Sujet Précédent Sujet Suivant

Analyse de mon logfile hijackthis - merci

Jean -  
 noemie -
Bonjour a tous ceux qui liront ce mail.

Mon probleme est le suivant: il reste des Spywares recalcitrants aux desinfectants habituels type Spybot. Deux notamment: CoolWWWSearch et LSA.

De plus ma page d acceuil se change tt le temps en about:blank, et des pages de recherches non sollicitees s ouvrent regulierement.

Bien entendu mon laptop est super ralenti, et plus etrange: paint, la calculette et une fenetre DOS s ouvrent regulierement et performent des actions automatiques ?!?!

Je ne suis pas un crack alors j ai prefere vous poster mon Logfile Hijack, peut etre qq un pourra m aider sur les .exe a virer via hijackthis.

Je vous remercie mille fois par avance

Logfile of HijackThis v1.99.1
Scan saved at 18:49:59, on 21/01/2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ntkg32.exe
C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\Program Files\TOSHIBA\Commandes TOSHIBA\TFncKy.exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\System32\TFNF5.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
C:\Program Files\D-Link\Air USB Utility\AirCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\C.tmp.exe
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\D.tmp.exe
C:\WINDOWS\system32\sysbt.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\TEXTware\HotKey\Twalink.exe
C:\Program Files\FRITZ!DSL\StCenter.exe
C:\Program Files\Hercules\Audio\Gamesurround Muse Pocket\MuseCPL.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\appqm.exe
C:\WINDOWS\netwp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\msw32.pif
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\rfojc.dll/sp.html#53142%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\rfojc.dll/sp.html#53142%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\system32\rfojc.dll/sp.html#53142%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\system32\rfojc.dll/sp.html#53142%resultposition.net
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\system32\rfojc.dll/sp.html#53142%resultposition.net
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\rfojc.dll/sp.html#53142%resultposition.net
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\system32\rfojc.dll/sp.html#53142%resultposition.net
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: Class - {04D84A7E-AF1A-27B3-7174-33D2BABA7210} - C:\WINDOWS\apikc32.dll
O2 - BHO: Class - {0B908CAD-3C8E-F8BB-BABB-D566F522D77D} - C:\WINDOWS\netwq32.dll
O2 - BHO: Class - {1F69C07D-0FC7-DBFC-01EA-A3A6D47C45AE} - C:\WINDOWS\system32\netak32.dll
O2 - BHO: Class - {24821956-1F7B-A3ED-FE48-09CB61038962} - C:\WINDOWS\system32\apisr.dll
O2 - BHO: Class - {4B33972E-DEC1-88EB-5E8B-A204CB6352D3} - C:\WINDOWS\mfcud.dll
O2 - BHO: Class - {4EB0FBD7-52FF-0458-809F-5E8CA2F8DEDA} - C:\WINDOWS\system32\atlnc32.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Class - {5AF53BD8-C0D9-BA73-C3EA-CA1BE5E63D9A} - C:\WINDOWS\system32\appbw.dll
O2 - BHO: Class - {5BD77D9A-0FBD-7D9B-A984-E95897A73BF1} - C:\WINDOWS\system32\nthv32.dll
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: Class - {5DF68014-8E92-E1A6-CEC5-71F4FC741A18} - C:\WINDOWS\applv32.dll
O2 - BHO: Class - {6BED8566-6D4B-BBC7-B0E2-3177D853699E} - C:\WINDOWS\system32\addbw.dll
O2 - BHO: Class - {A9B63F00-46F6-794A-3935-C204BC7E0785} - C:\WINDOWS\system32\atlev32.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: Class - {BCD2875D-DE08-3E61-8D26-0683DC5EB9EE} - C:\WINDOWS\apidf.dll
O2 - BHO: Class - {C6D86C28-57E7-AA77-D098-C622ABCA94EE} - C:\WINDOWS\system32\crdu.dll
O2 - BHO: Class - {CB4A9881-D6FA-66F1-3213-6202E35DBEFA} - C:\WINDOWS\system32\ieve.dll
O2 - BHO: Class - {D33C8F81-1BDD-D468-2853-B1D36D92CA19} - C:\WINDOWS\sysch32.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 20
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [Win Security] msw32.pif
O4 - HKLM\..\Run: [D-Link Air USB Utility] C:\Program Files\D-Link\Air USB Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [NAVNet] "C:\WINDOWS\msxmidi.exe" /m
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ipif.exe] C:\WINDOWS\system32\ipif.exe
O4 - HKLM\..\Run: [18.tmp] C:\DOCUME~1\Brigitte\LOCALS~1\Temp\18.tmp.exe
O4 - HKLM\..\Run: [18.tmp.exe] C:\DOCUME~1\Brigitte\LOCALS~1\Temp\18.tmp.exe
O4 - HKLM\..\Run: [C.tmp] C:\DOCUME~1\Brigitte\LOCALS~1\Temp\C.tmp.exe
O4 - HKLM\..\Run: [D.tmp] C:\DOCUME~1\Brigitte\LOCALS~1\Temp\D.tmp.exe
O4 - HKLM\..\Run: [C.tmp.exe] C:\DOCUME~1\Brigitte\LOCALS~1\Temp\C.tmp.exe
O4 - HKLM\..\Run: [D.tmp.exe] C:\DOCUME~1\Brigitte\LOCALS~1\Temp\D.tmp.exe
O4 - HKLM\..\Run: [mfcwz.exe] C:\WINDOWS\mfcwz.exe
O4 - HKLM\..\Run: [sysbt.exe] C:\WINDOWS\system32\sysbt.exe
O4 - HKLM\..\Run: [atlqs.exe] C:\WINDOWS\system32\atlqs.exe
O4 - HKLM\..\RunServices: [Win Security] msw32.pif
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Win Security] msw32.pif
O4 - HKCU\..\RunServices: [Win Security] msw32.pif
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: HotKey.lnk = C:\Program Files\TEXTware\HotKey\Twalink.exe
O4 - Global Startup: FRITZ!DSL Startcenter.lnk = C:\Program Files\FRITZ!DSL\StCenter.exe
O4 - Global Startup: Gamesurround Muse Pocket.lnk = C:\Program Files\Hercules\Audio\Gamesurround Muse Pocket\MuseCPL.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1134946951340
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1134946931672
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: Network Security Service (NSS) ( 11Fßä#·ºÄÖ`I) - Unknown owner - C:\WINDOWS\ntkg32.exe" /s (file missing)
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Program Files\Fichiers communs\AVM\de_serv.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Unknown owner - C:\Program Files\Protool\Digidesign\Drivers\MMERefresh.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
A voir également:

32 réponses

Précédent
  • 1
  • 2
Réponse 21 / 32
Jean
 
Salut tout le monde

Suite a quelques problemes d internet, heureusement resolus, nous revoila mon PC et moi…

Oui Moe, Spybot a eu raison de la bete.

J ai ensuite fait tourner divers softwares successivement (Ewido, Spybot, CWSchredder, Microsoft Anti Spyware, Ad Aware, a², About Buster, Avast).

Ad Aware continue a trouver Malware.Psguard

Voici le rapport

Ad-Aware SE Build 1.06r1
Logfile Created on:dimanche 5 février 2006 22:10:48
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R90 03.02.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Malware.Psguard(TAC index:7):1 total references
MRU List(TAC index:0):13 total references
Tracking Cookie(TAC index:3):4 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

05-02-2006 22:10:48 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Brigitte\recent
Description : list of recently opened documents

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 560
ThreadCreationTime : 05-02-2006 20:57:58
BasePriority : Normal

#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 796
ThreadCreationTime : 05-02-2006 20:58:02
BasePriority : Normal

#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 820
ThreadCreationTime : 05-02-2006 20:58:03
BasePriority : High

#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 864
ThreadCreationTime : 05-02-2006 20:58:04
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 876
ThreadCreationTime : 05-02-2006 20:58:04
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1020
ThreadCreationTime : 05-02-2006 20:58:05
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1092
ThreadCreationTime : 05-02-2006 20:58:07
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1152
ThreadCreationTime : 05-02-2006 20:58:07
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1216
ThreadCreationTime : 05-02-2006 20:58:07
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1340
ThreadCreationTime : 05-02-2006 20:58:08
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1584
ThreadCreationTime : 05-02-2006 20:58:09
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [aswupdsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1708
ThreadCreationTime : 05-02-2006 20:58:09
BasePriority : Normal

#:13 [ashserv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1724
ThreadCreationTime : 05-02-2006 20:58:09
BasePriority : High
FileVersion : 4, 6, 739, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright (c) 2005 ALWIL Software
OriginalFilename : aswServ.exe

#:14 [igdctrl.exe]
FilePath : C:\Program Files\FRITZ!DSL\
ProcessID : 1748
ThreadCreationTime : 05-02-2006 20:58:09
BasePriority : Normal
FileVersion : 1.00.01.2004
ProductVersion : 1.00.01.2004
ProductName : AVM IGD Service
CompanyName : AVM Berlin
FileDescription : AVM IGD Service
InternalName : igdctrl
LegalCopyright : © AVM Berlin 2004-2005
OriginalFilename : igdctrl.exe

#:15 [ctsvccda.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1772
ThreadCreationTime : 05-02-2006 20:58:10
BasePriority : Normal
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
ProductName : Creative Service for CDROM Access
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
LegalCopyright : Copyright (c) Creative Technology Ltd., 1999. All rights reserved.
OriginalFilename : CTsvcCDA.EXE

#:16 [ewidoctrl.exe]
FilePath : C:\Program Files\ewido anti-malware\
ProcessID : 1800
ThreadCreationTime : 05-02-2006 20:58:10
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe

#:17 [mdm.exe]
FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\
ProcessID : 1832
ThreadCreationTime : 05-02-2006 20:58:11
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe

#:18 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1848
ThreadCreationTime : 05-02-2006 20:58:11
BasePriority : Normal
FileVersion : 6.13.10.2846
ProductVersion : 6.13.10.2846
ProductName : NVIDIA Driver Helper Service, Version 28.46
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 28.46
InternalName : NVSVC
LegalCopyright : (c) NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:19 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1900
ThreadCreationTime : 05-02-2006 20:58:12
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:20 [vsmon.exe]
FilePath : C:\WINDOWS\system32\ZONELABS\
ProcessID : 1940
ThreadCreationTime : 05-02-2006 20:58:12
BasePriority : Normal
FileVersion : 6.1.737.000
ProductVersion : 6.1.737.000
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : vsmon.exe

#:21 [mspmspsv.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 404
ThreadCreationTime : 05-02-2006 20:58:18
BasePriority : Normal
FileVersion : 7.00.00.1954
ProductVersion : 7.00.00.1954
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename : MSPMSPSV.EXE

#:22 [ashmaisv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1208
ThreadCreationTime : 05-02-2006 20:58:51
BasePriority : Normal

#:23 [ashwebsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1252
ThreadCreationTime : 05-02-2006 20:58:53
BasePriority : Normal

#:24 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1296
ThreadCreationTime : 05-02-2006 20:58:54
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:25 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2864
ThreadCreationTime : 05-02-2006 21:02:13
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

#:26 [msconfig.exe]
FilePath : C:\WINDOWS\PCHealth\HelpCtr\Binaries\
ProcessID : 2988
ThreadCreationTime : 05-02-2006 21:02:18
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Utilitaire de configuration système
InternalName : msconfig.EXE
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : msconfig.EXE

#:27 [aircfg.exe]
FilePath : C:\Program Files\D-Link\Air USB Utility\
ProcessID : 3084
ThreadCreationTime : 05-02-2006 21:02:26
BasePriority : Normal
FileVersion : 3, 2, 1, 40525
ProductVersion : 3, 2, 1, 40525
ProductName : Wireless LAN Monitor
CompanyName : D-Link
FileDescription : D-Link Wireless LAN Monitor
InternalName : WlanMonitor
LegalCopyright : Copyright 2003(C), D-Link. All Rights Reserved.
LegalTrademarks : D-Link
OriginalFilename : WlanMon.EXE
Comments : ANIO

#:28 [wzcsldr2.exe]
FilePath : C:\Program Files\ANI\ANIWZCS2 Service\
ProcessID : 3096
ThreadCreationTime : 05-02-2006 21:02:27
BasePriority : Normal
FileVersion : 1, 0, 4, 40414
ProductVersion : 1, 0, 4, 40414
ProductName : ANIWZCS2 Service Launcher (9x)
CompanyName : Alpha Networks Inc.
FileDescription : ANIWZCS2 launcher for Windows.
InternalName : ANIWZCS29X
LegalCopyright : Copyright © 2003, Alpha Networks Inc.
OriginalFilename : WZCSLDR2.exe

#:29 [zlclient.exe]
FilePath : C:\Program Files\Zone Labs\ZoneAlarm\
ProcessID : 3144
ThreadCreationTime : 05-02-2006 21:02:31
BasePriority : Normal
FileVersion : 6.1.737.000
ProductVersion : 6.1.737.000
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : zlclient.exe

#:30 [wmiprvse.exe]
FilePath : C:\WINDOWS\System32\wbem\
ProcessID : 3160
ThreadCreationTime : 05-02-2006 21:02:35
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : WMI
InternalName : Wmiprvse.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : Wmiprvse.exe

#:31 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 2216
ThreadCreationTime : 05-02-2006 21:02:43
BasePriority : Normal
FileVersion : 7.5.0311
ProductVersion : 7.5.0311
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:32 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 564
ThreadCreationTime : 05-02-2006 21:05:36
BasePriority : High
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

#:33 [ashsimpl.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 3380
ThreadCreationTime : 05-02-2006 21:06:44
BasePriority : Normal
FileVersion : 4, 6, 739, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
CompanyName : ALWIL Software
FileDescription : Virus scanner
InternalName : aswSimpl.exe
LegalCopyright : Copyright (c) 2005 ALWIL Software
OriginalFilename : aswSimpl.exe

#:34 [avast.setup]
FilePath : C:\Program Files\Alwil Software\Avast4\setup\
ProcessID : 3404
ThreadCreationTime : 05-02-2006 21:07:43
BasePriority : Normal

#:35 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2236
ThreadCreationTime : 05-02-2006 21:08:31
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 13

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Malware.Psguard Object Recognized!
Type : Regkey
Data :
TAC Rating : 7
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\winhound.com

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 1
Objects found so far: 14

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 14

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : brigitte@www.smartadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:brigitte@www.smartadserver.com/
Expires : 27-11-2010
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : brigitte@247realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:brigitte@247realmedia.com/
Expires : 01-01-2021 01:00:00
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : brigitte@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:brigitte@weborama.fr/
Expires : 05-02-2008 21:59:24
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : brigitte@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:brigitte@serving-sys.com/
Expires : 31-12-2037 23:00:00
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 4
Objects found so far: 18

Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 18

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 18

22:27:09 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:16:21.66
Objects scanned:132085
Objects identified:5
Objects ignored:0
New critical objects:5

Pour ce qui est du rapport HJT ADS, j obtiens toujours le message
"Alternate Data System not possible on NTFS Systems",

voici quand meme un rapport HJT normal

Logfile of HijackThis v1.99.1
Scan saved at 00:30:15, on 06/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\D-Link\Air USB Utility\AirCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\HijackThis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [D-Link Air USB Utility] C:\Program Files\D-Link\Air USB Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1134946951340
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1134946931672
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Program Files\Fichiers communs\AVM\de_serv.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Unknown owner - C:\Program Files\Protool\Digidesign\Drivers\MMERefresh.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

Je profite de l occasion pour vous remercier encore pour votre temps afin de reparer les saloperies que NOUS avons telecharge sur NOS becanes. Big up...
0
Réponse 22 / 32
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
salut pour se que te detecte adaware utilise ceci il devrait le virer
telecharge
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
tu le decompresse tu double clik dessus sur smitfraudfix.cmd et tu choisi l option 1
cela vas generer un rapport donne nous le
*******
redemarre en sans echec

relance le et choisi cette fois l option 2 et repond oui a tous
redemarre et donne le nouveau rapport
*******

redemarre
0
Réponse 23 / 32
Jean
 
Voici le 1er rapport
SmitFraudFix v2.16

Rapport fait à 23:05:16,89 le 06/02/2006
Executé à partir de C:\Program Files\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\Brigitte\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau

»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues

HKLM\SOFTWARE\WinHound.com Présent !

»»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pr‚-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="D‚mon de cache des cat‚gories de composant"

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport

Je redemarre et reposte...
0
Réponse 24 / 32
Jean
 
Voila le 2e...

SmitFraudFix v2.16

Rapport fait à 23:42:05,39 le 06/02/2006
Executé à partir de C:\Program Files\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

HKLM\SOFTWARE\WinHound.com supprimé

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport

Et je lance AdAware...
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 25 / 32
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
oki tient nous au courant
0
Réponse 26 / 32
Jean
 
L adversaire Adserver est de retour parmi nous...

Le Scan Log:

Ad-Aware SE Build 1.06r1
Logfile Created on:lundi 6 février 2006 23:56:50
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R90 03.02.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):9 total references
Tracking Cookie(TAC index:3):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

06-02-2006 23:56:50 - Scan started. (Full System Scan)

MRU List Object Recognized!
Location: : C:\Documents and Settings\Brigitte\recent
Description : list of recently opened documents

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d

MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X

MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened

MRU List Object Recognized!
Location: : S-1-5-21-3588590466-558522827-3833581854-1005\software\microsoft\windows media\wmsdk\general
Description : windows media sdk

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 560
ThreadCreationTime : 06-02-2006 22:45:16
BasePriority : Normal

#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 660
ThreadCreationTime : 06-02-2006 22:45:19
BasePriority : Normal

#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 824
ThreadCreationTime : 06-02-2006 22:45:20
BasePriority : High

#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 868
ThreadCreationTime : 06-02-2006 22:45:20
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 880
ThreadCreationTime : 06-02-2006 22:45:20
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1020
ThreadCreationTime : 06-02-2006 22:45:21
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1092
ThreadCreationTime : 06-02-2006 22:45:23
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1140
ThreadCreationTime : 06-02-2006 22:45:23
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1200
ThreadCreationTime : 06-02-2006 22:45:24
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1328
ThreadCreationTime : 06-02-2006 22:45:24
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1588
ThreadCreationTime : 06-02-2006 22:45:25
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:12 [aswupdsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1708
ThreadCreationTime : 06-02-2006 22:45:25
BasePriority : Normal

#:13 [ashserv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1724
ThreadCreationTime : 06-02-2006 22:45:26
BasePriority : High
FileVersion : 4, 6, 739, 0
ProductVersion : 4, 6, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright (c) 2005 ALWIL Software
OriginalFilename : aswServ.exe

#:14 [igdctrl.exe]
FilePath : C:\Program Files\FRITZ!DSL\
ProcessID : 1748
ThreadCreationTime : 06-02-2006 22:45:26
BasePriority : Normal
FileVersion : 1.00.01.2004
ProductVersion : 1.00.01.2004
ProductName : AVM IGD Service
CompanyName : AVM Berlin
FileDescription : AVM IGD Service
InternalName : igdctrl
LegalCopyright : © AVM Berlin 2004-2005
OriginalFilename : igdctrl.exe

#:15 [ctsvccda.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1772
ThreadCreationTime : 06-02-2006 22:45:26
BasePriority : Normal
FileVersion : 1.0.1.0
ProductVersion : 1.0.0.0
ProductName : Creative Service for CDROM Access
CompanyName : Creative Technology Ltd
FileDescription : Creative Service for CDROM Access
InternalName : CTsvcCDAEXE
LegalCopyright : Copyright (c) Creative Technology Ltd., 1999. All rights reserved.
OriginalFilename : CTsvcCDA.EXE

#:16 [ewidoctrl.exe]
FilePath : C:\Program Files\ewido anti-malware\
ProcessID : 1804
ThreadCreationTime : 06-02-2006 22:45:26
BasePriority : Normal
FileVersion : 3, 0, 0, 1
ProductVersion : 3, 0, 0, 1
ProductName : ewido control
CompanyName : ewido networks
FileDescription : ewido control
InternalName : ewido control
LegalCopyright : Copyright © 2004
OriginalFilename : ewidoctrl.exe

#:17 [mdm.exe]
FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\
ProcessID : 1844
ThreadCreationTime : 06-02-2006 22:45:26
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe

#:18 [nvsvc32.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1940
ThreadCreationTime : 06-02-2006 22:45:26
BasePriority : Normal
FileVersion : 6.13.10.2846
ProductVersion : 6.13.10.2846
ProductName : NVIDIA Driver Helper Service, Version 28.46
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 28.46
InternalName : NVSVC
LegalCopyright : (c) NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:19 [wdfmgr.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1992
ThreadCreationTime : 06-02-2006 22:45:27
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe

#:20 [vsmon.exe]
FilePath : C:\WINDOWS\system32\ZONELABS\
ProcessID : 2028
ThreadCreationTime : 06-02-2006 22:45:28
BasePriority : Normal
FileVersion : 6.1.737.000
ProductVersion : 6.1.737.000
ProductName : TrueVector Service
CompanyName : Zone Labs, LLC
FileDescription : TrueVector Service
InternalName : vsmon
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : vsmon.exe

#:21 [mspmspsv.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 408
ThreadCreationTime : 06-02-2006 22:45:33
BasePriority : Normal
FileVersion : 7.00.00.1954
ProductVersion : 7.00.00.1954
ProductName : Microsoft (R) DRM
CompanyName : Microsoft Corporation
FileDescription : WMDM PMSP Service
InternalName : MSPMSPSV.EXE
LegalCopyright : Copyright (C) Microsoft Corp. 1981-2000
OriginalFilename : MSPMSPSV.EXE

#:22 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 664
ThreadCreationTime : 06-02-2006 22:45:45
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

#:23 [aircfg.exe]
FilePath : C:\Program Files\D-Link\Air USB Utility\
ProcessID : 1860
ThreadCreationTime : 06-02-2006 22:46:02
BasePriority : Normal
FileVersion : 3, 2, 1, 40525
ProductVersion : 3, 2, 1, 40525
ProductName : Wireless LAN Monitor
CompanyName : D-Link
FileDescription : D-Link Wireless LAN Monitor
InternalName : WlanMonitor
LegalCopyright : Copyright 2003(C), D-Link. All Rights Reserved.
LegalTrademarks : D-Link
OriginalFilename : WlanMon.EXE
Comments : ANIO

#:24 [wzcsldr2.exe]
FilePath : C:\Program Files\ANI\ANIWZCS2 Service\
ProcessID : 220
ThreadCreationTime : 06-02-2006 22:46:07
BasePriority : Normal
FileVersion : 1, 0, 4, 40414
ProductVersion : 1, 0, 4, 40414
ProductName : ANIWZCS2 Service Launcher (9x)
CompanyName : Alpha Networks Inc.
FileDescription : ANIWZCS2 launcher for Windows.
InternalName : ANIWZCS29X
LegalCopyright : Copyright © 2003, Alpha Networks Inc.
OriginalFilename : WZCSLDR2.exe

#:25 [zlclient.exe]
FilePath : C:\Program Files\Zone Labs\ZoneAlarm\
ProcessID : 548
ThreadCreationTime : 06-02-2006 22:46:10
BasePriority : Normal
FileVersion : 6.1.737.000
ProductVersion : 6.1.737.000
ProductName : Zone Labs Client
CompanyName : Zone Labs, LLC
FileDescription : Zone Labs Client
InternalName : zlclient
LegalCopyright : Copyright © 1998-2005, Zone Labs, LLC
OriginalFilename : zlclient.exe

#:26 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 1980
ThreadCreationTime : 06-02-2006 22:46:15
BasePriority : Normal
FileVersion : 7.5.0311
ProductVersion : 7.5.0311
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:27 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2524
ThreadCreationTime : 06-02-2006 22:46:18
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:28 [ashmaisv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 3832
ThreadCreationTime : 06-02-2006 22:47:58
BasePriority : Normal

#:29 [ashwebsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 2280
ThreadCreationTime : 06-02-2006 22:48:02
BasePriority : Normal

#:30 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 4012
ThreadCreationTime : 06-02-2006 22:48:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:31 [iexplore.exe]
FilePath : C:\Program Files\Internet Explorer\
ProcessID : 2328
ThreadCreationTime : 06-02-2006 22:48:49
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : IEXPLORE.EXE

#:32 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 444
ThreadCreationTime : 06-02-2006 22:51:42
BasePriority : High
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

#:33 [notepad.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3780
ThreadCreationTime : 06-02-2006 22:52:15
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Bloc-notes
InternalName : Notepad
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : NOTEPAD.EXE

#:34 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2252
ThreadCreationTime : 06-02-2006 22:55:08
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 9

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : brigitte@www.smartadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:brigitte@www.smartadserver.com/
Expires : 27-11-2010
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : brigitte@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:brigitte@weborama.fr/
Expires : 07-02-2008 23:46:34
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 11

Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 11

00:10:04 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:13:13.721
Objects scanned:132251
Objects identified:2
Objects ignored:0
New critical objects:2
0
Réponse 27 / 32
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
si tu veut parler de ceci 
Tracking Cookie Object Recognized! 
Type : IECache Entry 
Data : brigitte@www.smartadserver[1].txt 
TAC Rating : 3 
Category : Data Miner 
Comment : Hits:1 
Value : Cookie:brigitte@www.smartadserver.com/ 
Expires : 27-11-2010 
LastSync : Hits:1 
UseCount : 0 
Hits : 1


c est un cookie
et a chaque fois que tu iras sur le site qu il l utilise tu le retrouveras rien d inquietant
0
Réponse 28 / 32
Jean
 
Ah ouf! Un cookie? LOL

Faut dire que tous ces softwares qui balancent des bruitages dignes de K2000 a chaque broutille... ^^

Pour etre bien sur je reposte un dernier HJT
0
Réponse 29 / 32
Jean
 
Logfile of HijackThis v1.99.1
Scan saved at 00:38:15, on 07/02/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
C:\WINDOWS\System32\CTSvcCDA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\D-Link\Air USB Utility\AirCFG.exe
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [D-Link Air USB Utility] C:\Program Files\D-Link\Air USB Utility\AirCFG.exe
O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1134946951340
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1134946931672
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVM IGD CTRL Service - AVM Berlin - C:\Program Files\FRITZ!DSL\IGDCTRL.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE
O23 - Service: AVM FRITZ!web Routing Service (de_serv) - AVM Berlin - C:\Program Files\Fichiers communs\AVM\de_serv.exe
O23 - Service: Digidesign MME Refresh Service (DigiRefresh) - Unknown owner - C:\Program Files\Protool\Digidesign\Drivers\MMERefresh.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

Et une question aussi:
tous les fichiers en quarantaine pas supprimés des logiciels que j ai utilisé, que se passe t il si je desinstalle le software? (je pense notamment aux freewares)

La cage s ouvre? (brrr)
Ou si tout est supprimé, ca peut entrainer l instabilité?

Merci encore pour tout aux nettoyeurs de ce forum
0
Réponse 30 / 32
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
non la cage ne s ouvre pas comme tu dit
de quelle log parle tu exactement de facon a te dire si tu les garde ou tu les vires
0
Réponse 31 / 32
Jean
 
Voila la zone de quarantaine d avast:

fichiers quarantaine avast

Scan des fichiers sélectionnés
------------------------------------------------------------------------------------------
Le programme va essayer de scanner le(s) 159 fichier(s) sélectionné(s) de la zone de quarantaine

Déplacer les fichiers vers le dossier temporaire : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp
ID du fichier : 0000000139 Nom original : C:\documents and settings\brigitte\local settings\temp\2.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\139.tmp
ID du fichier : 0000000053 Nom original : c:\docume~1\brigitte\locals~1\temp\2.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\53.tmp
ID du fichier : 0000000006 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\2.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\6.tmp
ID du fichier : 0000000082 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\3.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\82.tmp
ID du fichier : 0000000059 Nom original : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\4.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\59.tmp
ID du fichier : 0000000083 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\5.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\83.tmp
ID du fichier : 0000000007 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\8F.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\7.tmp
ID du fichier : 0000000008 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\92.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\8.tmp
ID du fichier : 0000000009 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\93.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\9.tmp
ID du fichier : 0000000010 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\94.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\10.tmp
ID du fichier : 0000000011 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\95.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\11.tmp
ID du fichier : 0000000012 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\96.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\12.tmp
ID du fichier : 0000000013 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\97.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\13.tmp
ID du fichier : 0000000015 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\98.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\15.tmp
ID du fichier : 0000000014 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\99.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\14.tmp
ID du fichier : 0000000016 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\9A.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\16.tmp
ID du fichier : 0000000017 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\9B.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\17.tmp
ID du fichier : 0000000018 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\9C.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\18.tmp
ID du fichier : 0000000019 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\9D.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\19.tmp
ID du fichier : 0000000020 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\9E.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\20.tmp
ID du fichier : 0000000021 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\9F.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\21.tmp
ID du fichier : 0000000022 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\A0.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\22.tmp
ID du fichier : 0000000090 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP326\A0052766.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\90.DLL
ID du fichier : 0000000091 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058130.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\91.dll
ID du fichier : 0000000092 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058131.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\92.dll
ID du fichier : 0000000093 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058132.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\93.dll
ID du fichier : 0000000094 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058133.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\94.dll
ID du fichier : 0000000095 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058134.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\95.dll
ID du fichier : 0000000096 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058135.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\96.dll
ID du fichier : 0000000097 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058136.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\97.dll
ID du fichier : 0000000098 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058137.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\98.dll
ID du fichier : 0000000099 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058138.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\99.dll
ID du fichier : 0000000100 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058139.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\100.dll
ID du fichier : 0000000101 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058150.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\101.dll
ID du fichier : 0000000102 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058151.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\102.dll
ID du fichier : 0000000103 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP339\A0058152.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\103.DLL
ID du fichier : 0000000024 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP349\A0058417.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\24.DLL
ID du fichier : 0000000025 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058473.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\25.dll
ID du fichier : 0000000026 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058474.pif Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\26.pif
ID du fichier : 0000000027 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058475.pif Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\27.pif
ID du fichier : 0000000028 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058476.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\28.DLL
ID du fichier : 0000000029 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058477.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\29.exe
ID du fichier : 0000000030 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058478.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\30.dll
ID du fichier : 0000000031 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058479.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\31.exe
ID du fichier : 0000000104 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058495.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\104.DLL
ID du fichier : 0000000105 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058496.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\105.DLL
ID du fichier : 0000000106 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058497.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\106.DLL
ID du fichier : 0000000107 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058498.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\107.DLL
ID du fichier : 0000000108 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058499.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\108.DLL
ID du fichier : 0000000109 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058502.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\109.dll
ID du fichier : 0000000110 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058503.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\110.dll
ID du fichier : 0000000111 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058504.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\111.dll
ID du fichier : 0000000112 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058505.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\112.dll
ID du fichier : 0000000113 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP350\A0058506.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\113.dll
ID du fichier : 0000000114 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP353\A0058768.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\114.exe
ID du fichier : 0000000115 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP353\A0058769.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\115.exe
ID du fichier : 0000000116 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP353\A0058770.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\116.exe
ID du fichier : 0000000117 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP353\A0058771.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\117.exe
ID du fichier : 0000000118 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP353\A0058772.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\118.exe
ID du fichier : 0000000119 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP353\A0058773.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\119.exe
ID du fichier : 0000000120 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP353\A0058774.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\120.exe
ID du fichier : 0000000121 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP353\A0058775.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\121.exe
ID du fichier : 0000000122 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP353\A0058776.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\122.exe
ID du fichier : 0000000123 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP353\A0058777.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\123.exe
ID du fichier : 0000000124 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP353\A0058778.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\124.exe
ID du fichier : 0000000125 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP353\A0058779.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\125.dll
ID du fichier : 0000000140 Nom original : C:\system volume information\_restore{68e0937d-5a01-4a43-a73e-74f5193d0ff8}\rp353\a0061796.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\140.dll
ID du fichier : 0000000141 Nom original : C:\system volume information\_restore{68e0937d-5a01-4a43-a73e-74f5193d0ff8}\rp353\a0061797.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\141.dll
ID du fichier : 0000000142 Nom original : C:\system volume information\_restore{68e0937d-5a01-4a43-a73e-74f5193d0ff8}\rp353\a0061799.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\142.dll
ID du fichier : 0000000143 Nom original : C:\system volume information\_restore{68e0937d-5a01-4a43-a73e-74f5193d0ff8}\rp353\a0061800.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\143.dll
ID du fichier : 0000000144 Nom original : C:\system volume information\_restore{68e0937d-5a01-4a43-a73e-74f5193d0ff8}\rp353\a0061801.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\144.dll
ID du fichier : 0000000145 Nom original : C:\system volume information\_restore{68e0937d-5a01-4a43-a73e-74f5193d0ff8}\rp354\a0061804.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\145.exe
ID du fichier : 0000000146 Nom original : C:\system volume information\_restore{68e0937d-5a01-4a43-a73e-74f5193d0ff8}\rp354\a0061805.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\146.exe
ID du fichier : 0000000147 Nom original : C:\system volume information\_restore{68e0937d-5a01-4a43-a73e-74f5193d0ff8}\rp354\a0061806.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\147.exe
ID du fichier : 0000000161 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP354\A0063393.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\161.dll
ID du fichier : 0000000162 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP354\A0063918.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\162.dll
ID du fichier : 0000000036 Nom original : C:\WINDOWS\APIKC32.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\36.DLL
ID du fichier : 0000000138 Nom original : C:\windows\system32\appki.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\138.exe
ID du fichier : 0000000076 Nom original : C:\WINDOWS\appqr.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\76.exe
ID du fichier : 0000000043 Nom original : C:\WINDOWS\system32\atlnc32.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\43.dll
ID du fichier : 0000000133 Nom original : C:\WINDOWS\aykow.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\133.dll
ID du fichier : 0000000067 Nom original : C:\WINDOWS\ceuvc.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\67.dll
ID du fichier : 0000000068 Nom original : C:\WINDOWS\system32\crtt32.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\68.exe
ID du fichier : 0000000127 Nom original : C:\WINDOWS\eohnb.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\127.dll
ID du fichier : 0000000072 Nom original : C:\WINDOWS\fdgwpv.dat Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\72.dat
ID du fichier : 0000000131 Nom original : C:\WINDOWS\frqha.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\131.dll
ID du fichier : 0000000003 Nom original : C:\WINDOWS\Germany.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\3.exe
ID du fichier : 0000000044 Nom original : C:\WINDOWS\gmkbn.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\44.dll
ID du fichier : 0000000050 Nom original : C:\WINDOWS\system32\ieve.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\50.dll
ID du fichier : 0000000077 Nom original : C:\WINDOWS\ievi.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\77.exe
ID du fichier : 0000000070 Nom original : C:\WINDOWS\system32\ippt32.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\70.exe
ID du fichier : 0000000049 Nom original : C:\WINDOWS\system32\jhske.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\49.dll
ID du fichier : 0000000134 Nom original : C:\WINDOWS\system32\jhske.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\134.dll
ID du fichier : 0000000065 Nom original : C:\WINDOWS\jjkrq.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\65.dll
ID du fichier : 0000000154 Nom original : C:\WINDOWS\kcyxk.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\154.dll
ID du fichier : 0000000063 Nom original : C:\WINDOWS\kezhm.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\63.dll
ID du fichier : 0000000057 Nom original : C:\WINDOWS\lciti.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\57.dll
ID du fichier : 0000000066 Nom original : C:\WINDOWS\system32\levkp.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\66.dll
ID du fichier : 0000000054 Nom original : C:\WINDOWS\lhlou.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\54.dll
ID du fichier : 0000000064 Nom original : C:\WINDOWS\lpegj.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\64.dll
ID du fichier : 0000000048 Nom original : C:\WINDOWS\lwgmu.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\48.dll
ID du fichier : 0000000046 Nom original : C:\WINDOWS\lzycm.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\46.dll
ID du fichier : 0000000078 Nom original : C:\WINDOWS\mfcrk32.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\78.exe
ID du fichier : 0000000136 Nom original : C:\windows\mfcvk.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\136.exe
ID du fichier : 0000000074 Nom original : C:\WINDOWS\mfcwl32.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\74.exe
ID du fichier : 0000000023 Nom original : C:\System Volume Information\_restore{68E0937D-5A01-4A43-A73E-74F5193D0FF8}\RP325\snapshot\MFEX-1.DAT Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\23.DAT
ID du fichier : 0000000061 Nom original : C:\WINDOWS\mlvdr.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\61.dll
ID du fichier : 0000000055 Nom original : C:\WINDOWS\mqvsj.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\55.dll
ID du fichier : 0000000005 Nom original : C:\ms32.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\5.exe
ID du fichier : 0000000137 Nom original : C:\windows\mspe.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\137.exe
ID du fichier : 0000000079 Nom original : C:\WINDOWS\msvf.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\79.exe
ID du fichier : 0000000001 Nom original : C:\WINDOWS\system32\msw32.pif Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\1.pif
ID du fichier : 0000000069 Nom original : C:\WINDOWS\system32\mszn.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\69.exe
ID du fichier : 0000000040 Nom original : C:\WINDOWS\SYSTEM32\NETAK32.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\40.DLL
ID du fichier : 0000000052 Nom original : C:\WINDOWS\nitex.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\52.dll
ID du fichier : 0000000047 Nom original : C:\WINDOWS\system32\nthv32.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\47.dll
ID du fichier : 0000000135 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\135.dll
ID du fichier : 0000000148 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\148.dll
ID du fichier : 0000000149 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\149.dll
ID du fichier : 0000000150 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\150.dll
ID du fichier : 0000000151 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\151.dll
ID du fichier : 0000000152 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\152.dll
ID du fichier : 0000000153 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\153.dll
ID du fichier : 0000000132 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\132.dll
ID du fichier : 0000000156 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\156.dll
ID du fichier : 0000000157 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\157.dll
ID du fichier : 0000000158 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\158.dll
ID du fichier : 0000000159 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\159.dll
ID du fichier : 0000000160 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\160.dll
ID du fichier : 0000000128 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\128.dll
ID du fichier : 0000000155 Nom original : C:\WINDOWS\nxmwl.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\155.dll
ID du fichier : 0000000035 Nom original : C:\WINDOWS\SYSTEM32\OLEEXT.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\35.DLL
ID du fichier : 0000000058 Nom original : C:\WINDOWS\pieic.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\58.dll
ID du fichier : 0000000126 Nom original : C:\WINDOWS\system32\qmeep.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\126.dll
ID du fichier : 0000000051 Nom original : C:\WINDOWS\system32\rfojc.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\51.dll
ID du fichier : 0000000071 Nom original : C:\WINDOWS\system32\sdkky32.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\71.exe
ID du fichier : 0000000075 Nom original : C:\WINDOWS\sysxc32.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\75.exe
ID du fichier : 0000000085 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\temp.fr3247 Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\85.fr3247
ID du fichier : 0000000086 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\temp.fr724B Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\86.fr724B
ID du fichier : 0000000089 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\temp.fr7500 Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\89.fr7500
ID du fichier : 0000000087 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\temp.fr9431 Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\87.fr9431
ID du fichier : 0000000084 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\temp.frABCF Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\84.frABCF
ID du fichier : 0000000088 Nom original : C:\Documents and Settings\Brigitte\Local Settings\Temp\temp.frEF1B Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\88.frEF1B
ID du fichier : 0000000056 Nom original : C:\docume~1\brigitte\locals~1\temp\trz81.tmp Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\56.tmp
ID du fichier : 0000000062 Nom original : C:\WINDOWS\system32\ttofp.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\62.dll
ID du fichier : 0000000129 Nom original : C:\WINDOWS\system32\ttofp.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\129.dll
ID du fichier : 0000000081 Nom original : C:\WINDOWS\tvpvwg.dat Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\81.dat
ID du fichier : 0000000080 Nom original : C:\WINDOWS\tzxjk.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\80.dll
ID du fichier : 0000000060 Nom original : C:\WINDOWS\upwrr.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\60.dll
ID du fichier : 0000000042 Nom original : C:\WINDOWS\system32\utkuz.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\42.dll
ID du fichier : 0000000041 Nom original : C:\WINDOWS\system32\utkuz.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\41.dll
ID du fichier : 0000000039 Nom original : C:\WINDOWS\SYSTEM32\UTKUZ.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\39.DLL
ID du fichier : 0000000045 Nom original : C:\WINDOWS\system32\utkuz.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\45.dll
ID du fichier : 0000000130 Nom original : C:\WINDOWS\vwcek.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\130.dll
ID du fichier : 0000000004 Nom original : C:\WINDOWS\$NtUninstallKB834707-IE6-20040929.115007$\wininet.dll Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\4.dll
ID du fichier : 0000000002 Nom original : C:\WINDOWS\LastGood\System32\WININET.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\2.DLL
ID du fichier : 0000000073 Nom original : C:\WINDOWS\winny32.exe Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\73.exe
ID du fichier : 0000000038 Nom original : C:\WINDOWS\ZABGHD.DAT Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\38.DAT
ID du fichier : 0000000037 Nom original : C:\WINDOWS\ZYLMA.DLL Nouveau dossier : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\37.DLL

Scan des fichiers du dossier temporaire : C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\139.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\53.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\6.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\82.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\59.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\83.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\7.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\8.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\9.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\10.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\11.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\12.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\13.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\15.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\14.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\16.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\17.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\18.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\19.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\20.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\21.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\22.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\90.DLL Win32:Trojano-3263 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\91.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\92.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\93.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\94.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\95.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\96.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\97.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\98.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\99.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\100.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\101.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\102.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\103.DLL Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\24.DLL Win32:Nsag-B [Dll]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\25.dll Win32:Nsag-B [Dll]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\26.pif Win32:Rbot-AMX [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\27.pif Win32:Rbot-AMR [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\28.DLL Win32:Nsag-B [Dll]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\29.exe Win32:Dialer-484 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\30.dll Win32:Nsag-B [Dll]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\31.exe Win32:Trojano-1668 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\104.DLL Win32:Trojano-3326 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\105.DLL Win32:Trojano-3383 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\106.DLL Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\107.DLL Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\108.DLL Win32:Trojano-3320 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\109.dll Win32:Trojano-3383 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\110.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\111.dll Win32:Trojano-3320 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\112.dll Win32:Trojano-3320 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\113.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\114.exe Win32:Trojano-3294 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\115.exe Win32:Trojano-3294 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\116.exe Win32:Trojano-3294 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\117.exe Win32:Trojano-3329 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\118.exe Win32:Trojano-3255 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\119.exe Win32:Trojano-3259 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\120.exe Win32:Trojano-3259 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\121.exe Win32:Trojano-3294 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\122.exe Win32:Trojano-3294 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\123.exe Win32:Trojano-3329 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\124.exe Win32:Trojano-3358 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\125.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\140.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\141.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\142.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\143.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\144.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\145.exe Win32:Agent-HH[Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\146.exe Win32:Agent-HH[Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\147.exe Win32:Agent-HH[Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\161.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\162.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\36.DLL Win32:Trojano-3383 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\138.exe Win32:Agent-HH[Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\76.exe Win32:Trojano-3294 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\43.dll Win32:Trojano-3383 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\133.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\67.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\68.exe Win32:Trojano-3294 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\127.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\72.dat Win32:Trojano-3383 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\131.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\3.exe Win32:Dialer-484 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\44.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\50.dll Win32:Trojano-3320 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\77.exe Win32:Trojano-3294 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\70.exe Win32:Trojano-3294 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\49.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\134.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\65.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\154.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\63.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\57.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\66.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\54.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\64.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\48.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\46.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\78.exe Win32:Trojano-3329 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\136.exe Win32:Agent-HH[Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\74.exe Win32:Trojano-3259 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\23.DAT Win32:Nsag-B [Dll]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\61.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\55.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\5.exe Win32:Trojano-1668 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\137.exe Win32:Agent-HH[Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\79.exe Win32:Trojano-3358 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\1.pif Win32:Rbot-AMR [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\69.exe Win32:Trojano-3294 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\40.DLL Win32:Trojano-3320 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\52.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\47.dll Win32:Trojano-3320 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\135.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\148.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\149.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\150.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\151.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\152.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\153.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\132.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\156.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\157.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\158.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\159.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\160.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\128.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\155.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\35.DLL Win32:Trojano-3326 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\58.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\126.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\51.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\71.exe Win32:Trojano-3329 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\75.exe Win32:Trojano-3259 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\85.fr3247 Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\86.fr724B Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\89.fr7500 Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\87.fr9431 Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\84.frABCF Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\88.frEF1B Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\56.tmp Win32:Trojano-3099 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\62.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\129.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\81.dat Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\80.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\60.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\42.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\41.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\39.DLL Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\45.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\130.dll Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\4.dll Win32:Nsag-B [Dll]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\2.DLL Win32:Nsag-B [Dll]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\73.exe Win32:Trojano-3255 [Trj]
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\38.DAT Win32:Trojan-gen. {Other}
C:\DOCUME~1\Brigitte\LOCALS~1\Temp\_avast4_\unp153704511.tmp\37.DLL Win32:Trojan-gen. {Other}
------------------------------------------------------------------------------------------
L'action a été accomplie avec succès !

et sur Ewido j ai plein de .dll et de .exe des dossier C\Windows, C\Windows\Systeme 32, C\Systeme Volume Information\, C\Programe Files\Back Up.

Il y a notamment plein de .exe et .dll de C\Systeme Volumme Information\ dont le nom commence par "_restore"

Je sais que ce n est pas d une precision folle, mais je vois pas le moyen de faire de log de la zone de quarantaine d Ewido.

En bas de la fenetre de zone de quarantaine, il y a ecrit "Fichier(s) en quarantaine supprimés avec succes"... et pourtant j ai la possibilité de supprimer le fichier dans le menu contextuel de chaque item.

Desole de pas etre plus precis; mais je voudrais eviter de supprimer des fichiers essentiels apres avoir passer mon pc au karcher...

Merci d avance pour vos idees
0
Réponse 32 / 32
balltrap34 Messages postés 16241 Statut Contributeur sécurité 332
 
salut si ton pc tourne bien comme ceci
au bout de quelque jours tu peut tous virer de la quarantaine
se qu il y a a l interieur pas le dossier quarantaine
0
noemie
 
salut

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 18:30:50, on 01/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\WINDOWS\winmsgr.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\OrangeHSS\Launcher\Launcher.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\eMule\emule.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\OrangeHSS\Deskboard\deskboard.exe
C:\Program Files\OrangeHSS\connectivity\connectivitymanager.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\CoreCom.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\OrangeHSS\connectivity\CoreCom\OraConfigRecover.exe
C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTCOMModule\0\FTCOMModule.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Noemie\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.cybertek.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.cybertek.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [schedule] C:\Program Files\InterVideo\Backup\Schedule.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [WINCINEMAMGR] "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [WinMsg] C:\WINDOWS\winmsgr.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\Save\Save.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ORAHSSStartup] "C:\Program Files\OrangeHSS\Launcher\Launcher.exe" -appid connectivityapp
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LogWinModeBat] C:\Documents and Settings\All Users\Application Data\Mfcd Dupe Log Win\01intra.exe
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Size boob] C:\DOCUME~1\Noemie\APPLIC~1\PROXYW~1\Nurb Iso Htm.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor.exe
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZJfox000
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Fichiers communs\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=www.cybertek.fr
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab50997.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {AF2E62B6-F9E1-4D4F-A10A-9DC8E6DCBCC0} (VideoEgg ActiveX Loader) - http://update.videoegg.com/Install/Windows/Initial/VideoEggPublisher.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O20 - AppInit_DLLs: c:\progra~1\google\google~1\goec62~1.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - Unknown owner - C:\PROGRA~1\FICHIE~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Software Jukebox v2.0 Service - Unknown owner - C:\Program Files\Fichiers communs\Microsoft Shared\Service\Software Jukebox v2.0 Service File.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
0

Discussions similaires

Google Chrome "  Échec de l'analyse antivirus "
jmpower -
RBmoon -

18 réponses
" Échec de l'analyse antivirus " la solution.
bazfile -
bazfile -

0 réponse
Huawei P8 Lite "nouveau tag ajouté"
ArianeKathleen -
Mn -

25 réponses
Nouveau tag ajouté - Utilité
Eerfers -
madmyke -

1 réponse
Échec de l'analyse anti virus.
alice1414 -
bazfile -

3 réponses