Demande d'aide contre Win32
chouchouro
Messages postés
6
Statut
Membre
-
Séb08 Messages postés 18169 Date d'inscription Statut Contributeur Dernière intervention -
Séb08 Messages postés 18169 Date d'inscription Statut Contributeur Dernière intervention -
Bonjour à tous,
J'ai attrapé ce cher Win 32. Voici le log, si quelqu'un pouvait m'aider à l'éradiquer.
Merci.
Logfile of HijackThis v1.99.1
Scan saved at 18:31:46, on 11/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\amelia\Local Settings\Temporary Internet Files\Content.IE5\AHPR8AS5\HijackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&ie=UTF-8&gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF93E58C-9625-41A3-B88C-911F38580683}: NameServer = 86.64.145.141 84.103.237.141
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
J'ai attrapé ce cher Win 32. Voici le log, si quelqu'un pouvait m'aider à l'éradiquer.
Merci.
Logfile of HijackThis v1.99.1
Scan saved at 18:31:46, on 11/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\amelia\Local Settings\Temporary Internet Files\Content.IE5\AHPR8AS5\HijackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&ie=UTF-8&gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF93E58C-9625-41A3-B88C-911F38580683}: NameServer = 86.64.145.141 84.103.237.141
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
A voir également:
- Demande d'aide contre Win32
- Puabundler win32 rostpay ✓ - Forum Antivirus
- Puadimanager win32/offercore ✓ - Forum Virus
- PUADlManager:Win32/OfferCore ✓ - Forum Virus
- Trojan win32 - Forum Virus
- Télécharger win32 valide pour windows 7 gratuit ✓ - Forum Réseaux sociaux
9 réponses
Merci de procéder dans l’ordre,
Télécharge TOUS ces programmes (si tu ne les as pas), installe-les.
Fais les mises à jour des progr 1/, 2/, 3/
Scan avec TOUS, COLLE comme demandé les rapports de 0/, 3/ & 6/
1/ -Ad-Aware (gratuit) :
Tutorial et téléchargement ici :
https://forums.cnetfrance.fr
2/ - Spybot (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html
3/ - Ewido (download)- gratuit même après 14 jours d’essai
http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
Copie/COLLE le rapport généré sur ce forum
Pour certaines versions de Windows antérieures à XP, Ewido peut ne pas être compatible
Dans ce cas, il te faudra utiliser a-squared free et demander une clef pour son usage gratuit
https://www.emsisoft.com/fr/
4/ - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
https://www.ccleaner.com/ccleaner/download
Tutorial ici:
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
6/ - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
https://assiste.com/404_La_page_demandee_n_existe_pas.php
http://www.bitdefender.fr/scan8/ie.html
Copie/COLLE le rapport entier
Télécharge TOUS ces programmes (si tu ne les as pas), installe-les.
Fais les mises à jour des progr 1/, 2/, 3/
Scan avec TOUS, COLLE comme demandé les rapports de 0/, 3/ & 6/
1/ -Ad-Aware (gratuit) :
Tutorial et téléchargement ici :
https://forums.cnetfrance.fr
2/ - Spybot (gratuit) :
http://telecharger.01net.com/windows/Internet/internet_utlitaire/fiches/26157.html
3/ - Ewido (download)- gratuit même après 14 jours d’essai
http://perso.wanadoo.fr/entraide-hijackthis/Ewido/
Copie/COLLE le rapport généré sur ce forum
Pour certaines versions de Windows antérieures à XP, Ewido peut ne pas être compatible
Dans ce cas, il te faudra utiliser a-squared free et demander une clef pour son usage gratuit
https://www.emsisoft.com/fr/
4/ - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
https://www.ccleaner.com/ccleaner/download
Tutorial ici:
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
6/ - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
https://assiste.com/404_La_page_demandee_n_existe_pas.php
http://www.bitdefender.fr/scan8/ie.html
Copie/COLLE le rapport entier
re
1/ - désinstalle ce jeu , source de blems : BOONTY
2/ - pas de pare-feu apparent ??
(A)- Si tu n’ as pas de pare-feu, autre que le ‘joujou’ de Windows (à désactiver), je te conseille Kerio (gratuit même après les 30 jours d’ essai)
Tutorial et téléchargement ici :
https://www.vulgarisation-informatique.com/kerio.php
(B)- Règle d’ or à respecter : 1 seul pare-feu, 1 seul antivirus
1/ - désinstalle ce jeu , source de blems : BOONTY
2/ - pas de pare-feu apparent ??
(A)- Si tu n’ as pas de pare-feu, autre que le ‘joujou’ de Windows (à désactiver), je te conseille Kerio (gratuit même après les 30 jours d’ essai)
Tutorial et téléchargement ici :
https://www.vulgarisation-informatique.com/kerio.php
(B)- Règle d’ or à respecter : 1 seul pare-feu, 1 seul antivirus
merci de ta réponse et de tes conseils
j'ai fait ad aware et ewido, bitdefender est en cours. Je te laisse les rapports des 2 que je viens de citer
Ewido:
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 19:46:36, 11/06/2006
+ Somme de contrôle: CA32C8D8
+ Résultats du scan:
HKU\S-1-5-21-861567501-287218729-839522115-1003\Software\Prodiff\rmxnavigator\shopping\\sh163 -> Adware.Locators : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@boonty.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@c.enhance[1].txt -> TrackingCookie.Enhance : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@com[1].txt -> TrackingCookie.Com : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@cz3.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@cz5.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@ivwbox[2].txt -> TrackingCookie.Ivwbox : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@vip.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@web-stat[2].txt -> TrackingCookie.Web-stat : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@www.epilot[1].txt -> TrackingCookie.Epilot : Nettoyer et sauvegarder
::Fin du rapport
Ad aware:
Ad-Aware SE Build 1.06r1
Logfile Created on:dimanche 11 juin 2006 18:10:36
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R111 08.06.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):19 total references
Tracking Cookie(TAC index:3):30 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
11-06-2006 18:10:36 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\amelia\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\google\navclient\1.1\history
Description : list of recently used search terms in the google toolbar
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 476
ThreadCreationTime : 11-06-2006 11:22:20
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 532
ThreadCreationTime : 11-06-2006 11:22:24
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 556
ThreadCreationTime : 11-06-2006 11:22:24
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 604
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 616
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 768
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 812
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 876
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 924
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 968
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1308
ThreadCreationTime : 11-06-2006 11:22:27
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [e_s10ic2.exe]
FilePath : C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\
ProcessID : 1460
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
FileVersion : 3.08
ProductVersion : 3.08
ProductName : EPSON Status Monitor 3
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Status Monitor 3
InternalName : E_S10IC2
LegalCopyright : Copyright (C) SEIKO EPSON CORP. 2003
OriginalFilename : E_S10IC2.EXE
#:13 [camtray.exe]
FilePath : C:\Program Files\Creative\Shared Files\
ProcessID : 1488
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
FileVersion : 3.4.1.0
ProductVersion : 2.00
ProductName : PC-CAM Center
CompanyName : Creative Technology Ltd
FileDescription : PC-CAM Center Launcher Application
InternalName : PC-CAM Center Launcher Application
LegalCopyright : Copyright (c) Creative Technology Ltd., 2002. All rights reserved.
OriginalFilename : CamTray.EXE
#:14 [ashdisp.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ProcessID : 1496
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
FileVersion : 5, 0, 0, 0
ProductVersion : 5, 0, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright (c) 2006 ALWIL Software
OriginalFilename : aswDisp.exe
#:15 [msgplus.exe]
FilePath : C:\Program Files\MessengerPlus! 3\
ProcessID : 1516
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
#:16 [alcxmntr.exe]
FilePath : C:\WINDOWS\
ProcessID : 1528
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
FileVersion : 1.5
ProductVersion : 1.5
ProductName : Realtek Audio - Event Monitor
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Audio - Event Monitor
InternalName : Alcxmntr
LegalCopyright : Copyright (c) 2004 Realtek Semiconductor Corp.
OriginalFilename : Alcxmntr.exe
#:17 [apdproxy.exe]
FilePath : C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\
ProcessID : 1556
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
#:18 [wkufind.exe]
FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\
ProcessID : 1580
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
FileVersion : 9.00.0603.0
ProductVersion : 9.00.0603.0
ProductName : Update Detection Module
CompanyName : Microsoft® Corporation
FileDescription : Détection Microsoft® Works Update
InternalName : WkUFind
LegalCopyright : Copyright © 1987-2003 Microsoft Corporation.
OriginalFilename : WkUFind.exe
#:19 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1636
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:20 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 1652
ThreadCreationTime : 11-06-2006 11:22:29
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright (c) Microsoft Corporation 2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:21 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 184
ThreadCreationTime : 11-06-2006 11:22:35
BasePriority : Normal
FileVersion : 7.5.0324
ProductVersion : 7.5.0324
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe
#:22 [aswupdsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 508
ThreadCreationTime : 11-06-2006 11:23:35
BasePriority : Normal
#:23 [ashserv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 324
ThreadCreationTime : 11-06-2006 11:23:35
BasePriority : High
FileVersion : 4, 7, 844, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright (c) 2006 ALWIL Software
OriginalFilename : aswServ.exe
#:24 [cdac11ba.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 672
ThreadCreationTime : 11-06-2006 11:23:35
BasePriority : Normal
FileVersion : 4.20.020
ProductVersion : 4.20.020 Windows NT 2002/12/10
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002 Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English
#:25 [inetinfo.exe]
FilePath : C:\WINDOWS\System32\inetsrv\
ProcessID : 856
ThreadCreationTime : 11-06-2006 11:23:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Services Internet (IIS)
CompanyName : Microsoft Corporation
FileDescription : Services Internet (IIS)
InternalName : INETINFO.EXE
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : INETINFO.EXE
#:26 [mdm.exe]
FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\
ProcessID : 944
ThreadCreationTime : 11-06-2006 11:23:37
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe
#:27 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1752
ThreadCreationTime : 11-06-2006 11:23:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:28 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1976
ThreadCreationTime : 11-06-2006 11:23:47
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:29 [ashmaisv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 2504
ThreadCreationTime : 11-06-2006 11:24:01
BasePriority : Normal
#:30 [ashwebsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 2612
ThreadCreationTime : 11-06-2006 11:24:02
BasePriority : Normal
#:31 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2816
ThreadCreationTime : 11-06-2006 11:24:04
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:32 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2420
ThreadCreationTime : 11-06-2006 11:48:13
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE
#:33 [ashsimpl.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1628
ThreadCreationTime : 11-06-2006 16:05:03
BasePriority : Normal
FileVersion : 4, 7, 844, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
CompanyName : ALWIL Software
FileDescription : Virus scanner
InternalName : aswSimpl.exe
LegalCopyright : Copyright (c) 2006 ALWIL Software
OriginalFilename : aswSimpl.exe
#:34 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1604
ThreadCreationTime : 11-06-2006 16:09:55
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@www.smartadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:127
Value : Cookie:amelia@www.smartadserver.com/
Expires : 06-06-2026 18:10:10
LastSync : Hits:127
UseCount : 0
Hits : 127
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@casalemedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:70
Value : Cookie:amelia@casalemedia.com/
Expires : 02-06-2007 06:24:08
LastSync : Hits:70
UseCount : 0
Hits : 70
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@bluestreak[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:112
Value : Cookie:amelia@bluestreak.com/
Expires : 06-06-2016 17:50:56
LastSync : Hits:112
UseCount : 0
Hits : 112
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:44
Value : Cookie:amelia@tradedoubler.com/
Expires : 02-06-2026 19:20:58
LastSync : Hits:44
UseCount : 0
Hits : 44
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:15
Value : Cookie:amelia@2o7.net/
Expires : 10-06-2011 15:32:14
LastSync : Hits:15
UseCount : 0
Hits : 15
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@cgi-bin[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:24
Value : Cookie:amelia@imrworldwide.com/cgi-bin
Expires : 23-05-2016 23:23:00
LastSync : Hits:24
UseCount : 0
Hits : 24
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@weborama[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:113
Value : Cookie:amelia@weborama.fr/
Expires : 08-06-2011 14:33:12
LastSync : Hits:113
UseCount : 0
Hits : 113
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:32
Value : Cookie:amelia@tribalfusion.com/
Expires : 01-01-2038 02:00:00
LastSync : Hits:32
UseCount : 0
Hits : 32
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@247realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:amelia@247realmedia.com/
Expires : 01-01-2021 02:00:00
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@www.cibleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:175
Value : Cookie:amelia@www.cibleclick.com/
Expires : 19-05-2036 17:26:50
LastSync : Hits:175
UseCount : 0
Hits : 175
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@fl01.ct2.comclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:431
Value : Cookie:amelia@fl01.ct2.comclick.com/
Expires : 10-01-2029 02:00:00
LastSync : Hits:431
UseCount : 0
Hits : 431
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:24
Value : Cookie:amelia@ads.pointroll.com/
Expires : 01-01-2010 02:00:00
LastSync : Hits:24
UseCount : 0
Hits : 24
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@apmebf[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:amelia@apmebf.com/
Expires : 26-05-2011 17:12:04
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@estat[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:56
Value : Cookie:amelia@estat.com/
Expires : 22-05-2016 19:59:56
LastSync : Hits:56
UseCount : 0
Hits : 56
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@questionmarket[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:amelia@questionmarket.com/
Expires : 12-07-2006 04:11:54
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@geo113prod.kadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:amelia@geo113prod.kadserver.com/
Expires : 28-05-2006 19:15:38
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@as1.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:68
Value : Cookie:amelia@as1.falkag.de/
Expires : 08-08-2006 19:46:56
LastSync : Hits:68
UseCount : 0
Hits : 68
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@adserver.advertstream[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:amelia@adserver.advertstream.com/
Expires : 28-11-2015 22:36:22
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:amelia@adtech.de/
Expires : 23-05-2016 16:00:00
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@promo.casinotropez[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:amelia@promo.casinotropez.com/
Expires : 27-05-2011 13:03:12
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@bs.serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:amelia@bs.serving-sys.com/
Expires : 01-01-2038
LastSync : Hits:10
UseCount : 0
Hits : 10
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@real[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:amelia@real.com/
Expires : 26-07-2006 17:12:34
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@adserver.aol[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:amelia@adserver.aol.fr/
Expires : 04-06-2016 19:21:20
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@ads.multimania.lycos[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:14
Value : Cookie:amelia@ads.multimania.lycos.fr/
Expires : 10-06-2006 14:33:16
LastSync : Hits:14
UseCount : 0
Hits : 14
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@countus.get.kadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:amelia@countus.get.kadserver.com/
Expires : 29-05-2006 10:53:24
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:82
Value : Cookie:amelia@serving-sys.com/
Expires : 01-01-2038
LastSync : Hits:82
UseCount : 0
Hits : 82
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@cs.sexcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:71
Value : Cookie:amelia@cs.sexcounter.com/
Expires : 12-05-2024 20:07:28
LastSync : Hits:71
UseCount : 0
Hits : 71
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 27
Objects found so far: 46
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@estat[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\amelia\Local Settings\Temp\Cookies\amelia@estat[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\amelia\Local Settings\Temp\Cookies\amelia@serving-sys[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\amelia\Local Settings\Temp\Cookies\amelia@weborama[2].txt
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 49
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 49
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 49
18:38:37 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:28:01.56
Objects scanned:170024
Objects identified:30
Objects ignored:0
New critical objects:30
Merci
j'ai fait ad aware et ewido, bitdefender est en cours. Je te laisse les rapports des 2 que je viens de citer
Ewido:
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 19:46:36, 11/06/2006
+ Somme de contrôle: CA32C8D8
+ Résultats du scan:
HKU\S-1-5-21-861567501-287218729-839522115-1003\Software\Prodiff\rmxnavigator\shopping\\sh163 -> Adware.Locators : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@boonty.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@c.enhance[1].txt -> TrackingCookie.Enhance : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@com[1].txt -> TrackingCookie.Com : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@cz3.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@cz5.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@ivwbox[2].txt -> TrackingCookie.Ivwbox : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@vip.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@web-stat[2].txt -> TrackingCookie.Web-stat : Nettoyer et sauvegarder
C:\Documents and Settings\amelia\Cookies\amelia@www.epilot[1].txt -> TrackingCookie.Epilot : Nettoyer et sauvegarder
::Fin du rapport
Ad aware:
Ad-Aware SE Build 1.06r1
Logfile Created on:dimanche 11 juin 2006 18:10:36
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R111 08.06.2006
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
MRU List(TAC index:0):19 total references
Tracking Cookie(TAC index:3):30 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file
Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects
11-06-2006 18:10:36 - Scan started. (Full System Scan)
MRU List Object Recognized!
Location: : C:\Documents and Settings\amelia\recent
Description : list of recently opened documents
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\google\navclient\1.1\history
Description : list of recently used search terms in the google toolbar
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct3d
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\direct3d\mostrecentapplication
Description : most recent application to use microsoft direct X
MRU List Object Recognized!
Location: : software\microsoft\directdraw\mostrecentapplication
Description : most recent application to use microsoft directdraw
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\directinput\mostrecentapplication
Description : most recent application to use microsoft directinput
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\internet explorer
Description : last download directory used in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\internet explorer\typedurls
Description : list of recently entered addresses in microsoft internet explorer
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\mediaplayer\player\recentfilelist
Description : list of recently used files in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\mediaplayer\preferences
Description : last playlist index loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\mediaplayer\preferences
Description : last playlist loaded in microsoft windows media player
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\search assistant\acmru
Description : list of recent search terms used with the search assistant
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
Description : list of recent programs opened
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
Description : list of recently saved files, stored according to file extension
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\windows\currentversion\explorer\recentdocs
Description : list of recent documents opened
MRU List Object Recognized!
Location: : S-1-5-21-861567501-287218729-839522115-1003\software\microsoft\windows media\wmsdk\general
Description : windows media sdk
Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 476
ThreadCreationTime : 11-06-2006 11:22:20
BasePriority : Normal
#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 532
ThreadCreationTime : 11-06-2006 11:22:24
BasePriority : Normal
#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 556
ThreadCreationTime : 11-06-2006 11:22:24
BasePriority : High
#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 604
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe
#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 616
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe
#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 768
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 812
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 876
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 924
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:10 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 968
ThreadCreationTime : 11-06-2006 11:22:25
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:11 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1308
ThreadCreationTime : 11-06-2006 11:22:27
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe
#:12 [e_s10ic2.exe]
FilePath : C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\
ProcessID : 1460
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
FileVersion : 3.08
ProductVersion : 3.08
ProductName : EPSON Status Monitor 3
CompanyName : SEIKO EPSON CORPORATION
FileDescription : EPSON Status Monitor 3
InternalName : E_S10IC2
LegalCopyright : Copyright (C) SEIKO EPSON CORP. 2003
OriginalFilename : E_S10IC2.EXE
#:13 [camtray.exe]
FilePath : C:\Program Files\Creative\Shared Files\
ProcessID : 1488
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
FileVersion : 3.4.1.0
ProductVersion : 2.00
ProductName : PC-CAM Center
CompanyName : Creative Technology Ltd
FileDescription : PC-CAM Center Launcher Application
InternalName : PC-CAM Center Launcher Application
LegalCopyright : Copyright (c) Creative Technology Ltd., 2002. All rights reserved.
OriginalFilename : CamTray.EXE
#:14 [ashdisp.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ProcessID : 1496
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
FileVersion : 5, 0, 0, 0
ProductVersion : 5, 0, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright (c) 2006 ALWIL Software
OriginalFilename : aswDisp.exe
#:15 [msgplus.exe]
FilePath : C:\Program Files\MessengerPlus! 3\
ProcessID : 1516
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
#:16 [alcxmntr.exe]
FilePath : C:\WINDOWS\
ProcessID : 1528
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
FileVersion : 1.5
ProductVersion : 1.5
ProductName : Realtek Audio - Event Monitor
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek Audio - Event Monitor
InternalName : Alcxmntr
LegalCopyright : Copyright (c) 2004 Realtek Semiconductor Corp.
OriginalFilename : Alcxmntr.exe
#:17 [apdproxy.exe]
FilePath : C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\
ProcessID : 1556
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
#:18 [wkufind.exe]
FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\
ProcessID : 1580
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
FileVersion : 9.00.0603.0
ProductVersion : 9.00.0603.0
ProductName : Update Detection Module
CompanyName : Microsoft® Corporation
FileDescription : Détection Microsoft® Works Update
InternalName : WkUFind
LegalCopyright : Copyright © 1987-2003 Microsoft Corporation.
OriginalFilename : WkUFind.exe
#:19 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1636
ThreadCreationTime : 11-06-2006 11:22:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE
#:20 [msmsgs.exe]
FilePath : C:\Program Files\Messenger\
ProcessID : 1652
ThreadCreationTime : 11-06-2006 11:22:29
BasePriority : Normal
FileVersion : 4.7.3001
ProductVersion : Version 4.7.3001
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Windows Messenger
InternalName : msmsgs
LegalCopyright : Copyright (c) Microsoft Corporation 2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msmsgs.exe
#:21 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 184
ThreadCreationTime : 11-06-2006 11:22:35
BasePriority : Normal
FileVersion : 7.5.0324
ProductVersion : 7.5.0324
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe
#:22 [aswupdsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 508
ThreadCreationTime : 11-06-2006 11:23:35
BasePriority : Normal
#:23 [ashserv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 324
ThreadCreationTime : 11-06-2006 11:23:35
BasePriority : High
FileVersion : 4, 7, 844, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright (c) 2006 ALWIL Software
OriginalFilename : aswServ.exe
#:24 [cdac11ba.exe]
FilePath : C:\WINDOWS\system32\drivers\
ProcessID : 672
ThreadCreationTime : 11-06-2006 11:23:35
BasePriority : Normal
FileVersion : 4.20.020
ProductVersion : 4.20.020 Windows NT 2002/12/10
ProductName : SafeCast Windows NT
CompanyName : Macrovision
FileDescription : Macrovision RTS Service
InternalName : CDANTSRV
LegalCopyright : Copyright (c) 1998-2002 Macrovision Corp.
OriginalFilename : CDANTSRV.EXE
Comments : StringFileInfo: U.S. English
#:25 [inetinfo.exe]
FilePath : C:\WINDOWS\System32\inetsrv\
ProcessID : 856
ThreadCreationTime : 11-06-2006 11:23:36
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Services Internet (IIS)
CompanyName : Microsoft Corporation
FileDescription : Services Internet (IIS)
InternalName : INETINFO.EXE
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : INETINFO.EXE
#:26 [mdm.exe]
FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\
ProcessID : 944
ThreadCreationTime : 11-06-2006 11:23:37
BasePriority : Normal
FileVersion : 7.00.9064.9150
ProductVersion : 7.00.9064.9150
ProductName : Microsoft Development Environment
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : Copyright (C) Microsoft Corp. 1997-2000
OriginalFilename : mdm.exe
#:27 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1752
ThreadCreationTime : 11-06-2006 11:23:42
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe
#:28 [wdfmgr.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1976
ThreadCreationTime : 11-06-2006 11:23:47
BasePriority : Normal
FileVersion : 5.2.3790.1230 built by: dnsrv(bld4act)
ProductVersion : 5.2.3790.1230
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Windows User Mode Driver Manager
InternalName : WdfMgr
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : WdfMgr.exe
#:29 [ashmaisv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 2504
ThreadCreationTime : 11-06-2006 11:24:01
BasePriority : Normal
#:30 [ashwebsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 2612
ThreadCreationTime : 11-06-2006 11:24:02
BasePriority : Normal
#:31 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2816
ThreadCreationTime : 11-06-2006 11:24:04
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe
#:32 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 2420
ThreadCreationTime : 11-06-2006 11:48:13
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE
#:33 [ashsimpl.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1628
ThreadCreationTime : 11-06-2006 16:05:03
BasePriority : Normal
FileVersion : 4, 7, 844, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
CompanyName : ALWIL Software
FileDescription : Virus scanner
InternalName : aswSimpl.exe
LegalCopyright : Copyright (c) 2006 ALWIL Software
OriginalFilename : aswSimpl.exe
#:34 [ad-aware.exe]
FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1604
ThreadCreationTime : 11-06-2006 16:09:55
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved
Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19
Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19
Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 19
Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@www.smartadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:127
Value : Cookie:amelia@www.smartadserver.com/
Expires : 06-06-2026 18:10:10
LastSync : Hits:127
UseCount : 0
Hits : 127
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@casalemedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:70
Value : Cookie:amelia@casalemedia.com/
Expires : 02-06-2007 06:24:08
LastSync : Hits:70
UseCount : 0
Hits : 70
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@bluestreak[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:112
Value : Cookie:amelia@bluestreak.com/
Expires : 06-06-2016 17:50:56
LastSync : Hits:112
UseCount : 0
Hits : 112
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@tradedoubler[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:44
Value : Cookie:amelia@tradedoubler.com/
Expires : 02-06-2026 19:20:58
LastSync : Hits:44
UseCount : 0
Hits : 44
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@2o7[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:15
Value : Cookie:amelia@2o7.net/
Expires : 10-06-2011 15:32:14
LastSync : Hits:15
UseCount : 0
Hits : 15
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@cgi-bin[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:24
Value : Cookie:amelia@imrworldwide.com/cgi-bin
Expires : 23-05-2016 23:23:00
LastSync : Hits:24
UseCount : 0
Hits : 24
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@weborama[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:113
Value : Cookie:amelia@weborama.fr/
Expires : 08-06-2011 14:33:12
LastSync : Hits:113
UseCount : 0
Hits : 113
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:32
Value : Cookie:amelia@tribalfusion.com/
Expires : 01-01-2038 02:00:00
LastSync : Hits:32
UseCount : 0
Hits : 32
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@247realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:amelia@247realmedia.com/
Expires : 01-01-2021 02:00:00
LastSync : Hits:7
UseCount : 0
Hits : 7
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@www.cibleclick[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:175
Value : Cookie:amelia@www.cibleclick.com/
Expires : 19-05-2036 17:26:50
LastSync : Hits:175
UseCount : 0
Hits : 175
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@fl01.ct2.comclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:431
Value : Cookie:amelia@fl01.ct2.comclick.com/
Expires : 10-01-2029 02:00:00
LastSync : Hits:431
UseCount : 0
Hits : 431
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@ads.pointroll[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:24
Value : Cookie:amelia@ads.pointroll.com/
Expires : 01-01-2010 02:00:00
LastSync : Hits:24
UseCount : 0
Hits : 24
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@apmebf[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:amelia@apmebf.com/
Expires : 26-05-2011 17:12:04
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@estat[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:56
Value : Cookie:amelia@estat.com/
Expires : 22-05-2016 19:59:56
LastSync : Hits:56
UseCount : 0
Hits : 56
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@questionmarket[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:amelia@questionmarket.com/
Expires : 12-07-2006 04:11:54
LastSync : Hits:6
UseCount : 0
Hits : 6
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@geo113prod.kadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:amelia@geo113prod.kadserver.com/
Expires : 28-05-2006 19:15:38
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@as1.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:68
Value : Cookie:amelia@as1.falkag.de/
Expires : 08-08-2006 19:46:56
LastSync : Hits:68
UseCount : 0
Hits : 68
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@adserver.advertstream[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:amelia@adserver.advertstream.com/
Expires : 28-11-2015 22:36:22
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:amelia@adtech.de/
Expires : 23-05-2016 16:00:00
LastSync : Hits:5
UseCount : 0
Hits : 5
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@promo.casinotropez[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:amelia@promo.casinotropez.com/
Expires : 27-05-2011 13:03:12
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@bs.serving-sys[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:10
Value : Cookie:amelia@bs.serving-sys.com/
Expires : 01-01-2038
LastSync : Hits:10
UseCount : 0
Hits : 10
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@real[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:amelia@real.com/
Expires : 26-07-2006 17:12:34
LastSync : Hits:1
UseCount : 0
Hits : 1
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@adserver.aol[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:amelia@adserver.aol.fr/
Expires : 04-06-2016 19:21:20
LastSync : Hits:2
UseCount : 0
Hits : 2
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@ads.multimania.lycos[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:14
Value : Cookie:amelia@ads.multimania.lycos.fr/
Expires : 10-06-2006 14:33:16
LastSync : Hits:14
UseCount : 0
Hits : 14
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@countus.get.kadserver[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:amelia@countus.get.kadserver.com/
Expires : 29-05-2006 10:53:24
LastSync : Hits:3
UseCount : 0
Hits : 3
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:82
Value : Cookie:amelia@serving-sys.com/
Expires : 01-01-2038
LastSync : Hits:82
UseCount : 0
Hits : 82
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@cs.sexcounter[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:71
Value : Cookie:amelia@cs.sexcounter.com/
Expires : 12-05-2024 20:07:28
LastSync : Hits:71
UseCount : 0
Hits : 71
Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 27
Objects found so far: 46
Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@estat[1].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\amelia\Local Settings\Temp\Cookies\amelia@estat[1].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\amelia\Local Settings\Temp\Cookies\amelia@serving-sys[2].txt
Tracking Cookie Object Recognized!
Type : IECache Entry
Data : amelia@weborama[2].txt
TAC Rating : 3
Category : Data Miner
Comment :
Value : C:\Documents and Settings\amelia\Local Settings\Temp\Cookies\amelia@weborama[2].txt
Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 49
Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 49
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 49
18:38:37 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:28:01.56
Objects scanned:170024
Objects identified:30
Objects ignored:0
New critical objects:30
Merci
je suis en train de m'occuper du pare feu, mais je ne trouve pas le jeu à désinstaller peux-tu m'aider stp? merci
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
re
=========
ça doit te faire du bien, non ?
========
une saloperie à virer sans plus attendre :
mets toi en sans échec
(tapote f8 au redémarrage pour y aller)
ouvre hijack
coche et fixe ceci
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
+
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE<==DANGER
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
+
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
===
pour traiter cette ligne
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE<==DANGER
faire ceci
déma>rechercher 'ALCXMNTR.EXE>détruire
==
repasser en sans échec Spybot+Ad-Aware+Ewido
détruire leur quarantaine
====
passer CCleaner 'nettoyeur' + 'erreurs'
==
redémarrer en normal
et donner nouvel hijack
=========
ça doit te faire du bien, non ?
========
une saloperie à virer sans plus attendre :
mets toi en sans échec
(tapote f8 au redémarrage pour y aller)
ouvre hijack
coche et fixe ceci
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
+
O4 - HKLM\..\Run: [EPSON Stylus C64 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C64 Series" /O6 "USB001" /M "Stylus C64"
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE<==DANGER
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
+
O16 - DPF: Interface Chat Wanadoo - http://chat14.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {200B3EE9-7242-4EFD-B1E4-D97EE825BA53} (VerifyGMN Class) - http://h20270.www2.hp.com/ediags/gmn/install/hpobjinstaller_gmn.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site....
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
===
pour traiter cette ligne
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE<==DANGER
faire ceci
déma>rechercher 'ALCXMNTR.EXE>détruire
==
repasser en sans échec Spybot+Ad-Aware+Ewido
détruire leur quarantaine
====
passer CCleaner 'nettoyeur' + 'erreurs'
==
redémarrer en normal
et donner nouvel hijack
slt,
Aran parle de ce jeu : BOONTY
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
Si tu ne t'en sers pas vire le.
A+
Aran parle de ce jeu : BOONTY
C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
Si tu ne t'en sers pas vire le.
A+
Je suis en train de rechercher le dossier BOONTY
Voilà le scan par BitDefender:
BitDefender Online Scanner
Scan report generated at: Sun, Jun 11, 2006 - 20:29:49
Scan path: A:\;C:\;E:\;F:\;G:\;H:\;I:\;J:\;
Statistics
Time
01:09:04
Files
264099
Folders
3367
Boot Sectors
2
Archives
2285
Packed Files
29217
Results
Identified Viruses
1
Infected Files
2
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
0
Engines Info
Virus Definitions
387583
Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins
13
Archive plugins
39
Unpack plugins
5
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\WINDOWS\system32\ld100.tmp
Infected with: Trojan.Downloader.Zlob.LY
C:\WINDOWS\system32\ld100.tmp
Disinfection failed
C:\WINDOWS\system32\ld100.tmp
Delete failed
C:\WINDOWS\system32\regperf.exe
Infected with: Trojan.Downloader.Zlob.LY
C:\WINDOWS\system32\regperf.exe
Disinfection failed
C:\WINDOWS\system32\regperf.exe
Delete failed
merci Seb de m'aider
Voilà le scan par BitDefender:
BitDefender Online Scanner
Scan report generated at: Sun, Jun 11, 2006 - 20:29:49
Scan path: A:\;C:\;E:\;F:\;G:\;H:\;I:\;J:\;
Statistics
Time
01:09:04
Files
264099
Folders
3367
Boot Sectors
2
Archives
2285
Packed Files
29217
Results
Identified Viruses
1
Infected Files
2
Suspect Files
0
Warnings
0
Disinfected
0
Deleted Files
0
Engines Info
Virus Definitions
387583
Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)
Scan plugins
13
Archive plugins
39
Unpack plugins
5
E-mail plugins
6
System plugins
1
Scan Settings
First Action
Disinfect
Second Action
Delete
Heuristics
Yes
Enable Warnings
Yes
Scanned Extensions
*;
Exclude Extensions
Scan Emails
Yes
Scan Archives
Yes
Scan Packed
Yes
Scan Files
Yes
Scan Boot
Yes
Scanned File
Status
C:\WINDOWS\system32\ld100.tmp
Infected with: Trojan.Downloader.Zlob.LY
C:\WINDOWS\system32\ld100.tmp
Disinfection failed
C:\WINDOWS\system32\ld100.tmp
Delete failed
C:\WINDOWS\system32\regperf.exe
Infected with: Trojan.Downloader.Zlob.LY
C:\WINDOWS\system32\regperf.exe
Disinfection failed
C:\WINDOWS\system32\regperf.exe
Delete failed
merci Seb de m'aider
Voilà le log fait après toutes les manips.
Merci de vous pencher dessus pour me dire si ça va
Logfile of HijackThis v1.99.1
Scan saved at 21:49:30, on 11/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&ie=UTF-8&gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF93E58C-9625-41A3-B88C-911F38580683}: NameServer = 86.64.145.142 84.103.237.142
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
Merci de vous pencher dessus pour me dire si ça va
Logfile of HijackThis v1.99.1
Scan saved at 21:49:30, on 11/06/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/webhp?sourceid=navclient&ie=UTF-8&gws_rd=ssl
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://fr.rd.yahoo.com/customize/ycomp/defaults/su/*https://fr.yahoo.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{AF93E58C-9625-41A3-B88C-911F38580683}: NameServer = 86.64.145.142 84.103.237.142
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
ton log me parait pas mal...
Fixe cette ligne :
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
----------------------------------------------------------------------------
Ensuite :
Affiches tous les fichiers et dossiers :
cliques sur démarrer/panneau de configuration (en affichage classique)/option des dossiers/affichage
Cocher « afficher les dossiers et fichiers cachés »
Décoches la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Décoches « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.
Et « appliquer »
--------------------------------------------------------------------------
Recherche et supprimes (si présents) ces fichiers (en gras) :
C:\WINDOWS\system32\ld100.tmp
C:\WINDOWS\system32\regperf.exe
Après ceci :
Pour vérifier, scanne ton PC avec cet antivirus en ligne :
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
Et colle le rapport.
Et dis nous ou en sont tes problèmes.
A+
Fixe cette ligne :
O23 - Service: Boonty Games - Unknown owner - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe (file missing)
----------------------------------------------------------------------------
Ensuite :
Affiches tous les fichiers et dossiers :
cliques sur démarrer/panneau de configuration (en affichage classique)/option des dossiers/affichage
Cocher « afficher les dossiers et fichiers cachés »
Décoches la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"
Décoches « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.
Et « appliquer »
--------------------------------------------------------------------------
Recherche et supprimes (si présents) ces fichiers (en gras) :
C:\WINDOWS\system32\ld100.tmp
C:\WINDOWS\system32\regperf.exe
Après ceci :
Pour vérifier, scanne ton PC avec cet antivirus en ligne :
https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
Et colle le rapport.
Et dis nous ou en sont tes problèmes.
A+
