann\AppData\Roaming\Microsoft\Windows\Cookies\Low\yoann@xiti[1].txt
    .tradedoubler.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .tradedoubler.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .tradedoubler.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .doubleclick.net [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    fl01.ct2.comclick.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    fl01.ct2.comclick.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    fl01.ct2.comclick.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .msnportal.112.2o7.net [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .atdmt.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .hotbar.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    www.googleadservices.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    server.cpmstar.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    server.cpmstar.com [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .opodo.122.2o7.net [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .hotelopia.112.2o7.net [ C:\Users\Yoann\AppData\Roaming\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@ad.yieldmanager[1].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@adrevolver[2].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@ads.gamesbannernet[2].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@adtech[1].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@adv.ertisement[1].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@atdmt[1].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@bs.serving-sys[1].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@casalemedia[2].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@doubleclick[1].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@fl01.ct2.comclick[1].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[2].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@media.adrevolver[3].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@msnportal.112.2o7[1].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@server.cpmstar[2].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@serving-sys[2].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@sexetc[1].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@tradedoubler[2].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@tribalfusion[2].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[1].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[3].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[4].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@www.googleadservices[5].txt
    C:\Users\Yoann\Application Data\Microsoft\Windows\Cookies\Low\yoann@xiti[1].txt
    .tradedoubler.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .tradedoubler.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .tradedoubler.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .doubleclick.net [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    fl01.ct2.comclick.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    fl01.ct2.comclick.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    fl01.ct2.comclick.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .msnportal.112.2o7.net [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .atdmt.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .hotbar.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    ad.yieldmanager.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    www.googleadservices.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    server.cpmstar.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    server.cpmstar.com [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .opodo.122.2o7.net [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    .hotelopia.112.2o7.net [ C:\Users\Yoann\Application Data\Mozilla\Firefox\Profiles\9g82s2b9.default\cookies.txt ]
    C:\Users\Yoann\Cookies\Low\yoann@ad.yieldmanager[1].txt
    C:\Users\Yoann\Cookies\Low\yoann@adrevolver[2].txt
    C:\Users\Yoann\Cookies\Low\yoann@ads.gamesbannernet[2].txt
    C:\Users\Yoann\Cookies\Low\yoann@adtech[1].txt
    C:\Users\Yoann\Cookies\Low\yoann@adv.ertisement[1].txt
    voici le resultat

    C:\Users\Yoann\Cookies\Low\yoann@atdmt[1].txt
    C:\Users\Yoann\Cookies\Low\yoann@bs.serving-sys[1].txt
    C:\Users\Yoann\Cookies\Low\yoann@casalemedia[2].txt
    C:\Users\Yoann\Cookies\Low\yoann@doubleclick[1].txt
    C:\Users\Yoann\Cookies\Low\yoann@fl01.ct2.comclick[1].txt
    C:\Users\Yoann\Cookies\Low\yoann@media.adrevolver[2].txt
    C:\Users\Yoann\Cookies\Low\yoann@media.adrevolver[3].txt
    C:\Users\Yoann\Cookies\Low\yoann@msnportal.112.2o7[1].txt
    C:\Users\Yoann\Cookies\Low\yoann@server.cpmstar[2].txt
    C:\Users\Yoann\Cookies\Low\yoann@serving-sys[2].txt
    C:\Users\Yoann\Cookies\Low\yoann@sexetc[1].txt
    C:\Users\Yoann\Cookies\Low\yoann@tradedoubler[2].txt
    C:\Users\Yoann\Cookies\Low\yoann@tribalfusion[2].txt
    C:\Users\Yoann\Cookies\Low\yoann@www.googleadservices[1].txt
    C:\Users\Yoann\Cookies\Low\yoann@www.googleadservices[3].txt
    C:\Users\Yoann\Cookies\Low\yoann@www.googleadservices[4].txt
    C:\Users\Yoann\Cookies\Low\yoann@www.googleadservices[5].txt
    C:\Users\Yoann\Cookies\Low\yoann@xiti[1].txt
    0
  17. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    il était bien fini? tu peux supprimer tout ce qu'il à trouvé, ensuite me faire ceci :

    Télécharger RemoveIT Pro

    Fais un scan et poste moi le full rapport log.
    0
  18. secro
     
    il m'a touvé trois virus dont deux dangeureux win 32.unknown random x et sys 32 regxpcom et je n'arrive pas a t envoyer le fichier le logiciel m'a demander un second scan et il m'a trouvé le troisieme virus et maintenant quand je redait le scan il ne trouve plus rien comment faire pour t envoyer le fichier
    0
  19. secro
     
    voici le fichier
    RemoveIT Pro v4 - SE (Build date: 6.6.2008) full information log file.
    Generated at: 15/03/2009 on 13:15:30
    Microsoft Windows Vista Home Edition Service Pack 1 (Build 6001)
    Author: Damjan Irgolic
    https://www.incodesolutions.com/
    support@incodesolutions.com

    Running processes: (24)
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\Program Files\Realtek Semiconductor Corp\Realtek Card Reader Monitor\CardReaderMonitor.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe
    C:\Program Files\Picasa2\PicasaMediaDetector.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Alwil Software\Avast4\ashDisp.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
    C:\Program Files\InCode Solutions\RemoveIT Pro v4 - SE\removeit.exe

    Startup files:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Sidebar
    [C:\Program Files\Windows Sidebar\sidebar.exe]
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\SmpcSys
    [C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe]
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ISUSPM
    ["C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler]
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ehTray.exe
    [C:\Windows\ehome\ehTray.exe]
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\swg
    [C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe]
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\SUPERAntiSpyware
    [C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Windows Defender
    [%ProgramFiles%\Windows Defender\MSASCui.exe -hide]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SynTPEnh
    [C:\Program Files\Synaptics\SynTP\SynTPEnh.exe]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\CardReaderMonitor
    [C:\Program Files\Realtek Semiconductor Corp.\Realtek Card Reader Monitor\CardReaderMonitor.exe]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\
    []
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\RoxWatchTray
    ["C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Google Desktop Search
    ["C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\MSPService
    [C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Picasa Media Detector
    [C:\Program Files\Picasa2\PicasaMediaDetector.exe]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\toolbar_eula_launcher
    [C:\Program Files\Packard Bell\GOOGLE_EULA\EULALauncher.exe]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched
    ["C:\Program Files\Java\jre6\bin\jusched.exe"]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\NvSvc
    [RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\NvCplDaemon
    [RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\NvMediaCenter
    [RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\Adobe Reader Speed Launcher
    ["C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"]
    HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\avast!
    [C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe]

    Detail report: (86)
    Clsid c:\progra~1\google\google~3\goec62~1.dll[2b55a02ab2bf30636ffc7aad9f9d95c5][113664]
    Clsid c:\program files\superantispyware\saswinlo.dll[972edede23ac8d59aac0c09799c6f18a][356352]
    Clsid C:\Windows\system32\iconcodecservice.dll[08578f3ca5365f896d90ce2bf97fd000][9728]
    Proc C:\Program Files\Alwil Software\Avast4\ashDisp.exe[fc242dbd786557ac641726dc5c13f060][81000]
    Proc C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe[23518aa08d8b22cd27aa54fc21d0ac87][205480]
    Proc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe[2d4040f03702e79f6fa98d2e76ba831f][17656]
    Proc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe[bf38c273c3ec524880af0aeb2e7ce160][232184]
    Proc C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe[e26642c193b81f2aa06d6013d4e07d03][102400]
    Proc C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe[6542dc2e93bce4d4289fa70a4d367dc2][29744]
    Proc C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe[5d61be7db55b026a5d61a3eed09d0ead][39408]
    Proc C:\Program Files\InCode Solutions\RemoveIT Pro v4 - SE\removeit.exe[1ec5a876a537b62f07c92e5bc8103149][550912]
    Proc C:\Program Files\Java\jre6\bin\jusched.exe[b98ffa8288efaabc436c30d198608345][136600]
    Proc C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe[b1d8669cd13163585ca133332edd60e3][1120568]
    Proc C:\Program Files\Picasa2\PicasaMediaDetector.exe[0a44c06a0bb2ebc8b08df7039a2248d1][366400]
    Proc C:\Program Files\Realtek Semiconductor Corp\Realtek Card Reader Monitor\CardReaderMonitor.exe[ff32c2770bd4ad29178b00e77f92197c][643072]
    Proc C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe[11afbca9eac51cf988918bffe935e6ee][1830128]
    Proc C:\Program Files\Synaptics\SynTP\SynTPEnh.exe[e4e99677636ef949b546a1751c9b3a35][845360]
    Proc C:\Program Files\Windows Defender\MSASCui.exe[0d392ede3b97e0b3131b2f63ef1db94e][1008184]
    Proc C:\Program Files\Windows Sidebar\sidebar.exe[fd278e51a7d6f52d22fce6c67e037ad6][1233920]
    Proc C:\Windows\ehome\ehmsas.exe[0f4195b9b348de5cf9b822f81704b20e][37376]
    Proc C:\Windows\ehome\ehtray.exe[bf08674925f151bd4537b89a493e3e0c][125952]
    Proc C:\Windows\Explorer.EXE[4f554999d7d5f05daaebba7b5ba1089d][2927104]
    Proc C:\Windows\system32\Dwm.exe[59903071d7ace6a02093c47e9e38af97][81920]
    Proc C:\Windows\System32\rundll32.exe[4b555106290bd117334e9a08761c035a][44544]
    Proc C:\Windows\system32\taskeng.exe[5f109032ce46b7184ed9e50f9fe8489e][169472]
    RegRun c:\progra~1\alwils~1\avast4\ashdisp.exe[fc242dbd786557ac641726dc5c13f060][81000]
    RegRun c:\program files\adobe\reader 9.0\reader\reader_sl.exe[452fa961163ef4aee4815796a13ab2cf][35696]
    RegRun c:\program files\common files\installshield\updateservice\isuspm.exe [23518aa08d8b22cd27aa54fc21d0ac87][205480]
    RegRun c:\program files\common files\roxio shared\9.0\sharedcom\roxwatchtray9.exe[bf38c273c3ec524880af0aeb2e7ce160][232184]
    RegRun c:\program files\cyberlink\magicsports\kernel\magicsports\mspmirage.exe[e26642c193b81f2aa06d6013d4e07d03][102400]
    RegRun c:\program files\google\google desktop search\googledesktop.exe [6542dc2e93bce4d4289fa70a4d367dc2][29744]
    RegRun c:\program files\google\googletoolbarnotifier\googletoolbarnotifier.exe[5d61be7db55b026a5d61a3eed09d0ead][39408]
    RegRun c:\program files\java\jre6\bin\jusched.exe[b98ffa8288efaabc436c30d198608345][136600]
    RegRun c:\program files\packard bell\google_eula\eulalauncher.exe[a7a7ad08ba72ac90dcd5511ed895369b][28672]
    RegRun c:\program files\packard bell\setupmypc\smpsys.exe[b1d8669cd13163585ca133332edd60e3][1120568]
    RegRun c:\program files\picasa2\picasamediadetector.exe[0a44c06a0bb2ebc8b08df7039a2248d1][366400]
    RegRun c:\program files\realtek semiconductor corp.\realtek card reader monitor\cardreadermonitor.exe[ff32c2770bd4ad29178b00e77f92197c][643072]
    RegRun c:\program files\superantispyware\superantispyware.exe[11afbca9eac51cf988918bffe935e6ee][1830128]
    RegRun c:\program files\synaptics\syntp\syntpenh.exe[e4e99677636ef949b546a1751c9b3a35][845360]
    RegRun c:\program files\windows sidebar\sidebar.exe[fd278e51a7d6f52d22fce6c67e037ad6][1233920]
    RegRun c:\windows\ehome\ehtray.exe[bf08674925f151bd4537b89a493e3e0c][125952]
    RegRun c:\windows\system32\nvcpl.dll[217e2b91eaaeafdaff1db718b062c7a0][8497696]
    RegRun c:\windows\system32\nvmctray.dll[7f493300e035fec8dbe031969b291766][81920]
    RegRun c:\windows\system32\nvsvc.dll[48769100e4a0c3335f8c775be8bf9e34][86016]
    Service c:\program files\alwil software\avast4\ashmaisv.exe [f09461c8eccace33c271cc229f11e281][254040]
    Service c:\program files\alwil software\avast4\ashserv.exe[62889d40a3fb1a9012428e16fe0dc67a][138680]
    Service c:\program files\alwil software\avast4\ashwebsv.exe [23ca3e54474ae5ffdbc0f97b9e1815db][352920]
    Service c:\program files\alwil software\avast4\aswupdsv.exe[b4253776ee034f6770fcee32c28490b0][18752]
    Service c:\program files\common files\installshield\driver\11\intel 32\idrivert.exe[1cf03c69b49acb70c722df92755c0c8c][69632]
    Service c:\program files\common files\microsoft shared\office12\odserv.exe[e54aa592a65f317390eee386a8821692][443776]
    Service c:\program files\common files\microsoft shared\source engine\ose.exe[5a432a042dae460abe7199b758e8606c][145184]
    Service c:\program files\common files\nero\nero backitup 4\nbservice.exe[b90e093e7a7250906f1054418b5339c0][935208]
    Service c:\program files\common files\roxio shared\9.0\sharedcom\roxmediadb9.exe[9638e5820858593a12005c753b03ceae][887544]
    Service c:\program files\common files\roxio shared\9.0\sharedcom\roxwatch9.exe[910fba95ee4f56449aa81315884c8efd][166648]
    Service c:\program files\common files\surething shared\stllssvr.exe[51778fd315c9882f1cbd932743e62a72][73728]
    Service c:\program files\cyberlink\shared files\richvideo.exe[c3162ac1b592ceb43abe2f972a7222d3][266343]
    Service c:\program files\google\common\google updater\googleupdaterservice.exe[1bf044e23206fddc16891a32922d571b][137200]
    Service c:\program files\google\google desktop search\googledesktop.exe[6542dc2e93bce4d4289fa70a4d367dc2][29744]
    Service c:\program files\windows live\installer\wlsetupsvc.exe[94a85e956a065e23e0010a6a7826243b][266240]
    Service c:\program files\windows live\messenger\usnsvc.exe[9d19b042a4fd5c02195071ea2fe0c821][98328]
    Service c:\program files\windows media player\wmpnetwk.exe[3978704576a121a9204f8cc49a301a9b][896512]
    Service c:\windows\ehome\ehrecvr.exe[9be3744d295a7701eb425332014f0797][292352]
    Service c:\windows\ehome\ehsched.exe[ad1870c8e5d6dd340c829e6074bf3c3f][131072]
    Service c:\windows\microsoft.net\framework\v2.0.50727\mscorsvw.exe[a4af4201bd519971f8f34724f3ca9dbb][70144]
    Service c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe[e7cc3aeaed9893a88876744cd439f76c][864256]
    Service c:\windows\microsoft.net\framework\v3.0\windows communication foundation\smsvchost.exe[f9102685f97f9ba85f4a70afcf722cfe][122880]
    Service c:\windows\microsoft.net\framework\v3.0\wpf\presentationfontcache.exe[993883524aa9cf1c90e1545411a9ac9c][36864]
    Service c:\windows\servicing\trustedinstaller.exe[16613a1bad034d4ecf957af18b7c2ff5][39424]
    Service c:\windows\system32\alg.exe[a1545b731579895d8cc44fc0481c1192][59392]
    Service c:\windows\system32\dfsr.exe[fa3463f25f9cc9c3bcf1e7912feff099][2091520]
    Service c:\windows\system32\dllhost.exe [be01e566d1f569aab32d0335613e1eea][7168]
    Service c:\windows\system32\locator.exe[5123f83cbc4349d065534eeb6bbdc42b][7680]
    Service c:\windows\system32\lsass.exe[dcf733788c7d088d814e5f80eb4b3e0f][9728]
    Service c:\windows\system32\msdtc.exe[fd7520cc3a80c5fc8c48852bb24c6ded][105984]
    Service c:\windows\system32\searchindexer.exe [7778bdfa3f6f6fba0e75b9594098f737][439808]
    Service c:\windows\system32\slsvc.exe[0ba91e1358ad25236863039bb2609a2e][2623488]
    Service c:\windows\system32\snmptrap.exe[2a146a055b4401c16ee62d18b8e2a032][12800]
    Service c:\windows\system32\spoolsv.exe[846cdf9a3cf4da9b306adfb7d55ee4c2][125952]
    Service c:\windows\system32\svchost.exe [3794b461c45882e06856f282eef025af][21504]
    Service c:\windows\system32\ui0detect.exe[ecef404f62863755951e09c802c94ad5][35840]
    Service c:\windows\system32\vds.exe[b13bc395b9d6116628f5af47e0802ac4][382976]
    Service c:\windows\system32\vssvc.exe[d5fb73d19c46ade183f968e13f186b23][1054720]
    Service c:\windows\system32\wbem\wmiapsrv.exe[aba4cf9f856d9a3a25f4ddd7690a6e9d][137728]
    Startup c:\programdata\microsoft\windows\start menu\programs\startup\desktop.ini[7f1698bab066b764a314a589d338daae][174]
    Startup c:\users\schneider\appdata\roaming\microsoft\windows\start menu\programs\startup\desktop.ini[7f1698bab066b764a314a589d338daae][174]
    System.ini c:\windows\system32\svchost.exe [3794b461c45882e06856f282eef025af][21504]

    Startup folder: (2)
    Startup name: desktop.ini
    Command: C:\Users\Schneider\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
    Startup name: desktop.ini
    Command: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

    Win.ini Startup: (1)
    Path: No additional driver found!

    Win.ini Startup: (1)
    Path: No additional driver found!

    Keyboard drivers: (1)
    Name: No Keyboard Filter driver found!

    Services: (141)
    Service Name: Accès du périphérique d'interface utilisateur [Stopped],
    Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Acquisition d'image Windows (WIA) [Running],
    Path: C:\Windows\system32\svchost.exe -k imgsvc
    Service Name: Agent de protection d’accès réseau [Stopped],
    Path: C:\Windows\System32\svchost.exe -k NetworkService
    Service Name: Agent de stratégie IPsec [Running],
    Path: C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    Service Name: Appel de procédure distante (RPC) [Running],
    Path: C:\Windows\system32\svchost.exe -k rpcss
    Service Name: Application système COM+ [Stopped],
    Path: C:\Windows\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
    Service Name: Assistance IP [Running],
    Path: C:\Windows\System32\svchost.exe -k NetSvcs
    Service Name: Assistance NetBIOS sur TCP/IP [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
    Service Name: Audio Windows [Running],
    Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    Service Name: avast! Antivirus [Running],
    Path: "C:\Program Files\Alwil Software\Avast4\ashServ.exe"
    Service Name: avast! iAVS4 Control Service [Running],
    Path: "C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe"
    Service Name: avast! Mail Scanner [Running],
    Path: "C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service
    Service Name: avast! Web Scanner [Running],
    Path: "C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service
    Service Name: Cache de police de Windows Presentation Foundation 3.0.0.0 [Stopped],
    Path: C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
    Service Name: Carte à puce [Stopped],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Carte de performance WMI [Stopped],
    Path: C:\Windows\system32\wbem\WmiApSrv.exe
    Service Name: Centre de sécurité [Running],
    Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    Service Name: Cliché instantané de volume [Stopped],
    Path: C:\Windows\system32\vssvc.exe
    Service Name: Client de stratégie de groupe [Running],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Client de suivi de lien distribué [Running],
    Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Client DHCP [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
    Service Name: Client DNS [Running],
    Path: C:\Windows\system32\svchost.exe -k NetworkService
    Service Name: Collecteur d'événements de Windows [Stopped],
    Path: C:\Windows\system32\svchost.exe -k NetworkService
    Service Name: Configuration automatique de réseau câblé [Stopped],
    Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Configuration des services Terminal Server [Stopped],
    Path: C:\Windows\System32\svchost.exe -k netsvcs
    Service Name: Connaissance des emplacements réseau [Running],
    Path: C:\Windows\System32\svchost.exe -k NetworkService
    Service Name: Connexions réseau [Running],
    Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Contrôle parental [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted
    Service Name: Coordinateur de transactions distribuées [Stopped],
    Path: C:\Windows\System32\msdtc.exe
    Service Name: Cyberlink RichVideo Service(CRVS) [Running],
    Path: "C:\Program Files\CyberLink\Shared Files\RichVideo.exe"
    Service Name: Découverte SSDP [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Détection de services interactifs [Stopped],
    Path: C:\Windows\system32\UI0Detect.exe
    Service Name: Détection matériel noyau [Running],
    Path: C:\Windows\System32\svchost.exe -k netsvcs
    Service Name: Disque virtuel [Stopped],
    Path: C:\Windows\System32\vds.exe
    Service Name: Emplacement protégé [Stopped],
    Path: C:\Windows\system32\lsass.exe
    Service Name: Énumérateur de bus IP PnP-X [Stopped],
    Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Expérience audio-vidéo haute qualité Windows [Stopped],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Expérience d’application [Running],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Explorateur d'ordinateurs [Running],
    Path: C:\Windows\System32\svchost.exe -k netsvcs
    Service Name: Fournisseur de cliché instantané de logiciel Microsoft [Stopped],
    Path: C:\Windows\System32\svchost.exe -k swprv
    Service Name: Générateur de points de terminaison du service Audio Windows [Running],
    Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Gestion à distance de Windows (Gestion WSM) [Stopped],
    Path: C:\Windows\System32\svchost.exe -k NetworkService
    Service Name: Gestion des clés et des certificats d'intégrité [Stopped],
    Path: C:\Windows\System32\svchost.exe -k netsvcs
    Service Name: Gestionnaire de comptes de sécurité [Running],
    Path: C:\Windows\system32\lsass.exe
    Service Name: Gestionnaire de connexion automatique d'accès distant [Stopped],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Gestionnaire de connexions d'accès distant [Running],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Gestionnaire de sessions du Gestionnaire de fenêtrage [Running],
    Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Gestionnaire d'identité réseau homologue [Stopped],
    Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    Service Name: Google Desktop Manager 5.7.806.10245 [Stopped],
    Path: "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe"
    Service Name: Google Updater Service [Stopped],
    Path: "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
    Service Name: Groupement de mise en réseau de pairs [Stopped],
    Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    Service Name: Horloge Windows [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Hôte de périphérique UPnP [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Hôte du fournisseur de découverte de fonctions [Stopped],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Hôte système de diagnostics [Running],
    Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Informations d'application [Stopped],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Infrastructure de gestion Windows [Running],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: InstallDriver Table Manager [Stopped],
    Path: "C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe"
    Service Name: Interruption SNMP [Stopped],
    Path: C:\Windows\System32\snmptrap.exe
    Service Name: Isolation de clé CNG [Running],
    Path: C:\Windows\system32\lsass.exe
    Service Name: Journal d’événements Windows [Running],
    Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    Service Name: Journaux & alertes de performance [Stopped],
    Path: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    Service Name: Lanceur de processus serveur DCOM [Running],
    Path: C:\Windows\system32\svchost.exe -k DcomLaunch
    Service Name: Lanceur des services Windows Media Center [Stopped],
    Path: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    Service Name: Licence du logiciel [Running],
    Path: C:\Windows\system32\SLsvc.exe
    Service Name: Localisateur d'appels de procédure distante (RPC) [Stopped],
    Path: C:\Windows\system32\locator.exe
    Service Name: Mappage de découverte de topologie de la couche de liaison [Stopped],
    Path: C:\Windows\System32\svchost.exe -k LocalService
    Service Name: Microsoft .NET Framework NGEN v2.0.50727_X86 [Stopped],
    Path: C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    Service Name: Microsoft Office Diagnostics Service [Stopped],
    Path: "C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE"
    Service Name: Modules de génération de clés IKE et AuthIP [Running],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Moteur de filtrage de base [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    Service Name: Nero BackItUp Scheduler 4.0 [Running],
    Path: C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    Service Name: Netlogon [Stopped],
    Path: C:\Windows\system32\lsass.exe
    Service Name: Office Source Engine [Stopped],
    Path: "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
    Service Name: Ouverture de session secondaire [Running],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Pare-feu Windows [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    Service Name: Partage de connexion Internet (ICS) [Stopped],
    Path: C:\Windows\System32\svchost.exe -k netsvcs
    Service Name: Planificateur de classes multimédias [Running],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Planificateur de tâches [Running],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Plug-and-Play [Running],
    Path: C:\Windows\system32\svchost.exe -k DcomLaunch
    Service Name: Prise en charge de l’application Rapports et solutions aux problèmes du Panneau de configuration [Stopped],
    Path: C:\Windows\System32\svchost.exe -k netsvcs
    Service Name: Programme d’installation de modules Windows [Stopped],
    Path: C:\Windows\servicing\TrustedInstaller.exe
    Service Name: Propagation du certificat [Stopped],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Protocole de résolution de noms d'homologues [Stopped],
    Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    Service Name: Protocole EAP (Extensible Authentication Protocol) [Running],
    Path: C:\Windows\System32\svchost.exe -k netsvcs
    Service Name: Publication des ressources de découverte de fonctions [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Registre à distance [Stopped],
    Path: C:\Windows\system32\svchost.exe -k regsvc
    Service Name: Réplication DFS [Stopped],
    Path: C:\Windows\system32\DFSR.exe
    Service Name: Routage et accès distant [Stopped],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Roxio Hard Drive Watcher 9 [Running],
    Path: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe"
    Service Name: RoxMediaDB9 [Running],
    Path: "C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe"
    Service Name: Sauvegarde Windows [Stopped],
    Path: C:\Windows\system32\svchost.exe -k SDRSVC
    Service Name: Serveur [Running],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Serveur de priorités des threads [Stopped],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Service de configuration automatique WLAN [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Service de découverte automatique de Proxy Web pour les services HTTP Windows [Stopped],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Service de l’Assistant Compatibilité des programmes [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Service de la passerelle de la couche Application [Stopped],
    Path: C:\Windows\System32\alg.exe
    Service Name: Service de notification d’événements système [Running],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Service de notification de l’interface utilisateur SL [Stopped],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Service de partage de ports Net.Tcp [Stopped],
    Path: "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe"
    Service Name: Service de planification Windows Media Center [Stopped],
    Path: C:\Windows\ehome\ehsched.exe
    Service Name: Service de profil utilisateur [Running],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Service de publication des noms d’ordinateurs PNRP [Stopped],
    Path: C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    Service Name: Service de rapport d'erreurs Windows [Running],
    Path: C:\Windows\System32\svchost.exe -k WerSvcGroup
    Service Name: Service de réception Windows Media Center [Stopped],
    Path: C:\Windows\ehome\ehRecvr.exe
    Service Name: Service de stratégie de diagnostic [Running],
    Path: C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    Service Name: Service de transfert intelligent en arrière-plan [Running],
    Path: C:\Windows\System32\svchost.exe -k netsvcs
    Service Name: Service Énumérateur d’appareil mobile [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Service hôte WDIServiceHost [Stopped],
    Path: C:\Windows\System32\svchost.exe -k wdisvc
    Service Name: Service Initiateur iSCSI de Microsoft [Stopped],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Service Interface du magasin réseau [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Service KtmRm pour Distributed Transaction Coordinator [Running],
    Path: C:\Windows\System32\svchost.exe -k NetworkService
    Service Name: Service Liste des réseaux [Running],
    Path: C:\Windows\System32\svchost.exe -k LocalService
    Service Name: Service Messenger Sharing Folders USN Journal Reader [Stopped],
    Path: "C:\Program Files\Windows Live\Messenger\usnsvc.exe"
    Service Name: Service Panneau de saisie Tablet PC [Running],
    Path: C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Service Partage réseau du Lecteur Windows Media [Stopped],
    Path: "C:\Program Files\Windows Media Player\wmpnetwk.exe"
    Service Name: Service ReadyBoost [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Service Windows Media Center Extender [Stopped],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Service SSTP (Secure Socket Tunneling Protocol) [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Services de base de module de plateforme sécurisée [Stopped],
    Path: C:\Windows\System32\svchost.exe -k LocalService
    Service Name: Services de chiffrement [Running],
    Path: C:\Windows\system32\svchost.exe -k NetworkService
    Service Name: Services Terminal Server [Running],
    Path: C:\Windows\System32\svchost.exe -k NetworkService
    Service Name: Spouleur d'impression [Running],
    Path: C:\Windows\System32\spoolsv.exe
    Service Name: Station de travail [Running],
    Path: C:\Windows\System32\svchost.exe -k LocalService
    Service Name: stllssvr [Stopped],
    Path: "C:\Program Files\Common Files\SureThing Shared\stllssvr.exe"
    Service Name: Stratégie de retrait de la carte à puce [Stopped],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Service Name: Superfetch [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Système de couleurs Windows [Stopped],
    Path: C:\Windows\system32\svchost.exe -k wcssvc
    Service Name: Système d'événement COM+ [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Téléphonie [Running],
    Path: C:\Windows\System32\svchost.exe -k NetworkService
    Service Name: Thèmes [Running],
    Path: C:\Windows\System32\svchost.exe -k netsvcs
    Service Name: WebClient [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalService
    Service Name: Windows CardSpace [Stopped],
    Path: "C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe"
    Service Name: Windows Connect Now - Registre de configuration [Stopped],
    Path: C:\Windows\System32\svchost.exe -k LocalService
    Service Name: Windows Defender [Running],
    Path: C:\Windows\System32\svchost.exe -k secsvcs
    Service Name: Windows Driver Foundation - Infrastructure de pilote mode-utilisateur [Running],
    Path: C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
    Service Name: Windows Installer [Stopped],
    Path: C:\Windows\system32\msiexec /V
    Service Name: Windows Live Setup Service [Stopped],
    Path: "C:\Program Files\Windows Live\installer\WLSetupSvc.exe"
    Service Name: Windows Search [Running],
    Path: C:\Windows\system32\SearchIndexer.exe /Embedding
    Service Name: Windows Update [Running],
    Path: C:\Windows\system32\svchost.exe -k netsvcs
    Finished...
    0
  20. pimprenelle27 Messages postés 22182 Statut Contributeur sécurité 2 503
     
    Je pense qu'il a du les supprimer mais regarde s'il ne sont pas en quarantaine. ensuite, tu va me faire un nouvel hijackthis et ceci pour m'assurer qu'il n'y a vraiment plus de virus :

    Fais un scan en ligne avec Internet explorer
    Rend toi sur ce site : https://www.pandasecurity.com/en/homeusers/online-antivirus/?ref=activescan

    Voici un tutoriel
    0
    1. secro
       
      ;***********************************************************************************************************************************************************************************
      ANALYSIS: 2009-03-15 16:18:26
      PROTECTIONS: 2
      MALWARE: 1
      SUSPECTS: 0
      ;***********************************************************************************************************************************************************************************
      PROTECTIONS
      Description Version Active Updated
      ;===================================================================================================================================================================================
      Windows Defender 1.1.1505.0 No Yes
      SUPERAntiSpyware 4, 25, 0, 1014 No Yes
      ;===================================================================================================================================================================================
      MALWARE
      Id Description Type Active Severity Disinfectable Disinfected Location
      ;===================================================================================================================================================================================
      00040722 adware/navipromo Adware No 1 Yes No hkey_current_user\software\mc
      ;===================================================================================================================================================================================
      SUSPECTS
      Sent Location x�/��{39
      ;===================================================================================================================================================================================
      ;===================================================================================================================================================================================
      VULNERABILITIES
      Id Severity Description x�/��{39
      ;===================================================================================================================================================================================
      ;===================================================================================================================================================================================
      0
  • 1
  • 2
  • 3