Sujet Précédent Sujet Suivant

Fenêtres qui s'ouvrent toutes seules

nessa42 Messages postés 23 Statut Membre -  
nessa42 Messages postés 23 Statut Membre -
Mon rapport d'Hijack:

Logfile of HijackThis v1.99.1
Scan saved at 18:51:45, on 22/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Administrateur.TITANIUM\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O20 - Winlogon Notify: Shell Extensions - C:\WINDOWS\system32\irrul5991.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe

16 réponses

Réponse 1 / 16
Utilisateur anonyme
 
Salut,
tu es infecté :O

Clic ici pour nettoyer
http://www.technicland.com/fixvirus.php3

0
Réponse 2 / 16
nessa42 Messages postés 23 Statut Membre
 
Dsl, bon je recommence . Salut est -ce que quelqu'un peut m'aider ?
0
Réponse 3 / 16
Utilisateur anonyme
 
Salut,

Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici
Ewido: (reste gratuit après la période d'essai)
Télécharger Ewido Security Suite

SpyBot-Search & Destroy: (gratuit)
Spybot Search & Destroy

Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2 (en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp

https://www.bitdefender.com/toolbox/

0
Réponse 4 / 16
nessa42 Messages postés 23 Statut Membre
 
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 13:33:32 24/09/2006

+ Scan result:

C:\Documents and Settings\Administrateur\Local Settings\Temp\ADMCache\adm1F6.tmp/asm.exe -> Adware.Altnet : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\ADMCache\adm1F6.tmp/asmps.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\I196J6T4\kazaa_setup[1].exe -> Adware.Altnet : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AltnetDM -> Adware.Altnet : No action taken.
C:\Program Files\Safety Bar -> Adware.Generic : No action taken.
C:\Program Files\Safety Bar\Uninstall.bat -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Safety Bar -> Adware.Generic : No action taken.
HKU\S-1-5-21-839522115-2146539459-1708537768-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{052B12F7-86FA-4921-8482-26C42316B522} -> Adware.Generic : No action taken.
C:\Program Files\802.11 Wireless LAN\802.11b Wireless USB Adapter HW.00 V1.11\uninstall.exe -> Adware.GogoTools : No action taken.
C:\Program Files\802.11 Wireless LAN\802.11b Wireless USB Adapter HW.00 V1.20\uninstall.exe -> Adware.GogoTools : No action taken.
C:\WINDOWS\system32\afrsvc.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\azaslgl716q.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\btowselc.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\cMpesnpn.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\en44l1hq1.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\en68l1ju1.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\en8ol1l31.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\enjul1191.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\enlsl1371.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\enpql1751.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\enrul1991.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\f0j2la1o1d.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\f0l0la3m1d.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\fn0021dmg.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\fppm0371e.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\h40q0ed5eh0.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\i060lajm1doa.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\ir20l5fm1.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\ir42l5ho1.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\ir62l5jo1.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\irl2l53o1.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\irl4l53q1.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\irn0l55m1.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\irr0l59m1.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\k0nola531d.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\kpdbr.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\l6p2lg7o16.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\lv0409dqe.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\lv8009lme.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\lv8409lqe.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\lvj8091ue.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\lvnq0955e.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\lvp2097oe.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\m628lgfu1628.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\mv20l9fm1.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\n44s0eh7eh4.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\nodenb32.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\r06u0aj9edo.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\r08s0al7edq.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\r68slgl716q.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\s0pu0a79ed.dll -> Adware.Look2Me : No action taken.
C:\WINDOWS\system32\wyhbth.dll -> Adware.Look2Me : No action taken.
[1352] C:\WINDOWS\system32\rIsauto.dll -> Adware.Look2Me : No action taken.
[1844] C:\WINDOWS\system32\rIsauto.dll -> Adware.Look2Me : No action taken.
C:\Program Files\a-squared Free\Quarantine\104ded2a078b95d68bb18ba7f0ae49a2.a2q/Program Files/rxtoolbar/sfcont.dll -> Adware.RXToolbar : No action taken.
HKU\S-1-5-21-839522115-2146539459-1708537768-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} -> Adware.RXToolbar : No action taken.
C:\Documents and Settings\Administrateur.PC\Menu Démarrer\Programmes\WhenU -> Adware.SaveNow : No action taken.
C:\Documents and Settings\Administrateur.PC\Menu Démarrer\Programmes\WhenU\Learn More About WhenU Save.url -> Adware.SaveNow : No action taken.
C:\Documents and Settings\Administrateur.PC\Menu Démarrer\Programmes\WhenU\Learn More About WhenU SaveNow.url -> Adware.SaveNow : No action taken.
C:\Documents and Settings\Administrateur.PC\Menu Démarrer\Programmes\WhenU\Uninstall.lnk -> Adware.SaveNow : No action taken.
C:\Documents and Settings\Administrateur.PC\Menu Démarrer\Programmes\WhenU\WhenU Help Desk.lnk -> Adware.SaveNow : No action taken.
C:\Documents and Settings\Administrateur.PC\Menu Démarrer\Programmes\WhenU\WhenU.com Website.url -> Adware.SaveNow : No action taken.
C:\Documents and Settings\Administrateur.PC\Menu Démarrer\Programmes\SpySheriff -> Adware.SpySheriff : No action taken.
C:\Documents and Settings\Administrateur.PC\Menu Démarrer\Programmes\SpySheriff\SpySheriff.lnk -> Adware.SpySheriff : No action taken.
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\SpySheriff -> Adware.SpySheriff : No action taken.
C:\Documents and Settings\Administrateur\Menu Démarrer\Programmes\SpySheriff\SpySheriff.lnk -> Adware.SpySheriff : No action taken.
C:\Documents and Settings\Administrateur.PC\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyQuake2.com 2.3.lnk -> Adware.SpywareQuake : No action taken.
C:\Documents and Settings\Administrateur.PC\Menu Démarrer\SpyQuake2.com 2.3.lnk -> Adware.SpywareQuake : No action taken.
C:\Documents and Settings\Administrateur\Application Data\Microsoft\Internet Explorer\Quick Launch\SpyQuake2.com 2.3.lnk -> Adware.SpywareQuake : No action taken.
C:\Documents and Settings\Administrateur\Menu Démarrer\SpyQuake2.com 2.3.lnk -> Adware.SpywareQuake : No action taken.
C:\Downloads\MCFHuntsville-dm[1].exe -> Adware.Trymedia : No action taken.
C:\WINDOWS\system32\mljiijj.dll -> Adware.Virtumonde : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Temporary Internet Files\Content.IE5\EBYJ6LYB\drsmartload_js[1].htm -> Downloader.IstBar.j : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Temporary Internet Files\Content.IE5\KTAFG1IN\drsmartload_js[1].htm -> Downloader.IstBar.j : No action taken.
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\71DG31ZZ\new[1].htm -> Not-A-Virus.Constructor.Perl.Msdds.b : No action taken.
C:\WINDOWS\system32\qlwmoaxf.exe -> Not-A-Virus.Downloader.Win32.WinFixer.i : No action taken.
C:\Documents and Settings\Administrateur\Application Data\winantiviruspro2006freeinstall[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.o : No action taken.
C:\WINDOWS\Temp\Temporary Internet Files\Content.IE5\SRBJ281L\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : No action taken.
:mozilla.186:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
:mozilla.187:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@247realmedia[1].txt -> TrackingCookie.247realmedia : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@betzipcom.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@boonty.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@highbeam.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@msnuk.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@nbcuniversal.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@cbs.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@cnn.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@ldproducts.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@msnaccountservices.112.2o7[2].txt -> TrackingCookie.2o7 : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@msninvite.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@aavalue[2].txt -> TrackingCookie.Aavalue : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@eztracks.aavalue[1].txt -> TrackingCookie.Aavalue : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@aavalue[2].txt -> TrackingCookie.Aavalue : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@paidmarketingpanel.aavalue[1].txt -> TrackingCookie.Aavalue : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@adbrite[2].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@stats.adbrite[1].txt -> TrackingCookie.Adbrite : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@admarketplace[1].txt -> TrackingCookie.Admarketplace : No action taken.
:mozilla.56:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.57:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.6:C:\Documents and Settings\Administrateur.TITANIUM\Application Data\Mozilla\Firefox\Profiles\asrd7efn.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
:mozilla.7:C:\Documents and Settings\Administrateur.TITANIUM\Application Data\Mozilla\Firefox\Profiles\asrd7efn.default\cookies.txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@adtech[2].txt -> TrackingCookie.Adtech : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@advertising[2].txt -> TrackingCookie.Advertising : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@advertising[1].txt -> TrackingCookie.Advertising : No action taken.
:mozilla.83:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@atdmt[2].txt -> TrackingCookie.Atdmt : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@bestoffersnetworks[1].txt -> TrackingCookie.Bestoffersnetworks : No action taken.
C:\Documents and Settings\Administrateur\Cookies\administrateur@bestoffersnetworks[1].txt -> TrackingCookie.Bestoffersnetworks : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@bestoffersnetworks[2].txt -> TrackingCookie.Bestoffersnetworks : No action taken.
:mozilla.183:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@bluestreak[2].txt -> TrackingCookie.Bluestreak : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@crbanner.casinopays[1].txt -> TrackingCookie.Casinopays : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@casinotropez[1].txt -> TrackingCookie.Casinotropez : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@www.casinotropez[2].txt -> TrackingCookie.Casinotropez : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@casinotropez[1].txt -> TrackingCookie.Casinotropez : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@clickbank[1].txt -> TrackingCookie.Clickbank : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : No action taken.
C:\Documents and Settings\Administrateur\Cookies\administrateur@cliks[1].txt -> TrackingCookie.Cliks : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@cliks[2].txt -> TrackingCookie.Cliks : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@cliks[2].txt -> TrackingCookie.Cliks : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@banner.clubdicecasino[1].txt -> TrackingCookie.Clubdicecasino : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@clubdicecasino[1].txt -> TrackingCookie.Clubdicecasino : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@com[1].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@com[1].txt -> TrackingCookie.Com : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@com[1].txt -> TrackingCookie.Com : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : No action taken.
:mozilla.10:C:\Documents and Settings\Administrateur.TITANIUM\Application Data\Mozilla\Firefox\Profiles\asrd7efn.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
:mozilla.12:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\Administrateur\Cookies\administrateur@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@doubleclick[1].txt -> TrackingCookie.Doubleclick : No action taken.
:mozilla.20:C:\Documents and Settings\Administrateur.TITANIUM\Application Data\Mozilla\Firefox\Profiles\asrd7efn.default\cookies.txt -> TrackingCookie.Estat : No action taken.
:mozilla.81:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Estat : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@estat[1].txt -> TrackingCookie.Estat : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@estat[1].txt -> TrackingCookie.Estat : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@as1.falkag[2].txt -> TrackingCookie.Falkag : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@as1.falkag[1].txt -> TrackingCookie.Falkag : No action taken.
:mozilla.39:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.40:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.41:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.42:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
:mozilla.43:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@fastclick[2].txt -> TrackingCookie.Fastclick : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@ehg-tvtv.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@phg.hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@ehg-overseenet.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@ehg-pcsecurityshield.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@ehg-tvtv.hitbox[1].txt -> TrackingCookie.Hitbox : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@hitbox[2].txt -> TrackingCookie.Hitbox : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@hotlog[1].txt -> TrackingCookie.Hotlog : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@ilead.itrack[2].txt -> TrackingCookie.Itrack : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : No action taken.
:mozilla.102:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@mediaplex[1].txt -> TrackingCookie.Mediaplex : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@need2find[1].txt -> TrackingCookie.Need2find : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@banner.newyorkcasino[1].txt -> TrackingCookie.Newyorkcasino : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@stat.onestat[2].txt -> TrackingCookie.Onestat : No action taken.
:mozilla.10:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Overture : No action taken.
:mozilla.11:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@overture[2].txt -> TrackingCookie.Overture : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@overture[1].txt -> TrackingCookie.Overture : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@creative.paypopup[1].txt -> TrackingCookie.Paypopup : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@ads.pointroll[2].txt -> TrackingCookie.Pointroll : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@www.popuptraffic[1].txt -> TrackingCookie.Popuptraffic : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@qksrv[1].txt -> TrackingCookie.Qksrv : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@qksrv[2].txt -> TrackingCookie.Qksrv : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@ads-205.quarterserver[1].txt -> TrackingCookie.Quarterserver : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@ads-205.quarterserver[1].txt -> TrackingCookie.Quarterserver : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@ads-205.quarterserver[1].txt -> TrackingCookie.Quarterserver : No action taken.
:mozilla.179:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.180:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
:mozilla.181:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@questionmarket[2].txt -> TrackingCookie.Questionmarket : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\Administrateur\Cookies\administrateur@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@revenue[1].txt -> TrackingCookie.Revenue : No action taken.
:mozilla.52:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.53:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.54:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.55:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@serving-sys[2].txt -> TrackingCookie.Serving-sys : No action taken.
:mozilla.26:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.27:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
:mozilla.28:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@spylog[1].txt -> TrackingCookie.Spylog : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@statcounter[2].txt -> TrackingCookie.Statcounter : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@anad.tacoda[2].txt -> TrackingCookie.Tacoda : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@tacoda[1].txt -> TrackingCookie.Tacoda : No action taken.
:mozilla.62:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@reduxads.valuead[2].txt -> TrackingCookie.Valuead : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@reduxads.valuead[2].txt -> TrackingCookie.Valuead : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@valueclick[2].txt -> TrackingCookie.Valueclick : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@valueclick[1].txt -> TrackingCookie.Valueclick : No action taken.
:mozilla.42:C:\Documents and Settings\Administrateur.TITANIUM\Application Data\Mozilla\Firefox\Profiles\asrd7efn.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.75:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.76:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
:mozilla.77:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Weborama : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@weborama[1].txt -> TrackingCookie.Weborama : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@weborama[2].txt -> TrackingCookie.Weborama : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@yadro[1].txt -> TrackingCookie.Yadro : No action taken.
C:\Documents and Settings\Administrateur\Cookies\administrateur@yadro[1].txt -> TrackingCookie.Yadro : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@yadro[1].txt -> TrackingCookie.Yadro : No action taken.
:mozilla.111:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Administrateur\Cookies\administrateur@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\Documents and Settings\Administrateur\Local Settings\Temp\Cookies\administrateur@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : No action taken.
:mozilla.182:C:\Documents and Settings\Administrateur\Application Data\Mozilla\Firefox\Profiles\w0mvgtqr.default\cookies.txt -> TrackingCookie.Zedo : No action taken.
C:\WINDOWS\Temp\Cookies\administrateur@zedo[2].txt -> TrackingCookie.Zedo : No action taken.

::Report end
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 16
nessa42 Messages postés 23 Statut Membre
 
BitDefender Online Scanner

Scan report generated at: Sun, Sep 24, 2006 - 19:42:01

Scan path: A:\;C:\;D:\;E:\;

Statistics

Time
02:03:51

Files
343149

Folders
6584

Boot Sectors
4

Archives
2701

Packed Files
33869

Results

Identified Viruses
19

Infected Files
30

Suspect Files
1

Warnings
0

Disinfected
0

Deleted Files
30

Engines Info

Virus Definitions
455653

Engine build
AVCORE v1.0 (build 2310) (i386) (Apr 17 2006 16:24:38)

Scan plugins
13

Archive plugins
38

Unpack plugins
6

E-mail plugins
6

System plugins
1

Scan Settings

First Action
Disinfect

Second Action
Delete

Heuristics
Yes

Enable Warnings
Yes

Scanned Extensions
*;

Exclude Extensions

Scan Emails
Yes

Scan Archives
Yes

Scan Packed
Yes

Scan Files
Yes

Scan Boot
Yes

Scanned File
Status

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\CYOHPQTB\1[2].htm
Infected with: Generic.XPL.MhtRedir.7767916A

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\CYOHPQTB\1[2].htm
Disinfection failed

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\CYOHPQTB\1[2].htm
Deleted

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\FZH8JBD8\35[1].htm
Infected with: Generic.XPL.CodeBase.20F590E5

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\FZH8JBD8\35[1].htm
Disinfection failed

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\FZH8JBD8\35[1].htm
Deleted

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\FZH8JBD8\crack[1].exe
Infected with: Trojan.Downloader.Small.BFI

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\FZH8JBD8\crack[1].exe
Disinfection failed

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\FZH8JBD8\crack[1].exe
Deleted

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\QESE2P7K\1[1].htm
Infected with: Generic.XPL.MhtRedir.4D584333

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\QESE2P7K\1[1].htm
Disinfection failed

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\QESE2P7K\1[1].htm
Deleted

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\QESE2P7K\35[1].htm
Infected with: Generic.XPL.CodeBase.1FE3E773

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\QESE2P7K\35[1].htm
Disinfection failed

C:\Documents and Settings\Administrateur\Local Settings\Temp\Temporary Internet Files\Content.IE5\QESE2P7K\35[1].htm
Deleted

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\G7Q3CFED\35[1].htm
Infected with: Generic.XPL.CodeBase.4FA337A1

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\G7Q3CFED\35[1].htm
Disinfection failed

C:\Documents and Settings\Administrateur\Local Settings\Temporary Internet Files\Content.IE5\G7Q3CFED\35[1].htm
Deleted

C:\Documents and Settings\Administrateur.PC\Local Settings\Temporary Internet Files\Content.IE5\UFKF8MLC\4[1].htm
Suspected of: Trojan.Downloader.JS.BE

C:\Documents and Settings\Administrateur.PC\Local Settings\Temporary Internet Files\Content.IE5\UFKF8MLC\4[1].htm
Disinfection failed

C:\Documents and Settings\Administrateur.PC\Local Settings\Temporary Internet Files\Content.IE5\UFKF8MLC\4[1].htm
Deleted

C:\Documents and Settings\Administrateur.PC\Local Settings\Temporary Internet Files\Content.IE5\Y0JT4SJH\connect[1].htm
Infected with: Generic.XPL.CodeBase.DFF101D9

C:\Documents and Settings\Administrateur.PC\Local Settings\Temporary Internet Files\Content.IE5\Y0JT4SJH\connect[1].htm
Disinfection failed

C:\Documents and Settings\Administrateur.PC\Local Settings\Temporary Internet Files\Content.IE5\Y0JT4SJH\connect[1].htm
Deleted

C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\INFECTED\4585370a.qua
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\INFECTED\4585370a.qua
Disinfection failed

C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\INFECTED\4585370a.qua
Deleted

C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\INFECTED\458539d5.qua
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\INFECTED\458539d5.qua
Disinfection failed

C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\INFECTED\458539d5.qua
Deleted

C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\INFECTED\45853ff8.qua
Detected with: Application.JS.ForcePopup.D

C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\INFECTED\45853ff8.qua
Disinfection failed

C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\INFECTED\45853ff8.qua
Deleted

C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\INFECTED\45874851.qua
Detected with: Adware.Mcboo.A

C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\INFECTED\45874851.qua
Disinfection failed

C:\Documents and Settings\All Users.WINDOWS\Application Data\AntiVir PersonalEdition Classic\INFECTED\45874851.qua
Deleted

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
Infected with: Generic.Malware.SPPk.6A61ADD4

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
Disinfection failed

C:\Program Files\Adobe\Photoshop Album Edition Découverte\3.0\Apps\apdproxy.exe
Deleted

C:\Program Files\ewido anti-spyware 4.0\Quarantine\filE275E249.dat=>(gzip)
Detected with: Adware.Safetybar.B

C:\Program Files\ewido anti-spyware 4.0\Quarantine\filE275E249.dat=>(gzip)
Disinfection failed

C:\Program Files\ewido anti-spyware 4.0\Quarantine\filE275E249.dat=>(gzip)
Deleted

C:\Program Files\ewido anti-spyware 4.0\Quarantine\filE275E249.dat
Update failed

C:\Program Files\QuickTime\qttask.exe
Infected with: Generic.Malware.SPPk.6A61ADD4

C:\Program Files\QuickTime\qttask.exe
Disinfection failed

C:\Program Files\QuickTime\qttask.exe
Delete failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP29\A0027007.exe
Infected with: Trojan.Clicker.Agent.AM

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP29\A0027007.exe
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP29\A0027007.exe
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP29\A0027020.exe
Infected with: Trojan.Clicker.Agent.AM

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP29\A0027020.exe
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP29\A0027020.exe
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0027041.exe
Infected with: Trojan.Clicker.Agent.AM

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0027041.exe
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0027041.exe
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0027055.exe
Infected with: Trojan.Clicker.Agent.AM

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0027055.exe
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0027055.exe
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0029115.pt
Infected with: Trojan.Dialer.Hexe.C

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0029115.pt
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0029115.pt
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030056.exe
Infected with: Trojan.Clicker.Agent.AM

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030056.exe
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030056.exe
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030058.exe
Infected with: Trojan.Agent.ASD

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030058.exe
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030058.exe
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030061.exe
Infected with: Trojan.Clicker.Agent.AM

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030061.exe
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030061.exe
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030091.exe=>(CAB Sfx r)=>Setup.exe
Infected with: Trojan.Dropper.Agent.DF

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030091.exe=>(CAB Sfx r)=>Setup.exe
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030091.exe=>(CAB Sfx r)=>Setup.exe
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0030091.exe=>(CAB Sfx r)
Update failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0032059.EXE
Detected with: Application.Adware.NewDotNet.B.Dropper

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP30\A0032059.EXE
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0035763.bat
Detected with: Adware.Safetybar.B

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0035763.bat
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0035763.bat
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0035775.dll
Infected with: DeepScan:Generic.Malware.SYddldg.F68227E3

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0035775.dll
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0035775.dll
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0035778.exe
Infected with: Trojan.Downloader.Winfixer.O

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0035778.exe
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0035778.exe
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0041714.exe
Infected with: Trojan.Downloader.Small.BFI

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0041714.exe
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0041714.exe
Deleted

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0041715.exe
Infected with: Generic.Malware.SPPk.6A61ADD4

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0041715.exe
Disinfection failed

C:\System Volume Information\_restore{E23292BD-258E-4534-9664-1939871FDA93}\RP43\A0041715.exe
Deleted

C:\WINDOWS\system32\qlwmoaxf.exe
Infected with: Trojan.Adload.MAS

C:\WINDOWS\system32\qlwmoaxf.exe
Disinfection failed

C:\WINDOWS\system32\qlwmoaxf.exe
Deleted
0
Réponse 6 / 16
Utilisateur anonyme
 
Salut,

refais un scan avec Ewido et supprime tout puis remet un rapport Ewido stp

Fait ce nettoyage

Fait ce nettoyage: (à faire réguliérement)

¤Telecharges et installes ceci:
CCleaner:
Télécharger Ccleaner

dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

puis remets un rapport hijackthis stp
0
Réponse 7 / 16
nessa42 Messages postés 23 Statut Membre
 
ewido anti-spyware - Scan Report
---------------------------------------------------------

+ Created at: 21:46:15 25/09/2006

+ Scan result:

HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{052b12f7-86fa-4921-8482-26c42316b522} -> Adware.Generic : Cleaned with backup (quarantined).
C:\WINDOWS\system32\e0202afmgd2a2.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\e6202gfmg62a2.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\fppm0371e.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\j8n20i5oe8.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\k4js0e17eh.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\m0ju0a19ed.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\xglprov.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
[1024] C:\WINDOWS\system32\mmd32.dll -> Adware.Look2Me : Error during cleaning.
[296] C:\WINDOWS\system32\mmd32.dll -> Adware.Look2Me : Error during cleaning.
C:\Program Files\QuickTime\qttask.exe -> Heuristic.Win32.AVKiller : Ignored.
C:\WINDOWS\system32:lzx32.sys -> Hijacker.Costrat.g : Error during cleaning.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@247realmedia[2].txt -> TrackingCookie.247realmedia : Cleaned.
C:\WINDOWS\Temp\Cookies\administrateur@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\WINDOWS\Temp\Cookies\administrateur@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\WINDOWS\Temp\Cookies\administrateur@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\WINDOWS\Temp\Cookies\administrateur@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\WINDOWS\Temp\Cookies\administrateur@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\WINDOWS\Temp\Cookies\administrateur@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Cleaned.
C:\WINDOWS\Temp\Cookies\administrateur@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\WINDOWS\Temp\Cookies\administrateur@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\WINDOWS\Temp\Cookies\administrateur@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\WINDOWS\Temp\Cookies\administrateur@reduxads.valuead[1].txt -> TrackingCookie.Valuead : Cleaned.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\Administrateur.TITANIUM\Local Settings\Temp\Cookies\administrateur@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\WINDOWS\Temp\Cookies\administrateur@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.

::Report end
0
Réponse 8 / 16
nessa42 Messages postés 23 Statut Membre
 
Logfile of HijackThis v1.99.1
Scan saved at 21:56:16, on 25/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\svchost.exe
D:\Program Files\eMule\emule.exe
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\Documents and Settings\Administrateur.TITANIUM\Bureau\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs:
O20 - Winlogon Notify: WindowsUpdate - C:\WINDOWS\system32\r0p8la7u1d.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
0
Réponse 9 / 16
Utilisateur anonyme
 
ok

Fait ce nettoyage: (à faire réguliérement)

¤Telecharges et installes ceci:
CCleaner:
Télécharger Ccleaner

dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes

¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"

Puis

Télécharge L2mfix ici:
http://www.downloads.subratam.org/l2mfix.exe

double clic sur "L2mfix.exe" pour lancer l'extraction.
dans le dossier "L2mfix" double clic sur "l2mfix.bat" et choisis l'option 1 et valide avec la touche entrée
il va te generer un rapport
Copie et colle le resultat ici s'il te plait.

0
Réponse 10 / 16
nessa42 Messages postés 23 Statut Membre
 
L2MFIX find log 051206
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
"Asynchronous"=dword:00000000
"DllName"=""
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WindowsUpdate]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\r0p8la7u1d.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{9E0A9F2B-32A6-5F2C-3920-AEFC2BF4D162}"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Feuille de propri‚t‚s du fichier multim‚dia"
"{176d6597-26d3-11d1-b350-080036a75b03}"="Gestion de scanneur ICM"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="Page de s‚curit‚ NTFS"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Page des propri‚t‚s de OLE DocFile"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Carte du Panneau de configuration"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage cran du Panneau de configuration"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Extension Affichage Panorama du Panneau de configuration"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Page de s‚curit‚ DS"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Page de compatibilit‚"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Gestionnaire de donn‚es endommag‚es de l'environnement"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Extension copie de disquette"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Extensions de l'environnement pour les objets r‚seau de Microsoft Windows"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="Gestion d'‚cran ICM"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="Gestion d'imprimante ICM"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Extensions de l'environnement de compression de fichiers"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Extension de l'environnement d'imprimante Web"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Menu contextuel de cryptage"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Porte-documents"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="Extension ic“ne HyperTerminal"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="Profil ICC"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Page de s‚curit‚ des imprimantes"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Extensions de l'environnement pour le partage"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie PKO"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Extension de cryptographie Sign"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Connexions r‚seau"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Connexions r‚seau"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="&Scanneurs et appareils photo"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="&Scanneurs et appareils photo"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="&Scanneurs et appareils photo"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="&Scanneurs et appareils photo"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="&Scanneurs et appareils photo"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Extensions de l'interpr‚teur de commandes pour l'environnement d'ex‚cution de scripts Windows"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Liaison de donn‚es Microsoft"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Tƒches planifi‚es"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Barre des tƒches et menu D‚marrer"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Rechercher"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Aide et support"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Ex‚cuter..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="Courrier ‚lectronique"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Polices"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Outils d'administration"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Page de propri‚t‚s des versions pr‚c‚dentes"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Versions pr‚c‚dentes"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Barre d'outils Internet Microsoft"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="tat du t‚l‚chargement"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Dossier Bureau ‚tendu"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Dossier du shell augment‚"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Bande du navigateur Microsoft"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Bande de recherche"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="Volet int‚gr‚ de recherche"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Recherche Web"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Utilitaire des options de l'arborescence du Registre"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Adresse"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="BoŒte d'entr‚e de l'adresse"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Saisie semi-automatique Microsoft"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="Liste de saisie semi-automatique MRU"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Liste de saisie semi-automatique personnalis‚e MRU"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Barre de progrŠs auto-ouvrante"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Liste de saisie semi-automatique de l'historique Microsoft"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Liste de saisie semi-automatique du dossier Shell Microsoft"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Conteneur de la liste de saisie semi-automatique multiple Microsoft"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Menu Site de bandes"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Barre du Bureau"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="Assistance utilisateur"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="ParamŠtres du dossier global"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="Historique"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="Image de d‚marrage de la Suite IE4"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="Dossier ActiveX Cache"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Dossier Inscription"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Gestionnaire d'applications d'environnement"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="num‚rateur d'applications install‚es"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Publication d'application Darwin"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="Extracteur de miniatures de fichier + GDI"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Gestionnaire de miniatures - Informations de r‚sum‚ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="Extracteur de miniatures HTML"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Assistant Publication de sites Web"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Commande d'impressions via le Web"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Objet Assistant de publication Shell"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Assistant Obtenir une identit‚ Passport"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="Comptes d'utilisateurs"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Fichier de chaŒne"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Raccourci de chaŒne"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Dossier Fichiers hors connexion"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="Des &personnes..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{32020A01-506E-484D-A2A8-BE3CF17601C3}"="AlcoholShellEx"
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}"="Messenger Sharing Folders"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{497F3B5A-D5AA-43D3-8873-5C8E22047030}"=""
"{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF}"="iTunes"
"{C52AF81D-F7A0-4AAB-8E87-F80A60CCD396}"="OpenOffice.org Column Handler"
"{087B3AE3-E237-4467-B8DB-5A38AB959AC9}"="OpenOffice.org Infotip Handler"
"{63542C48-9552-494A-84F7-73AA6A7C99C1}"="OpenOffice.org Property Sheet Handler"
"{3B092F0C-7696-40E3-A80F-68D74DA84210}"="OpenOffice.org Thumbnail Viewer"
"{E8871002-8BEE-498C-9245-FB8DB4047150}"=""
"{45AC2688-0253-4ED8-97DE-B5370FA7D48A}"="Shell Extension for Malware scanning"
"{5CF92E69-FC5F-4E05-8CA5-36C4C3176A90}"="HandyHTML Studio shell extension"

**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{497F3B5A-D5AA-43D3-8873-5C8E22047030}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{497F3B5A-D5AA-43D3-8873-5C8E22047030}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{497F3B5A-D5AA-43D3-8873-5C8E22047030}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{497F3B5A-D5AA-43D3-8873-5C8E22047030}\InprocServer32]
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{E8871002-8BEE-498C-9245-FB8DB4047150}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{E8871002-8BEE-498C-9245-FB8DB4047150}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{E8871002-8BEE-498C-9245-FB8DB4047150}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{E8871002-8BEE-498C-9245-FB8DB4047150}\InprocServer32]
@="C:\\WINDOWS\\system32\\mmd32.dll"
"ThreadingModel"="Apartment"

**********************************************************************************
Files Found are not all bad files:

C:\WINDOWS\SYSTEM32\
divx.dll Mon 3 Jul 2006 23:40:50 A.... 620 180 605,64 K
divx_x~1.dll Mon 3 Jul 2006 23:40:52 A.... 778 240 760,00 K
divx_x~2.dll Mon 3 Jul 2006 23:40:52 A.... 778 240 760,00 K
divx_x~3.dll Mon 3 Jul 2006 23:40:50 A.... 761 856 744,00 K
dpl100.dll Fri 4 Aug 2006 17:37:38 A.... 73 728 72,00 K
dtu100.dll Fri 4 Aug 2006 17:37:38 A.... 196 608 192,00 K
ir4fix.dll Mon 25 Sep 2006 19:38:54 A.... 17 787 17,37 K
irr0l5~1.dll Mon 25 Sep 2006 19:37:46 ..S.R 233 795 228,31 K
member~1.dll Mon 24 Jul 2006 15:33:14 A.... 434 176 424,00 K
mmd32.dll Mon 25 Sep 2006 19:37:46 ..S.R 237 001 231,45 K
px.dll Thu 27 Jul 2006 4:05:56 ..... 372 736 364,00 K
pxdrv.dll Thu 27 Jul 2006 4:05:56 ..... 421 888 412,00 K
pxmas.dll Thu 27 Jul 2006 4:05:56 ..... 172 032 168,00 K
pxwave.dll Thu 27 Jul 2006 4:05:54 ..... 339 968 332,00 K
qt-dx331.dll Thu 27 Jul 2006 4:06:00 A.... 3 596 288 3,43 M
r0p8la~1.dll Sun 24 Sep 2006 17:17:28 ..S.R 237 001 231,45 K
sirenacm.dll Sat 29 Jul 2006 19:32:50 A.... 48 936 47,79 K
tidycom.dll Sat 5 Aug 2006 5:12:52 A.... 366 080 357,50 K
vxblock.dll Thu 27 Jul 2006 4:05:54 ..... 28 672 28,00 K
winfda32.dll Sat 12 Aug 2006 12:43:28 A.... 18 944 18,50 K
xacten~4.dll Fri 28 Jul 2006 9:30:32 A.... 236 824 231,27 K
xinput~3.dll Fri 28 Jul 2006 9:30:14 A.... 62 744 61,27 K

22 items found: 22 files (3 H/S), 0 directories.
Total of file sizes: 10 033 724 bytes 9,57 M
Locate .tmp files:

C:\WINDOWS\SYSTEM32\
mcrh.tmp Sat 2 Sep 2006 16:07:26 A.... 0 0,00 K
ttutv.tmp Thu 24 Aug 2006 15:53:34 ..SH. 635 952 621,05 K
ttutv~1.tmp Sat 2 Sep 2006 23:02:34 A.SH. 74 0,07 K

3 items found: 3 files (2 H/S), 0 directories.
Total of file sizes: 636 026 bytes 621,12 K
**********************************************************************************
Directory Listing of system files:
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 00E2-14D4

R‚pertoire de C:\WINDOWS\System32

25/09/2006 22:33 <REP> ..
25/09/2006 22:33 <REP> .
25/09/2006 19:37 237 001 mmd32.dll
25/09/2006 19:37 233 795 irr0l59m1.dll
24/09/2006 17:17 237 001 r0p8la7u1d.dll
03/09/2006 12:10 <REP> dllcache
02/09/2006 23:02 74 ttutv.tmp2
24/08/2006 15:53 635 952 ttutv.tmp
14/08/2006 15:50 952 KGyGaAvL.sys
31/05/2006 13:57 <REP> Microsoft
6 fichier(s) 1 344 775 octets
4 R‚p(s) 8 399 269 888 octets libres
0
Réponse 11 / 16
Utilisateur anonyme
 
Relances "L2mfix.bat" et sélectionne l'option 2
L'ordi va redémarrer automatiquement si non, fais le de toi même
Recopie le rapport et colle le ici avec un nouveau rapport HijackThis
0
Réponse 12 / 16
nessa42 Messages postés 23 Statut Membre
 
L2mfix 051206
Creating Account.
La commande s'est termin‚e correctement.

Adding Administrative privleges.
Checking for L2MFix account(0=no 1=yes):
1
Granting SeDebugPrivilege to L2MFIX ... successful

Running From:
C:\WINDOWS\system32

Killing Processes!
Killing 'smss.exe'
\SystemRoot\System32\smss.exe (384)
Killing 'winlogon.exe'
winlogon.exe (664)
Killing 'explorer.exe'
C:\WINDOWS\Explorer.EXE (1908)
Killing 'rundll32.exe'
rundll32.exe "C:\WINDOWS\system32\rQsman.dll",DllGetVersion (1388)
Restoring Sedebugprivilege:
Granting SeDebugPrivilege to Administrateurs ... successful

Scanning First Pass. Please Wait!

First Pass Completed

Second Pass Scanning

Second pass Completed!
0 fichier(s) copi‚(s).
0 fichier(s) copi‚(s).
0 fichier(s) copi‚(s).
Deleting: C:\WINDOWS\system32\irr0l59m1.dll
Successfully Deleted: C:\WINDOWS\system32\irr0l59m1.dll
Deleting: C:\WINDOWS\system32\rQsman.dll
Successfully Deleted: C:\WINDOWS\system32\rQsman.dll
Deleting: C:\WINDOWS\system32\t8r80i9ue8.dll
Successfully Deleted: C:\WINDOWS\system32\t8r80i9ue8.dll

msg11?.dll
0 fichier(s) copi‚(s).

Restoring Windows Update Certificates.:

The following Is the Current Export of the Winlogon notify key:
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\StillImage]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINDOWS\\system32\\irr0l59m1.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

The following are the files found:
****************************************************************************
C:\WINDOWS\system32\irr0l59m1.dll
C:\WINDOWS\system32\rQsman.dll
C:\WINDOWS\system32\t8r80i9ue8.dll

Registry Entries that were Deleted:
Please verify that the listing looks ok.
If there was something deleted wrongly there are backups in the backreg folder.
****************************************************************************
Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{497F3B5A-D5AA-43D3-8873-5C8E22047030}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{497F3B5A-D5AA-43D3-8873-5C8E22047030}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{497F3B5A-D5AA-43D3-8873-5C8E22047030}\Implemented

Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{497F3B5A-D5AA-43D3-8873-5C8E22047030}\InprocServer32]
"ThreadingModel"="Apartment"

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\CLSID\{E8871002-8BEE-498C-9245-FB8DB4047150}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{E8871002-8BEE-498C-9245-FB8DB4047150}\Implemented Categories]
@=""

[HKEY_CLASSES_ROOT\CLSID\{E8871002-8BEE-498C-9245-FB8DB4047150}\Implemented

Categories\{00021492-0000-0000-C000-000000000046}]
@=""

[HKEY_CLASSES_ROOT\CLSID\{E8871002-8BEE-498C-9245-FB8DB4047150}\InprocServer32]
@="C:\\WINDOWS\\system32\\rQsman.dll"
"ThreadingModel"="Apartment"

REGEDIT4

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{497F3B5A-D5AA-43D3-8873-5C8E22047030}"=-
"{E8871002-8BEE-498C-9245-FB8DB4047150}"=-
[-HKEY_CLASSES_ROOT\CLSID\{497F3B5A-D5AA-43D3-8873-5C8E22047030}]
[-HKEY_CLASSES_ROOT\CLSID\{E8871002-8BEE-498C-9245-FB8DB4047150}]
REGEDIT4

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"SV1"=""
****************************************************************************
Desktop.ini Contents:
****************************************************************************

****************************************************************************
Checking for L2MFix account(0=no 1=yes):
0
Zipping up files for submission:
zip warning: name not matched: dlls\*.*

zip error: Nothing to do! (backup.zip)
adding: backregs/497F3B5A-D5AA-43D3-8873-5C8E22047030.reg (212 bytes security) (deflated 72%)
adding: backregs/E8871002-8BEE-498C-9245-FB8DB4047150.reg (212 bytes security) (deflated 70%)
adding: backregs/notibac.reg (140 bytes security) (deflated 72%)

Logfile of HijackThis v1.99.1
Scan saved at 19:23:53, on 26/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Administrateur.TITANIUM\Bureau\HijackThis.exe
C:\WINDOWS\system32\svchost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O12 - Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - AppInit_DLLs:
O20 - Winlogon Notify: StillImage - C:\WINDOWS\system32\irr0l59m1.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
0
Réponse 13 / 16
Utilisateur anonyme
 
Salut,

c'est déjà mieux

Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked"

O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O20 - Winlogon Notify: StillImage - C:\WINDOWS\system32\irr0l59m1.dll (file missing)

Installe ce pare-feu pour ta sécurité

Kerio: (pare-feu, qui reste gratuit après la periode d'essai!)
Kerio Personal Firewall
-tutorial: pour configurer et comprendre l'utilisation de Kerio
https://kerio.probb.fr/

Télécharge SmitfraudFix (enregistre le sur le "bureau")
http://siri.urz.free.fr/Fix/SmitfraudFix.zip

décompresse SmitfraudFix
Lance le fichier SmitfraudFix ou SmitfraudFix.cmd et choisis l option 1 copie le rapport ici stp

0
Réponse 14 / 16
nessa42 Messages postés 23 Statut Membre
 
SmitFraudFix v2.100

Rapport fait à 20:04:33,97, 26/09/2006
Executé à partir de C:\Documents and Settings\Administrateur.TITANIUM\Mes documents\smit\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal

»»»»»»»»»»»»»»»»»»»»»»»» C:\

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur.TITANIUM

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Administrateur.TITANIUM\Application Data

»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer

»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ADMINI~1.TIT\Favoris

»»»»»»»»»»»»»»»»»»»»»»»» Bureau

»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues

»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"

»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"incestuously"="{03413bf7-e34c-445b-bfc0-a2b127255871}"

»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=" "

»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32

»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll

»»»»»»»»»»»»»»»»»»»»»»»» Fin
0
Réponse 15 / 16
Utilisateur anonyme
 
ok, c'est bon ça semble propre, n'oublie pas d'installer le pare-feu et mets à jour ton système

¤ Mises à jours ¤

Clic sur "demarrer", "tous les programmes", tout en haut "Windows Update" puis telecharge toutes les mises à jour qu'il te trouve, tu peux refaire cette opération plusieurs fois à la suite, même si ton PC aura redemarrer, car ton système est loin d'être à jour ;-)
0
Réponse 16 / 16
nessa42 Messages postés 23 Statut Membre
 
Ok, Merci Beaucoup!!!
0

Discussions similaires

Fenetres qui s'ouvrent toutes seules..
Peewee128 -
val -

24 réponses
Xiaomi Redmi Note 11 : volume augment tout seul
Wasa -
oblixx -

3 réponses
Fenêtre qui s'ouvrent toutes seules
Léa -
Malekal_morte- -

3 réponses
Mon ordinateur ouvre des pages du bureau tout seul
Tanguy -
Tanguy -

9 réponses
Afficher deux fenêtres côte à côte
ptitchinoise -
pistouri -

11 réponses