Sujet Précédent Sujet Suivant

[Serwab] Infecté par serwab

redandgold25 Messages postés 13 Statut Membre -  
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   -
Bonjour,

Quelqu'un peut-il m'aider à me débarasser de Serwab ? Je n'y parviens ni avec AVG, ni avec AdAware, ni avec Spybot.

D'avance merci

28 réponses

  • 1
  • 2
Réponse 1 / 28
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Salut

qui te le detecte

a+
0
redandgold25 Messages postés 13 Statut Membre
 
Un message d'alerte s'affiche automatiquement quand je suis connecté sur internet et me propose de télécharger un logiciel antivirus.
0
Réponse 2 / 28
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
salut

télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html

Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif

Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum

Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm

Bon courage

A+
0
Réponse 3 / 28
redandgold25 Messages postés 13 Statut Membre
 
Salut,

Merci beaucoup pour ton aide. Voici le log complet :

Logfile of HijackThis v1.99.1
Scan saved at 16:41:24, on 25/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Arcade\PCMService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe
C:\Program Files\outlook\outlook.exe
C:\Program Files\QuickTime\qttask.exe
C:\dfndrff_12.exe
C:\kybrdff_12.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\nwnmff_12.exe
C:\Program Files\Fichiers communs\{320D180E-06A2-1036-1012-040410080021}\Update.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\WorldClocksWallpaper\WorldClocksWallpaper.exe
C:\PROGRA~1\FICHIE~1\ziru\zirum.exe
C:\Program Files\Softissimo\Lexibase Collins EF\exe\L-Express.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\PROGRA~1\FICHIE~1\ziru\zirua.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Webshots\WebshotsTray.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://news.google.com/topstories?hl=fr&gl=FR&ceid=FR:fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.acer.com/worldwide/selection.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Program Files\Deskbar\deskbar.dll
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Program Files\Deskbar\deskbar.dll
O2 - BHO: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: ToolBar888 - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - C:\Program Files\ToolBar888\MyToolBar.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [defender] C:\\dfndrff_12.exe
O4 - HKLM\..\Run: [keyboard] C:\\kybrdff_12.exe
O4 - HKLM\..\Run: [azo77a69] RUNDLL32.EXE w046a95e.dll,n 00377a660000000a046a95e
O4 - HKLM\..\Run: [newname] C:\\nwnmff_12.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [World Clocks Wallpaper] C:\Program Files\WorldClocksWallpaper\WorldClocksWallpaper.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
O4 - Global Startup: L-Express.lnk = C:\Program Files\Softissimo\Lexibase Collins EF\exe\L-Express.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar4.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar4.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar4.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar4.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar4.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Wanadoo - http://chat7.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - http://down.plaxo.com/down/latest/PlaxoInstall.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_s...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5DE0DAC3-8E76-4AB1-A4A0-286CADDF8567}: NameServer = 80.10.246.134 80.10.246.7
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
0
Réponse 4 / 28
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Salut

tu avais deja posté d autres messages non?

Télécharge ceci: (merci a S!RI pour ce programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport
Copie/colle le sur le poste stp.
----------------------------------------------------------------------------
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum

a+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 28
redandgold25 Messages postés 13 Statut Membre
 
Salut,

Voici les 2 rapports de Smitfraud :

Le premier :

SmitFraudFix v2.81

Rapport fait à 9:51:37,35, 26/08/2006
Executé à partir de C:\Smitfraud\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

C:\WINDOWS\keyboard1.dat PRESENT !

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Estrella\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ESTRELLA\FAVORIS

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Le deuxième :

SmitFraudFix v2.81

Rapport fait à 10:00:27,21, 26/08/2006
Executé à partir de C:\Smitfraud\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec

»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés

C:\WINDOWS\keyboard1.dat supprimé

»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires

»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre

Nettoyage terminé.

»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin

Merci beaucoup pour ton aide.

A+
0
Réponse 6 / 28
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
salut

remet un hijack this

a+
0
Réponse 7 / 28
redandgold25 Messages postés 13 Statut Membre
 
Salut,

Voici le dernier raport hijack this :

Logfile of HijackThis v1.99.1
Scan saved at 06:44:53, on 28/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Arcade\PCMService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe
C:\Program Files\outlook\outlook.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\WorldClocksWallpaper\WorldClocksWallpaper.exe
C:\PROGRA~1\FICHIE~1\ziru\zirum.exe
C:\Program Files\Softissimo\Lexibase Collins EF\exe\L-Express.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Webshots\WebshotsTray.exe
C:\Program Files\Fichiers communs\{320D180E-06A2-1036-1012-040410080021}\Update.exe
c:\nwnmff_13.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\rundll32.exe
c:\dfndrff_13.exe
c:\kybrdff_13.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\Grisoft\AVG7\avgwb.dat
C:\Program Files\Internet Explorer\iexplore.exe
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: DeskbarBHO - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - C:\Program Files\Deskbar\deskbar.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards
O4 - HKLM\..\Run: [outlook] C:\Program Files\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [azo77a69] RUNDLL32.EXE w046a95e.dll,n 00377a660000000a046a95e
O4 - HKLM\..\Run: [defender] c:\\dfndrff_13.exe
O4 - HKLM\..\Run: [keyboard] c:\\kybrdff_13.exe
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [World Clocks Wallpaper] C:\Program Files\WorldClocksWallpaper\WorldClocksWallpaper.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
O4 - Global Startup: L-Express.lnk = C:\Program Files\Softissimo\Lexibase Collins EF\exe\L-Express.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar4.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar4.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar4.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar4.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar4.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Wanadoo - http://chat7.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - http://down.plaxo.com/down/latest/PlaxoInstall.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_s...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: Extensions - C:\WINDOWS\system32\dvuGUI10.dll
O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\l42s0ef7eh2.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

Merci,

A +
0
Réponse 8 / 28
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Bonjour,

Méthode à suivre dans l'ordre...
----------------------------------------------------------------------------
¤Télécharge ces logiciels mais que tu n‘utilises pas tout de suite:

1/

Spybot S&D 1.4
https://www.safer-networking.org/

Démo d’utilisation (merci à Balltrap34 pour cette réalisation).
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

2/

Ad-Aware SE 1.06
https://www.adaware.com/
-Une aide:
http://usa.lucretius-ada.com/zcvisitor/8782d344-4821-11ea-83ce-0a2cdf2c6be7?campaignid=0d1dff40-82d7-11e9-9533-0a157bfa6bfc
- installe le patch français, tu pourras le trouver ici:
http://download.lavasoft.de.edgesuite.net/public/pllangs.exe
et une petite vidéo d'utilisation ici:(merci à Moe31 pour cette réalisation).
http://pageperso.aol.fr/balltrap34/adawrevid.asf

3/ Ewido:

http://perso.orange.fr/entraide-hijackthis/Ewido/

Installation puis mises à jour.

4/ Ccleaner :

https://www.pcastuces.com/logitheque/ccleaner.htm
----------------------------------------------------------------------------
¤Affiche tous les fichiers et dossiers :
Clique sur démarrer/panneau de configuration/outil/option des dossiers/affichage

Coche « afficher les fichiers et dossiers cachés »

Décoche la case "Masquer les fichiers protégés du système d'exploitation (recommandé)"

Décoche « masquer les extensions dont le type est connu »
Puis fais «Ok» pour valider les changements.

Et appliquer !
----------------------------------------------------------------------------
¤Relance HijackThis, coche les cases devant ces lignes et ensuite clique sur fix checked :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

O4 - HKLM\..\Run: [azo77a69] RUNDLL32.EXE w046a95e.dll,n 00377a660000000a046a95e

O4 - HKLM\..\Run: [defender] c:\\dfndrff_13.exe

O4 - HKLM\..\Run: [keyboard] c:\\kybrdff_13.exe

O20 - Winlogon Notify: Extensions - C:\WINDOWS\system32\dvuGUI10.dll

O20 - Winlogon Notify: ThemeManager - C:\WINDOWS\system32\l42s0ef7eh2.dll (file missing)

----------------------------------------------------------------------------
¤Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
¤Recherche et supprime ceci:
attention seulement les fichiers (si présents).

c:\dfndrff_13.exe
c:\kybrdff_13.exe
----------------------------------------------------------------------------
¤ Lancer et exécuter Ewido pour un scan complet et copier/coller le rapport en forum.
----------------------------------------------------------------------------
¤ Passe Ad-Aware et supprime tout ce qu’il trouve + supprime les quarantaines…
----------------------------------------------------------------------------
¤ Passe Spybot et corrige tout ce qu’il trouve + vaccine + supprime les quarantaines…
-------------------------------------------------------------------------------------------
¤ Lance CCleaner.

Suppression des fichiers temporaires

Va dans la section "Options" situé dans la marge gauche. Va dans "Avancé" et décoche "Effacer uniquement les fichiers, du dossier Temp de Windows, plus vieux que 48 heures". Retourne ensuite dans la section "Nettoyeur"
Fais bien attention de cocher toutes les cases dans la marge gauche (Internet Explorer/Windows Explorer/Système/Avancé)
• Clique sur Analyse
• Patiente le temps du scan, qui peut prendre un peu de temps si c'est la première fois.
• Une fois le scan terminé, clique sur Lancer le Nettoyage

Suppression des incohérence du registre

• Clique sur l'icône Erreurs situés dans la marge à gauche.
• Puis clique sur Analyser les erreurs
• Patiente pendant que CCleaner scan ton registre.
• Une fois le scan terminé, coche toutes les entrèes qu'il t'aura trouvée.
• Tu peux cliquer ensuite sur Corriger les erreurs.

Si tu n'est pas sur de ce que tu fais, tu peux choisir de sauvegarder les entrées cochées pour les restaurer ultérieurement
----------------------------------------------------------------------------
¤ Vide ta Corbeille.
----------------------------------------------------------------------------
¤ Redémarre en mode normal, relance Hijackthis et copie/colle un nouveau rapport sur le forum.

Précise tes soucis s’il en reste....

Tiens-moi au courant

A+
0
Réponse 9 / 28
redandgold25 Messages postés 13 Statut Membre
 
Salut,

J'ai fait tout ce que tu me conseillais. Le message d'alerte concernant serwab persiste et de nombreuses fenêtres intempestives continuent de s'ouvrir...

Voici les différents rapports :

Premier rapport ewido :

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 20:52:11 28/08/2006

+ Scan result:

C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005230.DLL -> Adware.CommAd : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005231.EXE -> Adware.CommAd : No action taken.
C:\WINDOWS\RXN0cmVsbGE\asappsrv.dll -> Adware.CommAd : No action taken.
C:\WINDOWS\RXN0cmVsbGE\command.exe -> Adware.CommAd : No action taken.
C:\Documents and Settings\Estrella\Local Settings\Temp\Temporary Internet Files\Content.IE5\KTEJ4HEZ\Installer[1].exe -> Adware.Look2Me : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005189.dll -> Adware.Look2Me : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005190.dll -> Adware.Look2Me : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005191.dll -> Adware.Look2Me : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005192.DLL -> Adware.Look2Me : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005315.exe -> Adware.Look2Me : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005318.dll -> Adware.Look2Me : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005328.exe -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\VFFilter.dll_tobedeleted -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\ctmdlg32.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\guard.tmp -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\wldtrace.dll -> Adware.Look2Me : No action taken.
[636] C:\WINDOWS\system32\wldtrace.dll -> Adware.Look2Me : No action taken.
[728] C:\WINDOWS\system32\wldtrace.dll -> Adware.Look2Me : No action taken.
C:\Program Files\Deskbar\deskbar.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0000107.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0000171.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005171.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005221.dll -> Adware.Softomate : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005275.dll -> Adware.Softomate : No action taken.
C:\Documents and Settings\Saucisses\Local Settings\Temp\i4.tmp -> Adware.SurfSide : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0001159.dll -> Adware.SurfSide : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005289.dll -> Adware.SurfSide : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005290.dll -> Adware.SurfSide : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005291.exe -> Adware.SurfSide : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005292.dll -> Adware.SurfSide : No action taken.
C:\Program Files\ToolBar888 -> Adware.ToolBar888 : No action taken.
C:\Program Files\ToolBar888\Activate.exe -> Adware.ToolBar888 : No action taken.
C:\Program Files\ToolBar888\MyToolBar.dll -> Adware.ToolBar888 : No action taken.
C:\Program Files\ToolBar888\Uninst.exe -> Adware.ToolBar888 : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005227.dll -> Adware.Ucmore : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005228.dll -> Adware.Ucmore : No action taken.
C:\WINDOWS\system32\winlog.exe -> Backdoor.Rbot : No action taken.
C:\Documents and Settings\Estrella\Local Settings\Temp\Temporary Internet Files\Content.IE5\S18P23W3\nwnmff_13[1].exe -> Downloader.Adload.cy : No action taken.
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\TOCV15C5\nwnmff_13[1].exe -> Downloader.Adload.cy : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005186.exe -> Downloader.Adload.cy : No action taken.
C:\nwnmff_13.exe -> Downloader.Adload.cy : No action taken.
C:\Documents and Settings\Estrella\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4NAB23\loader[1].exe -> Downloader.Adload.eo : No action taken.
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\FR1VF14S\loader[1].exe -> Downloader.Adload.eo : No action taken.
C:\Documents and Settings\Saucisses\Local Settings\Temporary Internet Files\Content.IE5\1ZXANLJB\loader[1].exe -> Downloader.Adload.eo : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0000129.exe -> Downloader.Adload.eo : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004183.exe -> Downloader.Adload.eo : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005326.exe -> Downloader.Adload.eo : No action taken.
C:\Documents and Settings\Saucisses\Local Settings\Temporary Internet Files\Content.IE5\AAQ9A65C\drsmartload849a[1].exe -> Downloader.Adload.ep : No action taken.
C:\Documents and Settings\Saucisses\Local Settings\Temporary Internet Files\Content.IE5\XLQ7IOAG\drsmartload45a[1].exe -> Downloader.Adload.ep : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004194.exe -> Downloader.Adload.ep : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004195.exe -> Downloader.Adload.ep : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004197.exe -> Downloader.Adload.ep : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004187.exe -> Downloader.Adload.es : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004191.exe -> Downloader.Adload.et : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004186.exe -> Downloader.Adload.eu : No action taken.
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\FR1VF14S\al3[1].txt -> Downloader.Small : No action taken.
C:\Documents and Settings\Saucisses\Local Settings\Temporary Internet Files\Content.IE5\1ZXANLJB\al3[1].txt -> Downloader.Small : No action taken.
C:\Documents and Settings\Saucisses\Local Settings\Temporary Internet Files\Content.IE5\AAQ9A65C\ac3_0010[1].exe -> Downloader.Small : No action taken.
C:\Program Files\Fichiers communs\{320D180E-06A2-1036-1012-040410080021}\Update.exe -> Downloader.Small : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0000105.exe -> Downloader.Small : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0000166.exe -> Downloader.Small : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004175.exe -> Downloader.Small : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004184.exe -> Downloader.Small : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005187.dll -> Downloader.Small : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005188.DLL -> Downloader.Small : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005273.exe -> Downloader.Small : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005311.exe -> Downloader.Small : No action taken.
C:\Documents and Settings\Estrella\Local Settings\Temp\Temporary Internet Files\Content.IE5\0BGPY12P\MTE3NDI6ODoxNg[1].exe -> Downloader.Small.buy : No action taken.
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\I5JWXGFM\MTE3NDI6ODoxNg[1].exe -> Downloader.Small.buy : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005327.exe -> Downloader.Small.buy : No action taken.
C:\Program Files\Fichiers communs\ziru\zirup.exe -> Downloader.TSUpdate.f : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP3\A0005350.EXE -> Downloader.TSUpdate.l : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP3\A0005349.EXE -> Downloader.TSUpdate.n : No action taken.
C:\Program Files\Fichiers communs\ziru\zirul.exe -> Downloader.TSUpdate.r : No action taken.
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\FR1VF14S\kybrdff_13[1].exe -> Downloader.VB.alg : No action taken.
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\ML3OPO3E\kybrdff_13[1].exe -> Downloader.VB.alg : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005278.exe -> Downloader.VB.alg : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP3\A0005357.exe -> Downloader.VB.alg : No action taken.
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\YBUF6D67\dfndrff_13[1].exe -> Hijacker.VB.ly : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005279.exe -> Hijacker.VB.ly : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP3\A0005351.exe -> Hijacker.VB.ly : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005220.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@247realmedia[2].txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@aerlingus.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@deloitte.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@preferredhotelgroup.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@112.2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@gde.adocean[2].txt -> TrackingCookie.Adocean : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Estrella\Local Settings\Temp\Cookies\estrella@bluestreak[1].txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@burstnet[1].txt -> TrackingCookie.Burstnet : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@com[2].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@c.enhance[1].txt -> TrackingCookie.Enhance : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4cpcjscq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4eld5elo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4gkczcao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4gkczilp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4qjdjkcq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4qncjieq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4wlcjscq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkiegdjalo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkiggc5edp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkighcpwfq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkigic5iep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkisgcpcao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkisgczmcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkisgczmcq.stats.esomniture[3].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkisiajocq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoagdpmeq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoaoczieq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoaodzkgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoegcpcgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoemajicp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoepczwfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoohcpafp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoooczifo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoshcpolp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkougczwap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkowlc5kgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkychcpefo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkyegajkkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkykpdjcfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkysmdjkap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkywocpcdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfl4agcpelo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfl4ggczgap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfl4ggd5olo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfl4kpcjefq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfl4wodjkfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfliajajscq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfliekajwlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflienajwkq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflikgdjogq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflikiajcdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfliuidzelp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfloghczafo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflokncjikp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfloojczgdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfloonajkko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflougazslp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflownczabo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflyeidjmgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflyuid5gdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmicgd5mlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmicmdzwkq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmigndpadp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmioiazscp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmiolcpagp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmisjd5oap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmiuicjaep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmiukdzglq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmyokd5whq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmysmdpmco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkialdzabq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkigiazikp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkiuod5abo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkogmczckq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkycoazado.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkykmczceo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkyspajekp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4andpwgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4cod5odp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4gkcjgfp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4glajako.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4gldzsko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4klc5agp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4wmajggo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkoalcjekp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkoekdpmdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkokgdzmlq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkokpcjmaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkoqhajabp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkowmdjgeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkykjcpwhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkyqncjgdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkysldpico.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkyugcpcap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkyugcpcap.stats.esomniture[3].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4apc5ehp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4enajmfp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4epd5wep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4kicpoeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4qgajelo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4siajsho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4wmdzaao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliandzaco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliapcjwdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliehcjeao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliejajmfp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliepcjkfq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliohdpgco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlioncjecq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliqodzefp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjloajazicp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlociazobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlocjd5mdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlockajoep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjloemdzodq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlogpajcep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlokkcpegq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjloohd5igo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjloopc5mep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlowmcjgdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlycmc5glq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlyelcpsho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlygjc5cbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlygkajsaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlyglcpwdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlykicpadq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlyskdjwfo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlyslc5eho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlysncjmcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlywkazagp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlywkc5oco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmiend5slo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmiggc5odq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmikgc5kcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmioldjkko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmioldjkko.stats.esomniture[3].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmioodjcfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmiqpc5mfq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmisgajeep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmishajako.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmispdpelp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmiwidjaco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmyekc5sep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmygjdpkcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmyolcjwho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmyqgdpiko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmysjdjkdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmyuhajclo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmywmdzkkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjny-1gdzed.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnyaicpmlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnyeidjago.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnygkajkfp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnygoazgkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnyokdpaep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnyqmdpegq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnywlajkbo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnywlajkbo.stats.esomniture[3].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkicldzkap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkiggc5edp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkigic5iep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkoaodzkgp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkoegcpcgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkoemajicp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkychcpefo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkycoczgao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkyqoazwho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkysmdjkap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkywmajghq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkywocpcdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfl4agcpelo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfl4kgczwlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wflienajwkq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfloejczwho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfloghczafo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wflokoajkdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfloojczgdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wgkigiazikp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjk4cod5odp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjk4glajako.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjk4knazekp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjk4qjcjkfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjkowgczkbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjkyqncjgdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjkysldpico.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjkywjc5kfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjl4ejcpigp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjl4qhdjelp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjl4shczcao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjl4spajaeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjliapcjwdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlicjd5ggo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjliehcjeao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjliuoazmkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlockajoep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlowmcjgdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlyamajoao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlyelcpsho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlyglcpwdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlykicpadq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlysmazmkq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlysncjmcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlywkc5oco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmigmdjkdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmiukdzegp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmygjdpkcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmykmajoao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmyolcjwho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmyonajmbo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmyumajicq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmyupdjiep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjnycldpieo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjnyokdpaep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@as1.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@c.goclick[2].txt -> TrackingCookie.Goclick : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@paypopup[1].txt -> TrackingCookie.Paypopup : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@popunder.paypopup[2].txt -> TrackingCookie.Paypopup : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@project2.realtracker[1].txt -> TrackingCookie.Realtracker : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@ads1.revenue[1].txt -> TrackingCookie.Revenue : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@trafficmp[2].txt -> TrackingCookie.Trafficmp : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@webstat[3].txt -> TrackingCookie.Web-stat : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@yadro[1].txt -> TrackingCookie.Yadro : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Estrella\Cookies\estrella@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Saucisses\Cookies\saucisses@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Program Files\winupdates\a.zip/Setup.exe -> Worm.VB.an : No action taken.
C:\Program Files\outlook\p.zip/Setup.exe -> Worm.VB.dw : No action taken.
C:\Program Files\outlook\v.tmp -> Worm.VB.dw : No action taken.
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP3\A0005348.EXE -> Worm.VB.dw : No action taken.

::Report end
0
Réponse 10 / 28
redandgold25 Messages postés 13 Statut Membre
 
Deuxième rapport ewido :

---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 20:53:08 28/08/2006

+ Scan result:

C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005230.DLL -> Adware.CommAd : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005231.EXE -> Adware.CommAd : Cleaned with backup (quarantined).
C:\WINDOWS\RXN0cmVsbGE\asappsrv.dll -> Adware.CommAd : Cleaned with backup (quarantined).
C:\WINDOWS\RXN0cmVsbGE\command.exe -> Adware.CommAd : Cleaned with backup (quarantined).
C:\Documents and Settings\Estrella\Local Settings\Temp\Temporary Internet Files\Content.IE5\KTEJ4HEZ\Installer[1].exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005189.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005190.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005191.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005192.DLL -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005315.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005318.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005328.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\VFFilter.dll_tobedeleted -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ctmdlg32.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\guard.tmp -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\wldtrace.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
[636] C:\WINDOWS\system32\wldtrace.dll -> Adware.Look2Me : Error during cleaning.
[728] C:\WINDOWS\system32\wldtrace.dll -> Adware.Look2Me : Error during cleaning.
C:\Program Files\Deskbar\deskbar.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0000107.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0000171.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005171.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005221.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005275.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Saucisses\Local Settings\Temp\i4.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0001159.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005289.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005290.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005291.exe -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005292.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Program Files\ToolBar888 -> Adware.ToolBar888 : Cleaned with backup (quarantined).
C:\Program Files\ToolBar888\Activate.exe -> Adware.ToolBar888 : Cleaned with backup (quarantined).
C:\Program Files\ToolBar888\MyToolBar.dll -> Adware.ToolBar888 : Cleaned with backup (quarantined).
C:\Program Files\ToolBar888\Uninst.exe -> Adware.ToolBar888 : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005227.dll -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005228.dll -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\WINDOWS\system32\winlog.exe -> Backdoor.Rbot : Cleaned with backup (quarantined).
C:\Documents and Settings\Estrella\Local Settings\Temp\Temporary Internet Files\Content.IE5\S18P23W3\nwnmff_13[1].exe -> Downloader.Adload.cy : Cleaned with backup (quarantined).
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\TOCV15C5\nwnmff_13[1].exe -> Downloader.Adload.cy : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005186.exe -> Downloader.Adload.cy : Cleaned with backup (quarantined).
C:\nwnmff_13.exe -> Downloader.Adload.cy : Cleaned with backup (quarantined).
C:\Documents and Settings\Estrella\Local Settings\Temp\Temporary Internet Files\Content.IE5\IJ4NAB23\loader[1].exe -> Downloader.Adload.eo : Cleaned with backup (quarantined).
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\FR1VF14S\loader[1].exe -> Downloader.Adload.eo : Cleaned with backup (quarantined).
C:\Documents and Settings\Saucisses\Local Settings\Temporary Internet Files\Content.IE5\1ZXANLJB\loader[1].exe -> Downloader.Adload.eo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0000129.exe -> Downloader.Adload.eo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004183.exe -> Downloader.Adload.eo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005326.exe -> Downloader.Adload.eo : Cleaned with backup (quarantined).
C:\Documents and Settings\Saucisses\Local Settings\Temporary Internet Files\Content.IE5\AAQ9A65C\drsmartload849a[1].exe -> Downloader.Adload.ep : Cleaned with backup (quarantined).
C:\Documents and Settings\Saucisses\Local Settings\Temporary Internet Files\Content.IE5\XLQ7IOAG\drsmartload45a[1].exe -> Downloader.Adload.ep : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004194.exe -> Downloader.Adload.ep : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004195.exe -> Downloader.Adload.ep : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004197.exe -> Downloader.Adload.ep : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004187.exe -> Downloader.Adload.es : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004191.exe -> Downloader.Adload.et : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004186.exe -> Downloader.Adload.eu : Cleaned with backup (quarantined).
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\FR1VF14S\al3[1].txt -> Downloader.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\Saucisses\Local Settings\Temporary Internet Files\Content.IE5\1ZXANLJB\al3[1].txt -> Downloader.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\Saucisses\Local Settings\Temporary Internet Files\Content.IE5\AAQ9A65C\ac3_0010[1].exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\Program Files\Fichiers communs\{320D180E-06A2-1036-1012-040410080021}\Update.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0000105.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0000166.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004175.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0004184.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005187.dll -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005188.DLL -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005273.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005311.exe -> Downloader.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\Estrella\Local Settings\Temp\Temporary Internet Files\Content.IE5\0BGPY12P\MTE3NDI6ODoxNg[1].exe -> Downloader.Small.buy : Cleaned with backup (quarantined).
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\I5JWXGFM\MTE3NDI6ODoxNg[1].exe -> Downloader.Small.buy : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005327.exe -> Downloader.Small.buy : Cleaned with backup (quarantined).
C:\Program Files\Fichiers communs\ziru\zirup.exe -> Downloader.TSUpdate.f : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP3\A0005350.EXE -> Downloader.TSUpdate.l : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP3\A0005349.EXE -> Downloader.TSUpdate.n : Cleaned with backup (quarantined).
C:\Program Files\Fichiers communs\ziru\zirul.exe -> Downloader.TSUpdate.r : Cleaned with backup (quarantined).
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\FR1VF14S\kybrdff_13[1].exe -> Downloader.VB.alg : Cleaned with backup (quarantined).
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\ML3OPO3E\kybrdff_13[1].exe -> Downloader.VB.alg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005278.exe -> Downloader.VB.alg : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP3\A0005357.exe -> Downloader.VB.alg : Cleaned with backup (quarantined).
C:\Documents and Settings\Estrella\Local Settings\Temporary Internet Files\Content.IE5\YBUF6D67\dfndrff_13[1].exe -> Hijacker.VB.ly : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP2\A0005279.exe -> Hijacker.VB.ly : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP3\A0005351.exe -> Hijacker.VB.ly : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP1\A0005220.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Ignored.
C:\Documents and Settings\Estrella\Cookies\estrella@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@aerlingus.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@deloitte.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@preferredhotelgroup.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@gde.adocean[2].txt -> TrackingCookie.Adocean : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Estrella\Local Settings\Temp\Cookies\estrella@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@com[2].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4cpcjscq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4eld5elo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4gkczcao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4gkczilp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4qjdjkcq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4qncjieq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfk4wlcjscq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkiegdjalo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkiggc5edp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkighcpwfq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkigic5iep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkisgcpcao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkisgczmcq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkisgczmcq.stats.esomniture[3].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkisiajocq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoagdpmeq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoaoczieq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoaodzkgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoegcpcgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoemajicp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoepczwfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoohcpafp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoooczifo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkoshcpolp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkougczwap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkowlc5kgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkychcpefo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkyegajkkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkykpdjcfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkysmdjkap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfkywocpcdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfl4agcpelo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfl4ggczgap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfl4ggd5olo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfl4kpcjefq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfl4wodjkfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfliajajscq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfliekajwlp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflienajwkq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflikgdjogq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflikiajcdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfliuidzelp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfloghczafo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflokncjikp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfloojczgdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfloonajkko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflougazslp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflownczabo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflyeidjmgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wflyuid5gdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmicgd5mlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmicmdzwkq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmigndpadp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmioiazscp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmiolcpagp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmisjd5oap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmiuicjaep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmiukdzglq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmyokd5whq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wfmysmdpmco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkialdzabq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkigiazikp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkiuod5abo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkogmczckq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkycoazado.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkykmczceo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wgkyspajekp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4andpwgo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4cod5odp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4gkcjgfp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4glajako.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4gldzsko.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4klc5agp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjk4wmajggo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkoalcjekp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkoekdpmdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkokgdzmlq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkokpcjmaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkoqhajabp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkowmdjgeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkykjcpwhp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkyqncjgdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkysldpico.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkyugcpcap.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjkyugcpcap.stats.esomniture[3].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4apc5ehp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4enajmfp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4epd5wep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4kicpoeq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4qgajelo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4siajsho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjl4wmdzaao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliandzaco.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliapcjwdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliehcjeao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliejajmfp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliepcjkfq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliohdpgco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlioncjecq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjliqodzefp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjloajazicp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlociazobo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlocjd5mdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlockajoep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjloemdzodq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlogpajcep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlokkcpegq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjloohd5igo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjloopc5mep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlowmcjgdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlycmc5glq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlyelcpsho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlygjc5cbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlygkajsaq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlyglcpwdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlykicpadq.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlyskdjwfo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlyslc5eho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlysncjmcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlywkazagp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjlywkc5oco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmiend5slo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmiggc5odq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmikgc5kcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmioldjkko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmioldjkko.stats.esomniture[3].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmioodjcfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmiqpc5mfq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmisgajeep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmishajako.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmispdpelp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmiwidjaco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmyekc5sep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmygjdpkcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmyolcjwho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmyqgdpiko.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmysjdjkdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmyuhajclo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjmywmdzkkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjny-1gdzed.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnyaicpmlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnyeidjago.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnygkajkfp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnygoazgkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnyokdpaep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnyqmdpegq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnywlajkbo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@e-2dj6wjnywlajkbo.stats.esomniture[3].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkicldzkap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkiggc5edp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkigic5iep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkoaodzkgp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkoegcpcgp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkoemajicp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkychcpefo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkycoczgao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkyqoazwho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkysmdjkap.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkywmajghq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfkywocpcdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfl4agcpelo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfl4kgczwlo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wflienajwkq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfloejczwho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfloghczafo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wflokoajkdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wfloojczgdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wgkigiazikp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjk4cod5odp.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjk4glajako.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjk4knazekp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjk4qjcjkfo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjkowgczkbo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjkyqncjgdo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjkysldpico.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjkywjc5kfp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjl4ejcpigp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjl4qhdjelp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjl4shczcao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjl4spajaeo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjliapcjwdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlicjd5ggo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjliehcjeao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjliuoazmkp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlockajoep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlowmcjgdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlyamajoao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlyelcpsho.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlyglcpwdo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlykicpadq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlysmazmkq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlysncjmcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjlywkc5oco.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmigmdjkdp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmiukdzegp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmygjdpkcp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmykmajoao.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmyolcjwho.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmyonajmbo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmyumajicq.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjmyupdjiep.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjnycldpieo.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@e-2dj6wjnyokdpaep.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@popunder.paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@project2.realtracker[1].txt -> TrackingCookie.Realtracker : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@ads1.revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@webstat[3].txt -> TrackingCookie.Web-stat : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@yadro[1].txt -> TrackingCookie.Yadro : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Estrella\Cookies\estrella@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Saucisses\Cookies\saucisses@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Program Files\winupdates\a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup (quarantined).
C:\Program Files\outlook\p.zip/Setup.exe -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\Program Files\outlook\v.tmp -> Worm.VB.dw : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{C088B59D-00E1-4866-9985-462F55916981}\RP3\A0005348.EXE -> Worm.VB.dw : Cleaned with backup (quarantined).

::Report end
0
Réponse 11 / 28
redandgold25 Messages postés 13 Statut Membre
 
Rapport Hijackthis :

Logfile of HijackThis v1.99.1
Scan saved at 21:34:14, on 28/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Arcade\PCMService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\WorldClocksWallpaper\WorldClocksWallpaper.exe
C:\Program Files\Softissimo\Lexibase Collins EF\exe\L-Express.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Webshots\WebshotsTray.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - (no file)
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [World Clocks Wallpaper] C:\Program Files\WorldClocksWallpaper\WorldClocksWallpaper.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
O4 - Global Startup: L-Express.lnk = C:\Program Files\Softissimo\Lexibase Collins EF\exe\L-Express.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar4.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar4.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar4.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar4.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar4.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Wanadoo - http://chat7.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - http://down.plaxo.com/down/latest/PlaxoInstall.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_s...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: Dynamic Directory - C:\WINDOWS\system32\k4no0e53eh.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

Merci encore pour ton aide renouvelée...
0
Réponse 12 / 28
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
salut

ou en sont tes soucis

a+
0
Réponse 13 / 28
redandgold25 Messages postés 13 Statut Membre
 
Salut,

Merci beaucoup de te tenir au courant. Je n'ai eu aucun souci aujourd'hui, je ne sais pas si tout est rentré dans l'ordre mais ça a l'air d'aller mieux. Je ne sais pas ce que tu penses des 3 rapports que j'ai posté hier soir... J'espère que c'est résolu.

Encore une fois, merci infiniment pour ton aide.

A+
0
Réponse 14 / 28
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
salut

Télécharge l2mfix ici:

http://www.downloads.subratam.org/l2mfix.exe

Double clic sur l2mfix.exe pour lancer l'extraction
Dans le dossier l2mfix, double clic sur l2mfix.bat, appuie sur n'importe quelle touche puis choisis l'option #1 (et pas autre chose) et valide avec la touche entrée.
Le bloc note va s'ouvrir avec le résultat du scan.
Fais un copier coller du résultat ici.

a+
0
Réponse 15 / 28
redandgold25 Messages postés 13 Statut Membre
 
Salut,

Voici le rapport l2mfix :

L2MFIX find log 051206
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Setup]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\irj4l51q1.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings]

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{94BF8C45-46B2-D933-051F-E1D78B398EC6}"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Page de propri‚t‚s des versions pr‚c‚dentes"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Versions pr‚c‚dentes"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{2F603045-309F-11CF-9774-0020AFD0CFF6}"="Synaptics Control Panel"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Dossiers Web"
"{00020D75-0000-0000-C000-000000000046}"="Microsoft Office Outlook Desktop Icon Handler"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Office Outlook Custom Icon Handler"
"{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4}"="Shell Extensions for RealOne Player"
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}"="iTunes"
"{9F97547E-4609-42C5-AE0C-81C61FFAEBC3}"="AVG7 Shell Extension"
"{9F97547E-460A-42C5-AE0C-81C61FFAEBC3}"="AVG7 Find Extension"
"{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band"
"{043308A2-3CF7-4ED5-A668-2B4FB0BD307A}"="dBpowerAMP dAP Scripting"
"{FED7043D-346A-414D-ACD7-550D052499A7}"="dBpowerAMP Popup Info"
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}"="Messenger Sharing Folders"
"{990E0A76-897D-4AC2-B2EA-36DC13B55305}"=""
"{68FF7DA0-A01C-4389-A17C-D5F0C3F63942}"=""
"{E8BB3597-6893-4985-B3D3-B7D58936E7E8}"=""
"{AA2AB374-29FD-4A74-A27E-36653D465ABA}"=""
"{C658BFF8-79BC-42CE-A155-5E7BFA47ED5A}"=""
"{ED595457-56B3-4B39-90D0-4F4F6928FAA5}"=""

**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{C658BFF8-79BC-42CE-A155-5E7BFA47ED5A}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{C658BFF8-79BC-42CE-A155-5E7BFA47ED5A}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{C658BFF8-79BC-42CE-A155-5E7BFA47ED5A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{C658BFF8-79BC-42CE-A155-5E7BFA47ED5A}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{ED595457-56B3-4B39-90D0-4F4F6928FAA5}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{ED595457-56B3-4B39-90D0-4F4F6928FAA5}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{ED595457-56B3-4B39-90D0-4F4F6928FAA5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{ED595457-56B3-4B39-90D0-4F4F6928FAA5}\InprocServer32]
@="C:\\WINDOWS\\system32\\iUsrad.dll"
"ThreadingModel"="Apartment"

**********************************************************************************
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
sirenacm.dll Fri 16 Jun 2006 14:34:44 A.... 48 936 47,79 K
jgdw400.dll Thu 1 Jun 2006 20:48:44 A.... 163 840 160,00 K
hlink.dll Fri 21 Jul 2006 10:27:28 A.... 72 704 71,00 K
rasadhlp.dll Mon 26 Jun 2006 19:41:32 A.... 8 192 8,00 K
kernel32.dll Wed 5 Jul 2006 12:56:38 A.... 1 049 088 1,00 M
inetcomm.dll Thu 27 Jul 2006 15:26:20 A.... 679 424 663,50 K
cdfview.dll Fri 23 Jun 2006 13:11:42 A.... 152 064 148,50 K
iepeers.dll Fri 23 Jun 2006 13:11:44 A.... 251 392 245,50 K
wininet.dll Fri 23 Jun 2006 13:11:46 A.... 663 040 647,50 K
shell32.dll Thu 13 Jul 2006 15:36:02 A.... 8 509 952 8,11 M
browseui.dll Fri 23 Jun 2006 13:11:42 A.... 1 023 488 999,50 K
mstime.dll Fri 23 Jun 2006 13:11:44 A.... 532 480 520,00 K
msrating.dll Fri 23 Jun 2006 13:11:44 A.... 146 432 143,00 K
mshtml.dll Fri 28 Jul 2006 13:28:08 A.... 3 075 072 2,93 M
danim.dll Fri 23 Jun 2006 13:11:42 A.... 1 056 768 1,01 M
legitc~1.dll Mon 19 Jun 2006 16:19:42 A.... 571 184 557,80 K
mshtmled.dll Fri 23 Jun 2006 13:11:44 A.... 448 512 438,00 K
azo77a69.dll Thu 24 Aug 2006 10:48:16 A.... 61 952 60,50 K
inseng.dll Fri 23 Jun 2006 13:11:44 A.... 96 768 94,50 K
dxtmsft.dll Fri 23 Jun 2006 13:11:44 A.... 357 888 349,50 K
dxtrans.dll Fri 23 Jun 2006 13:11:44 A.... 205 312 200,50 K
urlmon.dll Tue 25 Jul 2006 22:41:02 A.... 615 936 601,50 K
wgalogon.dll Mon 19 Jun 2006 16:20:42 ..... 702 768 686,30 K
jgpl400.dll Thu 1 Jun 2006 20:48:44 A.... 27 648 27,00 K
irj4l5~1.dll Mon 28 Aug 2006 20:59:10 ..S.R 235 491 229,97 K
netapi32.dll Fri 14 Jul 2006 17:41:06 A.... 332 288 324,50 K
dnsapi.dll Mon 26 Jun 2006 19:41:32 A.... 148 480 145,00 K
shlwapi.dll Fri 23 Jun 2006 13:11:46 A.... 474 624 463,50 K
shdocvw.dll Fri 23 Jun 2006 13:11:46 A.... 1 494 528 1,42 M
pngfilt.dll Fri 23 Jun 2006 13:11:44 A.... 39 424 38,50 K
jsproxy.dll Fri 23 Jun 2006 13:11:44 A.... 16 384 16,00 K
xpsp3res.dll Fri 23 Jun 2006 10:53:42 A.... 26 624 26,00 K
extmgr.dll Fri 23 Jun 2006 13:11:44 A.... 55 808 54,50 K
aaa00000.dll Sat 26 Aug 2006 8:35:10 A.... 61 952 60,50 K

34 items found: 34 files (1 H/S), 0 directories.
Total of file sizes: 23 406 443 bytes 22,32 M
Locate .tmp files:

C:\WINDOWS\SYSTEM32\
guard.tmp Mon 28 Aug 2006 22:33:48 ..S.R 234 272 228,78 K

1 item found: 1 file (1 H/S), 0 directories.
Total of file sizes: 234 272 bytes 228,78 K
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C s'appelle ACER
Le num‚ro de s‚rie du volume est 320D-180E

R‚pertoire de C:\WINDOWS\System32

28/08/2006 22:33 234ÿ272 guard.tmp
28/08/2006 20:59 235ÿ491 irj4l51q1.dll
26/12/2004 13:24 56 3DCAAF9AEE.sys
22/09/2004 10:13 <REP> Microsoft
22/09/2004 09:57 <REP> dllcache
3 fichier(s) 469ÿ819 octets
2 R‚p(s) 14ÿ297ÿ661ÿ440 octets libres

Merci
0
Réponse 16 / 28
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Maintenant relances l2mfix.bat
et choisis l'option 2
Il va te demander d'appuyer sur une touche pour redémarrer
appuie sur n'importe quelle touche et laisse le pc redémarrer
le bloc note va s'ouvrir, copie et colle le contenu ici

a+
0
redandgold25 Messages postés 13 Statut Membre
 
Salut,

Voici le rapport généré par la dernière manip :

L2mfix 051206
Creating Account.
La commande s'est termin‚e correctement.

Adding Administrative privleges.
Checking for L2MFix account(0=no 1=yes):
1
Granting SeDebugPrivilege to L2MFIX ... successful

Running From:
C:\WINDOWS\system32

Killing Processes!
Killing 'smss.exe'
\SystemRoot\System32\smss.exe (560)
Killing 'winlogon.exe'
winlogon.exe (648)
Killing 'explorer.exe'
C:\WINDOWS\Explorer.EXE (252)
Killing 'rundll32.exe'
"C:\WINDOWS\system32\rundll32.exe" bthprops.cpl,,BluetoothAuthenticationAgent (1604)
Restoring Sedebugprivilege:
Granting SeDebugPrivilege to Administrateurs ... successful

Scanning First Pass. Please Wait!

First Pass Completed

Second Pass Scanning

Second pass Completed!
1 fichier(s) copi‚(s).
Deleting: C:\WINDOWS\system32\guard.tmp
Successfully Deleted: C:\WINDOWS\system32\guard.tmp

msg11?.dll
0 fichier(s) copi‚(s).
Desktop.ini sucessfully removed




Restoring Windows Update Certificates.:

The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Setup]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\irj4l51q1.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon\Settings]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001


The following are the files found:
****************************************************************************
C:\WINDOWS\system32\guard.tmp

Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{C658BFF8-79BC-42CE-A155-5E7BFA47ED5A}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{C658BFF8-79BC-42CE-A155-5E7BFA47ED5A}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{C658BFF8-79BC-42CE-A155-5E7BFA47ED5A}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{C658BFF8-79BC-42CE-A155-5E7BFA47ED5A}\InprocServer32]
@="C:\\WINDOWS\\system32\\guard.tmp"
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{ED595457-56B3-4B39-90D0-4F4F6928FAA5}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{ED595457-56B3-4B39-90D0-4F4F6928FAA5}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{ED595457-56B3-4B39-90D0-4F4F6928FAA5}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{ED595457-56B3-4B39-90D0-4F4F6928FAA5}\InprocServer32]
@="C:\\WINDOWS\\system32\\iUsrad.dll"
"ThreadingModel"="Apartment"

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{990E0A76-897D-4AC2-B2EA-36DC13B55305}"=-
"{68FF7DA0-A01C-4389-A17C-D5F0C3F63942}"=-
"{E8BB3597-6893-4985-B3D3-B7D58936E7E8}"=-
"{AA2AB374-29FD-4A74-A27E-36653D465ABA}"=-
"{C658BFF8-79BC-42CE-A155-5E7BFA47ED5A}"=-
"{ED595457-56B3-4B39-90D0-4F4F6928FAA5}"=-
[-HKEY_CLASSES_ROOT\CLSID\{990E0A76-897D-4AC2-B2EA-36DC13B55305}]
[-HKEY_CLASSES_ROOT\CLSID\{68FF7DA0-A01C-4389-A17C-D5F0C3F63942}]
[-HKEY_CLASSES_ROOT\CLSID\{E8BB3597-6893-4985-B3D3-B7D58936E7E8}]
[-HKEY_CLASSES_ROOT\CLSID\{AA2AB374-29FD-4A74-A27E-36653D465ABA}]
[-HKEY_CLASSES_ROOT\CLSID\{C658BFF8-79BC-42CE-A155-5E7BFA47ED5A}]
[-HKEY_CLASSES_ROOT\CLSID\{ED595457-56B3-4B39-90D0-4F4F6928FAA5}]
REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************
[.ShellClassInfo]
CLSID={645FF040-5081-101B-9F08-00AA002F954E}
****************************************************************************
Checking for L2MFix account(0=no 1=yes):
0
Zipping up files for submission:
adding: dlls/guard.tmp (deflated 4%)
adding: backregs/notibac.reg (deflated 73%)
adding: backregs/shell.reg (deflated 73%)
adding: backregs/C658BFF8-79BC-42CE-A155-5E7BFA47ED5A.reg (deflated 70%)
adding: backregs/ED595457-56B3-4B39-90D0-4F4F6928FAA5.reg (deflated 70%)

Encore merci
0
Réponse 17 / 28
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
Salut

Remet un HijackThis

a+
0
Réponse 18 / 28
redandgold25 Messages postés 13 Statut Membre
 
Voici le dernier HijackThis :

Logfile of HijackThis v1.99.1
Scan saved at 13:19:06, on 05/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Arcade\PCMService.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\Program Files\Launch Manager\QtZgAcer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\WorldClocksWallpaper\WorldClocksWallpaper.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Softissimo\Lexibase Collins EF\exe\L-Express.exe
C:\Program Files\Logitech\SetPoint\KEM.exe
C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE
C:\Program Files\Webshots\WebshotsTray.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://news.google.com/topstories?hl=fr&gl=FR&ceid=FR:fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - (no file)
O2 - BHO: e-Carte Bleue Browser Helper Object - {2E03C0FD-4C48-43A7-9A54-00240C70FF16} - C:\WINDOWS\system32\BhoECart.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [eCarteBleue-CLEO] "C:\Program Files\e-Carte Bleue\CL\e-Carte Bleue VISA Cleo\ECB-CLEO.exe" /dontopenmycards
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [World Clocks Wallpaper] C:\Program Files\WorldClocksWallpaper\WorldClocksWallpaper.exe
O4 - Startup: Webshots.lnk = C:\Program Files\Webshots\WebshotsTray.exe
O4 - Global Startup: L-Express.lnk = C:\Program Files\Softissimo\Lexibase Collins EF\exe\L-Express.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Créer un Favori de l'appareil mobile - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Créer un Favori de l'appareil mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\avgfwafu.dll
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Wanadoo - http://chat7.x-echo.com/version6/Applet/wchatsign.cab
O16 - DPF: {08BEF711-06DA-48B2-9534-802ECAA2E4F9} (PlxInstall Class) - http://down.plaxo.com/down/latest/PlaxoInstall.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by12fd.bay12.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_s...
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f005.mail.caramail.lycos.fr/app/uploader/FileUploader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{5DE0DAC3-8E76-4AB1-A4A0-286CADDF8567}: NameServer = 80.10.246.134 80.10.246.7
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: Setup - C:\WINDOWS\system32\irj4l51q1.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG Firewall (AVGFwSrv) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgfwsrv.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe

Merci beaucoup
0
Réponse 19 / 28
Regis59 Messages postés 21143 Date d'inscription   Statut Contributeur sécurité Dernière intervention   1 322
 
salut

fixe ceci

R3 - URLSearchHook: (no name) - {A8B28872-3324-4CD2-8AA3-7D555C872D96} - (no file)

O20 - Winlogon Notify: Setup - C:\WINDOWS\system32\irj4l51q1.dll (file missing)

Redemarre et dis moi ou en sont tes soucis

a+
0
Réponse 20 / 28
redandgold25 Messages postés 13 Statut Membre
 
Salut,

A priori plus de souci... Tout semble être rentré dans l'ordre.

Merci mille fois pour ton aide préciseuse. Tout seul, je n'y serais jamais parvenu. Encore merci, en espérant ne pas avoir à faire de nouveau appel à tes services.

Bonne journée
0

Discussions similaires

infecté par des virus
Lisy59120 -
Lisy59120 -

5 réponses
Virus non détecté par mon anti-virus ?
F2L -
cabrier -

12 réponses
simon
sisititi -
azert1313 -

1 réponse
Powershell infecté
Bal2bin -
MisteryBean -

8 réponses
Infecté ?
rifigames -
rifigames -

6 réponses