Trojan-proxy.win32.horst.be
maxink.org
-
maxink.org -
maxink.org -
Bonjour, depuis quelques temps, je suis ennuyé par ce virus "Troyan-Proxy.Win32.horst.be.
Je nettoie une fois par semaine avec Kapersky et ad-aware, le parefeu kapersky est en live, celui de windows est désactivé.
Je joins le scan hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 19:30:13, on 21/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\nouveaux telechargements\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tiscali Liberty Surf -
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Netcraft Toolbar - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} - C:\Program Files\Netcraft Toolbar\nctb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [lywjusq] C:\WINDOWS\btnimr.exe
O4 - HKLM\..\Run: [OfficeGuard RegChecker] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ogrc.exe"
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /wait
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRA~1\LifeFX\LifeFXtb.dll
O9 - Extra 'Tools' menuitem: LifeFX Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRA~1\LifeFX\LifeFXtb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EDE56FA5-2FE4-40AC-A1CA-068F2A1A49E2} (HtmlCtl Class) - http://www.allrightsdrm.com/allrights/services/safeview.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /service (file missing)
O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe" /service (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
Voilà, mes compténces s'arretent là, si quelqu'un peut m'aider, ce serait génial, d'avance merci
Je nettoie une fois par semaine avec Kapersky et ad-aware, le parefeu kapersky est en live, celui de windows est désactivé.
Je joins le scan hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 19:30:13, on 21/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\nouveaux telechargements\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tiscali Liberty Surf -
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Netcraft Toolbar - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} - C:\Program Files\Netcraft Toolbar\nctb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [lywjusq] C:\WINDOWS\btnimr.exe
O4 - HKLM\..\Run: [OfficeGuard RegChecker] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ogrc.exe"
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /wait
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRA~1\LifeFX\LifeFXtb.dll
O9 - Extra 'Tools' menuitem: LifeFX Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRA~1\LifeFX\LifeFXtb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EDE56FA5-2FE4-40AC-A1CA-068F2A1A49E2} (HtmlCtl Class) - http://www.allrightsdrm.com/allrights/services/safeview.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /service (file missing)
O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe" /service (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
Voilà, mes compténces s'arretent là, si quelqu'un peut m'aider, ce serait génial, d'avance merci
A voir également:
- Trojan-proxy.win32.horst.be
- Trojan remover - Télécharger - Antivirus & Antimalwares
- Anti trojan - Télécharger - Antivirus & Antimalwares
- Trojan al11 ✓ - Forum Virus
- Virus trojan al11 ✓ - Forum Virus
- Trojan win32 - Forum Virus
10 réponses
Bonsoir maxink.org,
Télécharge AVG Anti-Spyware:
https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente
Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
poste le rapport AVG ainsi qu'un nouvel hijackthis!
a+
Télécharge AVG Anti-Spyware:
https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente
Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
poste le rapport AVG ainsi qu'un nouvel hijackthis!
a+
voila le rapport avg:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:08:35 21/12/2006
+ Résultat de l'analyse:
HKLM\SOFTWARE\eXactUtil -> Adware.BargainBuddy : Ignoré.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DisplayUtility -> Adware.Delfin : Ignoré.
HKLM\SOFTWARE\Mvu -> Adware.Delfin : Ignoré.
HKLM\SOFTWARE\picsvr -> Adware.Delfin : Ignoré.
HKLM\SOFTWARE\skin -> Adware.Delfin : Ignoré.
HKU\S-1-5-21-3133978997-101265881-2389969595-1005\Software\Mvu -> Adware.Delfin : Ignoré.
HKU\S-1-5-21-3133978997-101265881-2389969595-1005\Software\picsvr -> Adware.Delfin : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\uppicsvr.exe -> Adware.DelphinMedia.Viewer : Ignoré.
C:\Documents and Settings\All Users\Application Data\wsxs\patchme.exe -> Adware.DelphinMediaViewer : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\app3.tmp -> Adware.DelphinMediaViewer : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\app4.tmp -> Adware.DelphinMediaViewer : Ignoré.
C:\Program Files\Fichiers communs\Uninstall Information\RemoveDisplayUtility.exe -> Adware.DelphinMediaViewer : Ignoré.
C:\WINDOWS\system32\nsvsvc\nsv.ocx -> Adware.DelphinMediaViewer : Ignoré.
C:\WINDOWS\system32\nsvsvc\nsvs.dll -> Adware.DelphinMediaViewer : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\NHUninstaller.exe -> Adware.NavExcel : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\NHUpdater.exe -> Adware.NavExcel : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\NHelper.dll -> Adware.NavExcel : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\v2.0.4a.cab/NHUninstaller.exe -> Adware.NavExcel : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\v2.0.4a.cab/NHUpdater.exe -> Adware.NavExcel : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\v2.0.4a.cab/NHelper.dll -> Adware.NavExcel : Ignoré.
C:\RECYCLER\NPROTECT\00094829.EXE -> Adware.NewDotNet : Ignoré.
C:\RECYCLER\NPROTECT\00095626.EXE -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall5_48.exe -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall5_64.exe -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall6_10.exe -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall6_22.exe -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall6_30.exe -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Ignoré.
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Ignoré.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Ignoré.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WhenUSave -> Adware.SaveNow : Ignoré.
:mozilla.30:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@247realmedia[1].txt -> TrackingCookie.247realmedia : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@2o7[2].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@adbrite[1].txt -> TrackingCookie.Adbrite : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@admarketplace[1].txt -> TrackingCookie.Admarketplace : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@adtech[2].txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.13:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.35:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@ads13.bpath[2].txt -> TrackingCookie.Bpath : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@ads43.bpath[1].txt -> TrackingCookie.Bpath : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@burstnet[1].txt -> TrackingCookie.Burstnet : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@casalemedia[1].txt -> TrackingCookie.Casalemedia : Ignoré.
:mozilla.479:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Clickzs : Ignoré.
:mozilla.491:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Clickzs : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@vip.clickzs[1].txt -> TrackingCookie.Clickzs : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@com[1].txt -> TrackingCookie.Com : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.17:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
:mozilla.396:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Epilot : Ignoré.
:mozilla.116:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@estat[1].txt -> TrackingCookie.Estat : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@as1.falkag[2].txt -> TrackingCookie.Falkag : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@fastclick[1].txt -> TrackingCookie.Fastclick : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@c.goclick[2].txt -> TrackingCookie.Goclick : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@ilead.itrack[1].txt -> TrackingCookie.Itrack : Ignoré.
:mozilla.784:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Ivwbox : Ignoré.
:mozilla.764:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Masterstats : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@image.masterstats[1].txt -> TrackingCookie.Masterstats : Ignoré.
:mozilla.112:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@overture[1].txt -> TrackingCookie.Overture : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Ignoré.
:mozilla.233:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Realcastmedia : Ignoré.
:mozilla.561:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.562:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.563:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.614:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.615:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.616:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.617:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.618:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.29:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.624:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.36:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.37:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.38:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.39:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@statcounter[1].txt -> TrackingCookie.Statcounter : Ignoré.
:mozilla.544:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tacoda : Ignoré.
:mozilla.545:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tacoda : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@tacoda[2].txt -> TrackingCookie.Tacoda : Ignoré.
:mozilla.100:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.101:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.102:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.23:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.24:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.25:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.26:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.113:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Valueclick : Ignoré.
:mozilla.440:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Web-stat : Ignoré.
:mozilla.441:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Web-stat : Ignoré.
:mozilla.442:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Web-stat : Ignoré.
:mozilla.31:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.32:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.33:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.34:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@weborama[2].txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@yadro[2].txt -> TrackingCookie.Yadro : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@zedo[1].txt -> TrackingCookie.Zedo : Ignoré.
Fin du rapport
et le rapport hijacking
Logfile of HijackThis v1.99.1
Scan saved at 22:11:39, on 21/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\nouveaux telechargements\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tiscali Liberty Surf -
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Netcraft Toolbar - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} - C:\Program Files\Netcraft Toolbar\nctb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [lywjusq] C:\WINDOWS\btnimr.exe
O4 - HKLM\..\Run: [OfficeGuard RegChecker] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ogrc.exe"
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /wait
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRA~1\LifeFX\LifeFXtb.dll
O9 - Extra 'Tools' menuitem: LifeFX Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRA~1\LifeFX\LifeFXtb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EDE56FA5-2FE4-40AC-A1CA-068F2A1A49E2} (HtmlCtl Class) - http://www.allrightsdrm.com/allrights/services/safeview.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /service (file missing)
O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe" /service (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
voilà
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:08:35 21/12/2006
+ Résultat de l'analyse:
HKLM\SOFTWARE\eXactUtil -> Adware.BargainBuddy : Ignoré.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DisplayUtility -> Adware.Delfin : Ignoré.
HKLM\SOFTWARE\Mvu -> Adware.Delfin : Ignoré.
HKLM\SOFTWARE\picsvr -> Adware.Delfin : Ignoré.
HKLM\SOFTWARE\skin -> Adware.Delfin : Ignoré.
HKU\S-1-5-21-3133978997-101265881-2389969595-1005\Software\Mvu -> Adware.Delfin : Ignoré.
HKU\S-1-5-21-3133978997-101265881-2389969595-1005\Software\picsvr -> Adware.Delfin : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\uppicsvr.exe -> Adware.DelphinMedia.Viewer : Ignoré.
C:\Documents and Settings\All Users\Application Data\wsxs\patchme.exe -> Adware.DelphinMediaViewer : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\app3.tmp -> Adware.DelphinMediaViewer : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\app4.tmp -> Adware.DelphinMediaViewer : Ignoré.
C:\Program Files\Fichiers communs\Uninstall Information\RemoveDisplayUtility.exe -> Adware.DelphinMediaViewer : Ignoré.
C:\WINDOWS\system32\nsvsvc\nsv.ocx -> Adware.DelphinMediaViewer : Ignoré.
C:\WINDOWS\system32\nsvsvc\nsvs.dll -> Adware.DelphinMediaViewer : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\NHUninstaller.exe -> Adware.NavExcel : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\NHUpdater.exe -> Adware.NavExcel : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\NHelper.dll -> Adware.NavExcel : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\v2.0.4a.cab/NHUninstaller.exe -> Adware.NavExcel : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\v2.0.4a.cab/NHUpdater.exe -> Adware.NavExcel : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\v2.0.4a.cab/NHelper.dll -> Adware.NavExcel : Ignoré.
C:\RECYCLER\NPROTECT\00094829.EXE -> Adware.NewDotNet : Ignoré.
C:\RECYCLER\NPROTECT\00095626.EXE -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall5_48.exe -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall5_64.exe -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall6_10.exe -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall6_22.exe -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall6_30.exe -> Adware.NewDotNet : Ignoré.
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Ignoré.
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Ignoré.
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Ignoré.
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WhenUSave -> Adware.SaveNow : Ignoré.
:mozilla.30:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.247realmedia : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@247realmedia[1].txt -> TrackingCookie.247realmedia : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@2o7[2].txt -> TrackingCookie.2o7 : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@adbrite[1].txt -> TrackingCookie.Adbrite : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@admarketplace[1].txt -> TrackingCookie.Admarketplace : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@adtech[2].txt -> TrackingCookie.Adtech : Ignoré.
:mozilla.13:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Atdmt : Ignoré.
:mozilla.35:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@bluestreak[2].txt -> TrackingCookie.Bluestreak : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@ads13.bpath[2].txt -> TrackingCookie.Bpath : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@ads43.bpath[1].txt -> TrackingCookie.Bpath : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@burstnet[1].txt -> TrackingCookie.Burstnet : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@casalemedia[1].txt -> TrackingCookie.Casalemedia : Ignoré.
:mozilla.479:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Clickzs : Ignoré.
:mozilla.491:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Clickzs : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@vip.clickzs[1].txt -> TrackingCookie.Clickzs : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@com[1].txt -> TrackingCookie.Com : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Ignoré.
:mozilla.17:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Doubleclick : Ignoré.
:mozilla.396:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Epilot : Ignoré.
:mozilla.116:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Estat : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@estat[1].txt -> TrackingCookie.Estat : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@as1.falkag[2].txt -> TrackingCookie.Falkag : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@fastclick[1].txt -> TrackingCookie.Fastclick : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@c.goclick[2].txt -> TrackingCookie.Goclick : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@ilead.itrack[1].txt -> TrackingCookie.Itrack : Ignoré.
:mozilla.784:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Ivwbox : Ignoré.
:mozilla.764:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Masterstats : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@image.masterstats[1].txt -> TrackingCookie.Masterstats : Ignoré.
:mozilla.112:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Mediaplex : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@overture[1].txt -> TrackingCookie.Overture : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Ignoré.
:mozilla.233:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Realcastmedia : Ignoré.
:mozilla.561:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.562:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.563:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Reliablestats : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Ignoré.
:mozilla.614:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.615:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.616:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.617:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.618:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Ignoré.
:mozilla.29:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.624:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Sitestat : Ignoré.
:mozilla.36:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.37:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.38:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
:mozilla.39:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@statcounter[1].txt -> TrackingCookie.Statcounter : Ignoré.
:mozilla.544:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tacoda : Ignoré.
:mozilla.545:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tacoda : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@tacoda[2].txt -> TrackingCookie.Tacoda : Ignoré.
:mozilla.100:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.101:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.102:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.23:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.24:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.25:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.26:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Ignoré.
:mozilla.113:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Valueclick : Ignoré.
:mozilla.440:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Web-stat : Ignoré.
:mozilla.441:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Web-stat : Ignoré.
:mozilla.442:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Web-stat : Ignoré.
:mozilla.31:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.32:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.33:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
:mozilla.34:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@weborama[2].txt -> TrackingCookie.Weborama : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@yadro[2].txt -> TrackingCookie.Yadro : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Ignoré.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@zedo[1].txt -> TrackingCookie.Zedo : Ignoré.
Fin du rapport
et le rapport hijacking
Logfile of HijackThis v1.99.1
Scan saved at 22:11:39, on 21/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\nouveaux telechargements\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tiscali Liberty Surf -
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Netcraft Toolbar - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} - C:\Program Files\Netcraft Toolbar\nctb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [lywjusq] C:\WINDOWS\btnimr.exe
O4 - HKLM\..\Run: [OfficeGuard RegChecker] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ogrc.exe"
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /wait
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRA~1\LifeFX\LifeFXtb.dll
O9 - Extra 'Tools' menuitem: LifeFX Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRA~1\LifeFX\LifeFXtb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EDE56FA5-2FE4-40AC-A1CA-068F2A1A49E2} (HtmlCtl Class) - http://www.allrightsdrm.com/allrights/services/safeview.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /service (file missing)
O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe" /service (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
voilà
oups, voila le rapport après la quarantaine,
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:15:38 21/12/2006
+ Résultat de l'analyse:
HKLM\SOFTWARE\eXactUtil -> Adware.BargainBuddy : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DisplayUtility -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Mvu -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\picsvr -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\skin -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3133978997-101265881-2389969595-1005\Software\Mvu -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3133978997-101265881-2389969595-1005\Software\picsvr -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\uppicsvr.exe -> Adware.DelphinMedia.Viewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\All Users\Application Data\wsxs\patchme.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\app3.tmp -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\app4.tmp -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\Fichiers communs\Uninstall Information\RemoveDisplayUtility.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\nsvsvc\nsv.ocx -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\nsvsvc\nsvs.dll -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\NHUninstaller.exe -> Adware.NavExcel : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\NHUpdater.exe -> Adware.NavExcel : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\NHelper.dll -> Adware.NavExcel : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\v2.0.4a.cab/NHUninstaller.exe -> Adware.NavExcel : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\v2.0.4a.cab/NHUpdater.exe -> Adware.NavExcel : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\v2.0.4a.cab/NHelper.dll -> Adware.NavExcel : Nettoyé et sauvegardé (mise en quarantaine).
C:\RECYCLER\NPROTECT\00094829.EXE -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\RECYCLER\NPROTECT\00095626.EXE -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\NDNuninstall5_48.exe -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\NDNuninstall5_64.exe -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\NDNuninstall6_10.exe -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\NDNuninstall6_22.exe -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\NDNuninstall6_30.exe -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WhenUSave -> Adware.SaveNow : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.30:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@admarketplace[1].txt -> TrackingCookie.Admarketplace : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.13:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.35:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@ads13.bpath[2].txt -> TrackingCookie.Bpath : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@ads43.bpath[1].txt -> TrackingCookie.Bpath : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.479:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Clickzs : Nettoyé.
:mozilla.491:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@vip.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@com[1].txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.17:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.396:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Epilot : Nettoyé.
:mozilla.116:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@c.goclick[2].txt -> TrackingCookie.Goclick : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyé.
:mozilla.784:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Ivwbox : Nettoyé.
:mozilla.764:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Masterstats : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
:mozilla.112:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
:mozilla.233:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Realcastmedia : Nettoyé.
:mozilla.561:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.562:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.563:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.614:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.615:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.616:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.617:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.618:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.29:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.624:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.36:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.37:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.38:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.39:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.544:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.545:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.100:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.101:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.102:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.23:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.24:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.25:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.26:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.113:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.440:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.
:mozilla.441:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.
:mozilla.442:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.
:mozilla.31:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.32:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.33:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.34:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 22:15:38 21/12/2006
+ Résultat de l'analyse:
HKLM\SOFTWARE\eXactUtil -> Adware.BargainBuddy : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DisplayUtility -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Mvu -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\picsvr -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\skin -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3133978997-101265881-2389969595-1005\Software\Mvu -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3133978997-101265881-2389969595-1005\Software\picsvr -> Adware.Delfin : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\uppicsvr.exe -> Adware.DelphinMedia.Viewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\All Users\Application Data\wsxs\patchme.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\app3.tmp -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\app4.tmp -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\Fichiers communs\Uninstall Information\RemoveDisplayUtility.exe -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\nsvsvc\nsv.ocx -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\nsvsvc\nsvs.dll -> Adware.DelphinMediaViewer : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\NHUninstaller.exe -> Adware.NavExcel : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\NHUpdater.exe -> Adware.NavExcel : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\NHelper.dll -> Adware.NavExcel : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\v2.0.4a.cab/NHUninstaller.exe -> Adware.NavExcel : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\v2.0.4a.cab/NHUpdater.exe -> Adware.NavExcel : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\virginie FERNANDES\Local Settings\Temp\temp.fr16AB\NavHelper\v2.0.4a\v2.0.4a.cab/NHelper.dll -> Adware.NavExcel : Nettoyé et sauvegardé (mise en quarantaine).
C:\RECYCLER\NPROTECT\00094829.EXE -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\RECYCLER\NPROTECT\00095626.EXE -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\NDNuninstall5_48.exe -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\NDNuninstall5_64.exe -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\NDNuninstall6_10.exe -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\NDNuninstall6_22.exe -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\NDNuninstall6_30.exe -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
HKU\.DEFAULT\Software\New.net -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-18\Software\New.net -> Adware.NewDotNet : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WhenUSave -> Adware.SaveNow : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.30:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@admarketplace[1].txt -> TrackingCookie.Admarketplace : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.13:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.35:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@ads13.bpath[2].txt -> TrackingCookie.Bpath : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@ads43.bpath[1].txt -> TrackingCookie.Bpath : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.479:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Clickzs : Nettoyé.
:mozilla.491:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@cz7.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@vip.clickzs[1].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@com[1].txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.17:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.396:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Epilot : Nettoyé.
:mozilla.116:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@as1.falkag[2].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@c.goclick[2].txt -> TrackingCookie.Goclick : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyé.
:mozilla.784:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Ivwbox : Nettoyé.
:mozilla.764:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Masterstats : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
:mozilla.112:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
:mozilla.233:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Realcastmedia : Nettoyé.
:mozilla.561:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.562:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.563:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.614:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.615:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.616:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.617:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.618:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.29:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.624:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.36:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.37:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.38:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.39:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.544:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.545:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@tacoda[2].txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.100:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.101:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.102:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.23:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.24:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.25:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.26:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.113:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.440:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.
:mozilla.441:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.
:mozilla.442:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Web-stat : Nettoyé.
:mozilla.31:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.32:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.33:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.34:C:\Documents and Settings\virginie FERNANDES\Application Data\Mozilla\Firefox\Profiles\vvxhmw7m.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie fernandes@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\virginie FERNANDES\Cookies\virginie_fernandes@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
re,
AVG n'est pas paramétrer correctement!
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
a+
AVG n'est pas paramétrer correctement!
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
a+
voila, tout frais
Logfile of HijackThis v1.99.1
Scan saved at 22:37:17, on 21/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\eMule\eMule.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\nouveaux telechargements\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tiscali Liberty Surf -
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Netcraft Toolbar - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} - C:\Program Files\Netcraft Toolbar\nctb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [lywjusq] C:\WINDOWS\btnimr.exe
O4 - HKLM\..\Run: [OfficeGuard RegChecker] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ogrc.exe"
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /wait
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRA~1\LifeFX\LifeFXtb.dll
O9 - Extra 'Tools' menuitem: LifeFX Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRA~1\LifeFX\LifeFXtb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EDE56FA5-2FE4-40AC-A1CA-068F2A1A49E2} (HtmlCtl Class) - http://www.allrightsdrm.com/allrights/services/safeview.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /service (file missing)
O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe" /service (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
Logfile of HijackThis v1.99.1
Scan saved at 22:37:17, on 21/12/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe
C:\WINDOWS\system32\Wtablet\TabUserW.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\eMule\eMule.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\nouveaux telechargements\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tiscali Liberty Surf -
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O3 - Toolbar: &Netcraft Toolbar - {D554D8FC-B36D-4BB4-93DB-4A3394D505E3} - C:\Program Files\Netcraft Toolbar\nctb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [lywjusq] C:\WINDOWS\btnimr.exe
O4 - HKLM\..\Run: [OfficeGuard RegChecker] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\ogrc.exe"
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /wait
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: TabUserW.exe.lnk = C:\WINDOWS\system32\Wtablet\TabUserW.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRA~1\LifeFX\LifeFXtb.dll
O9 - Extra 'Tools' menuitem: LifeFX Facemail - {E88D3D6B-BA62-11D4-A211-00B0D021F6DD} - C:\PROGRA~1\LifeFX\LifeFXtb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: fdjeux - https://www.fdjeux.net/classes/fdjeux.cab
O16 - DPF: Interface Chat Voila - http://chat14.x-echo.com/version6/Applet/vchatsign.cab
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - https://onedrive.live.com/
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {EDE56FA5-2FE4-40AC-A1CA-068F2A1A49E2} (HtmlCtl Class) - http://www.allrightsdrm.com/allrights/services/safeview.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVP Control Centre Service (AVPCC) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpcc.exe" /service (file missing)
O23 - Service: KAV Monitor Service (KAVMonitorService) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\avpm.exe" /service (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Fichiers communs\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe
Bonjour,
relance hijackthis, coche les lignes citées ci dessous et fix checked (toutes fenêtres IE fermées) :
O4 - HKLM\..\Run: [lywjusq] C:\WINDOWS\btnimr.exe
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
recherche et supprime les fichiers en gras ci dessous:
C:\WINDOWS\btnimr.exe
C:\WINDOWS\system32\srvreg.exe
Ensuite passe un scan en ligne ici:
http://www.bitdefender.fr/scan8/ie.html
Poste le rapport bitdefender ainsi qu'un nouvel hijackthis!
a+
relance hijackthis, coche les lignes citées ci dessous et fix checked (toutes fenêtres IE fermées) :
O4 - HKLM\..\Run: [lywjusq] C:\WINDOWS\btnimr.exe
O4 - HKCU\..\Run: [srvreg] C:\WINDOWS\system32\srvreg.exe
recherche et supprime les fichiers en gras ci dessous:
C:\WINDOWS\btnimr.exe
C:\WINDOWS\system32\srvreg.exe
Ensuite passe un scan en ligne ici:
http://www.bitdefender.fr/scan8/ie.html
Poste le rapport bitdefender ainsi qu'un nouvel hijackthis!
a+
