Sujet Précédent Sujet Suivant

Horst-GN et win32 tanga

trolls43 Messages postés 5 Statut Membre -  
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   -
Bonjou et merci d avance ...
voila les deux virus que supprime avast à longueur de journee sur mon pc mais ils reviennent tout de suite , sous la forme d'un fichier steup.exe et un autorun .inf petit a petit tanga infecte tous les .exe de mon ordi
Help !!!

9 réponses

Réponse 1 / 9
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Salut

Fais ce qui suit

Il est important d’effectuer la manip dans sa totalité et dans l’ordre :

Télécharge (sauf si tu les as) et colle les 3 rapports dans l’ordre

A - ad-aware version 1.06
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo
http://pageperso.aol.fr/balltrap34/adwseflash.zip

B - spybot version 1.4
(ici) http://www.florensac-chasse-trap.com/ section virus/logiciel de securite
voir demo d utilisation
http://pageperso.aol.fr/Balltrap34/demo%20spybot.htm

C - Ccleaner : ( nettoyeur de registre, cookies+temps+tempos+prefetch+historique+etc..)
Télécharge ici :
https://www.ccleaner.com/ccleaner/download
Tutorial ici:
https://www.vulgarisation-informatique.com/nettoyer-windows-ccleaner.php
et
http://perso.orange.fr/jesses/Docs/Logiciels/CCleaner.htm

D – Ewido – AVG
AVG Anti-Spyware :
https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente!

Lance AVG Anti-Spyware
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
/!\ Si un fichier est infecté en fin d'analyse /!\
choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Copie/colle le rapport

E - Scan online avec BitDefender (fonctionne uniquement sous Internet Explorer en acceptant l’ activX)
https://assiste.com/404_La_page_demandee_n_existe_pas.php
http://www.bitdefender.fr/scan8/ie.html
TUTO
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
Copie/COLLE le rapport entier

F - Hijackthis - Outil de diagnostic et réparation
lire démo
http://pageperso.aol.fr/balltrap34/Hijenr.gif
http://pageperso.aol.fr/balltrap34/demohijack.htm
Télécharge version française ici
http://telechargement.zebulon.fr/160-patch-francais-pour-hijackthis-1991.html
Copie/colle le rapport

Bon courage

A++
0
Réponse 2 / 9
trolls43 Messages postés 5 Statut Membre
 
voilà )

Ad-Aware SE Build 1.06r1
Logfile Created on:lundi 29 janvier 2007 13:46:52
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R148 29.01.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Softomate Toolbar(TAC index:9):3 total references
Tracking Cookie(TAC index:3):29 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Ad-Aware SE Settings
===========================
Set : Search for negligible risk entries
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects

29-01-2007 13:46:52 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 720
ThreadCreationTime : 28-01-2007 16:19:07
BasePriority : Normal

#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 796
ThreadCreationTime : 28-01-2007 16:19:16
BasePriority : Normal

#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 824
ThreadCreationTime : 28-01-2007 16:19:19
BasePriority : High

#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 872
ThreadCreationTime : 28-01-2007 16:19:21
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Applications Services et Contrôleur
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 892
ThreadCreationTime : 28-01-2007 16:19:21
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1064
ThreadCreationTime : 28-01-2007 16:19:26
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1140
ThreadCreationTime : 28-01-2007 16:19:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1248
ThreadCreationTime : 28-01-2007 16:19:27
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1360
ThreadCreationTime : 28-01-2007 16:19:28
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [spoolsv.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1612
ThreadCreationTime : 28-01-2007 16:19:32
BasePriority : Normal
FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
ProductVersion : 5.1.2600.2696
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Spooler SubSystem App
InternalName : spoolsv.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : spoolsv.exe

#:11 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1876
ThreadCreationTime : 28-01-2007 16:19:38
BasePriority : Normal
FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 6.00.2900.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Explorateur Windows
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : EXPLORER.EXE

#:12 [aswupdsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1928
ThreadCreationTime : 28-01-2007 16:19:38
BasePriority : Normal

#:13 [ashserv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1952
ThreadCreationTime : 28-01-2007 16:19:39
BasePriority : High
FileVersion : 4, 7, 936, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! antivirus service
InternalName : aswServ
LegalCopyright : Copyright (c) 2007 ALWIL Software
OriginalFilename : aswServ.exe

#:14 [ramaint.exe]
FilePath : C:\Program Files\LogMeIn\
ProcessID : 1996
ThreadCreationTime : 28-01-2007 16:19:41
BasePriority : Normal
FileVersion : 2.30.559
ProductVersion : 2.30.559
ProductName : LogMeIn
CompanyName : LogMeIn, Inc.
FileDescription : LogMeIn Maintenance Service
InternalName : LMIMaint
LegalCopyright : Copyright © 2003-2006 LogMeIn, Inc. US patents pending.
OriginalFilename : ramaint.exe

#:15 [logmein.exe]
FilePath : C:\Program Files\LogMeIn\
ProcessID : 236
ThreadCreationTime : 28-01-2007 16:19:43
BasePriority : Normal
FileVersion : 2.30.559
ProductVersion : 2.30.559
ProductName : LogMeIn
CompanyName : LogMeIn, Inc.
FileDescription : LogMeIn
InternalName : LogMeIn
LegalCopyright : Copyright © 2003-2006 LogMeIn, Inc. US patents pending.
OriginalFilename : LogMeIn.exe

#:16 [mdaemon.exe]
FilePath : C:\MDaemon\APP\
ProcessID : 468
ThreadCreationTime : 28-01-2007 16:19:47
BasePriority : Normal
FileVersion : 9.0.8
ProductVersion : 9.0.8
ProductName : MDaemon
CompanyName : Alt-N Technologies, Ltd.
FileDescription : MDaemon for Windows
LegalCopyright : Copyright © 1996-2006 Alt-N Technologies, All Rights Reserved.
LegalTrademarks : Windows(TM) is a trademark of Microsoft Corporation
OriginalFilename : MDaemon.exe
Comments : https://www.altn.com/

#:17 [logmeinsystray.exe]
FilePath : C:\Program Files\LogMeIn\
ProcessID : 632
ThreadCreationTime : 28-01-2007 16:19:51
BasePriority : Normal
FileVersion : 2.30.559
ProductVersion : 2.30.559
ProductName : LogMeIn
CompanyName : LogMeIn, Inc.
FileDescription : LogMeIn Desktop Application
InternalName : LogMeInSystray
LegalCopyright : Copyright © 2003-2006 LogMeIn, Inc. US patents pending.
OriginalFilename : LogMeInSystray.exe

#:18 [mdm.exe]
FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\
ProcessID : 772
ThreadCreationTime : 28-01-2007 16:20:02
BasePriority : Normal
FileVersion : 7.00.9466
ProductVersion : 7.00.9466
ProductName : Microsoft® Visual Studio .NET
CompanyName : Microsoft Corporation
FileDescription : Machine Debug Manager
InternalName : mdm.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : mdm.exe

#:19 [nmsaccess.exe]
FilePath : C:\Program Files\CDBurnerXP\
ProcessID : 204
ThreadCreationTime : 28-01-2007 16:20:03
BasePriority : Normal

#:20 [nvsvc32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1096
ThreadCreationTime : 28-01-2007 16:20:04
BasePriority : Normal
FileVersion : 6.14.10.9147
ProductVersion : 6.14.10.9147
ProductName : NVIDIA Driver Helper Service, Version 91.47
CompanyName : NVIDIA Corporation
FileDescription : NVIDIA Driver Helper Service, Version 91.47
InternalName : NVSVC
LegalCopyright : (C) NVIDIA Corporation. All rights reserved.
OriginalFilename : nvsvc32.exe

#:21 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 1212
ThreadCreationTime : 28-01-2007 16:20:05
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:22 [webadmin.exe]
FilePath : C:\MDaemon\WebAdmin\
ProcessID : 1236
ThreadCreationTime : 28-01-2007 16:20:07
BasePriority : Normal
FileVersion : 3.2.7
ProductVersion : 3.2.7
ProductName : WebAdmin
CompanyName : Alt-N Technologies, Ltd.
FileDescription : WebAdmin Server
LegalCopyright : Copyright © Alt-N Technologies, Ltd.
Comments : https://www.altn.com/

#:23 [cfengine.exe]
FilePath : C:\MDaemon\APP\
ProcessID : 1604
ThreadCreationTime : 28-01-2007 16:20:17
BasePriority : Normal
FileVersion : 9.0.8
ProductVersion : 9.0.8
ProductName : Alt-N's CFEngine
CompanyName : Alt-N
FileDescription : CFEngine
InternalName : CFEngine
LegalCopyright : Copyright © 2001
OriginalFilename : CFEngine.exe

#:24 [worldclient.exe]
FilePath : C:\MDaemon\WorldClient\
ProcessID : 1668
ThreadCreationTime : 28-01-2007 16:20:18
BasePriority : Normal
FileVersion : 9.0.8
ProductVersion : 9.0.8
ProductName : WorldClient Standard
CompanyName : Alt-N Technologies, Ltd.
FileDescription : WorldClient Standard WDaemon Server
LegalCopyright : Copyright © 1996-2006 Alt-N Technologies, Ltd.
Comments : https://www.altn.com/

#:25 [ashmaisv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 1976
ThreadCreationTime : 28-01-2007 16:20:25
BasePriority : Normal

#:26 [ashwebsv.exe]
FilePath : C:\Program Files\Alwil Software\Avast4\
ProcessID : 256
ThreadCreationTime : 28-01-2007 16:20:30
BasePriority : Normal

#:27 [rthdcpl.exe]
FilePath : C:\WINDOWS\
ProcessID : 936
ThreadCreationTime : 28-01-2007 16:20:39
BasePriority : Normal
FileVersion : 2.0.5.9
ProductVersion : 2.0.5.9
ProductName : Realtek HD Audio Sound Effect Manager
CompanyName : Realtek Semiconductor Corp.
FileDescription : Realtek HD Audio Control Panel
LegalCopyright : Copyright (c) 2004 Realtek Semiconductor Corp.
OriginalFilename : RTHDCPL.EXE

#:28 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2072
ThreadCreationTime : 28-01-2007 16:20:39
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:29 [alg.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2172
ThreadCreationTime : 28-01-2007 16:20:40
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Application Layer Gateway Service
InternalName : ALG.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : ALG.exe

#:30 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2340
ThreadCreationTime : 28-01-2007 16:20:45
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Exécuter une DLL en tant qu'application
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : RUNDLL.EXE

#:31 [ashdisp.exe]
FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
ProcessID : 2380
ThreadCreationTime : 28-01-2007 16:20:45
BasePriority : Normal
FileVersion : 4, 7, 936, 0
ProductVersion : 4, 7, 0, 0
ProductName : avast! Antivirus
FileDescription : avast! service GUI component
InternalName : aswDisp
LegalCopyright : Copyright (c) 2007 ALWIL Software
OriginalFilename : aswDisp.exe

#:32 [hpztsb04.exe]
FilePath : C:\WINDOWS\system32\spool\drivers\w32x86\3\
ProcessID : 2548
ThreadCreationTime : 28-01-2007 16:20:49
BasePriority : Normal
FileVersion : 2,80,0,0
ProductVersion : 2,80,0,0
ProductName : HP DeskJet
CompanyName : HP
LegalCopyright : Copyright (c) Hewlett-Packard Company 1999-2001

#:33 [hphmon03.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2580
ThreadCreationTime : 28-01-2007 16:20:50
BasePriority : Normal
FileVersion : 3,5,11
ProductVersion : 3,5,11
ProductName : hp photosmart
CompanyName : Hewlett-Packard
FileDescription : HPHa3mon
InternalName : HPHa3mon
LegalCopyright : Copyright (C) 2001
OriginalFilename : HPHa3mon.exe

#:34 [acrotray.exe]
FilePath : C:\Program Files\Adobe\Acrobat 7.0\Distillr\
ProcessID : 2632
ThreadCreationTime : 28-01-2007 16:20:52
BasePriority : Normal
FileVersion : 6.0.1.2004121400
ProductVersion : 6.0.1.2004121400
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright 1984-2004 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename : AcroTray.exe

#:35 [jusched.exe]
FilePath : C:\Program Files\Java\jre1.5.0_10\bin\
ProcessID : 2712
ThreadCreationTime : 28-01-2007 16:20:52
BasePriority : Normal

#:36 [qttask.exe]
FilePath : C:\Program Files\QuickTime\
ProcessID : 2928
ThreadCreationTime : 28-01-2007 16:20:57
BasePriority : Normal
FileVersion : 7.1.3
ProductVersion : QuickTime 7.1.3
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
FileDescription : QuickTime Task
InternalName : QuickTime Task
LegalCopyright : Copyright Apple Computer, Inc. 1989-2006
OriginalFilename : QTTask.exe

#:37 [ituneshelper.exe]
FilePath : C:\Program Files\iTunes\
ProcessID : 2944
ThreadCreationTime : 28-01-2007 16:20:57
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:38 [rundll32.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 2960
ThreadCreationTime : 28-01-2007 16:20:58
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Système d'exploitation Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Exécuter une DLL en tant qu'application
InternalName : rundll
LegalCopyright : © Microsoft Corporation. Tous droits réservés.
OriginalFilename : RUNDLL.EXE

#:39 [msnmsgr.exe]
FilePath : C:\Program Files\MSN Messenger\
ProcessID : 2968
ThreadCreationTime : 28-01-2007 16:20:59
BasePriority : Normal
FileVersion : 8.1.0168.00_ClientV8.1
ProductVersion : 8.1.0168
ProductName : Messenger
CompanyName : Microsoft Corporation
FileDescription : Messenger
InternalName : msnmsgr.exe
LegalCopyright : Copyright (c) Microsoft Corporation. All rights reserved.
OriginalFilename : msnmsgr.exe

#:40 [ipodservice.exe]
FilePath : C:\Program Files\iPod\bin\
ProcessID : 3012
ThreadCreationTime : 28-01-2007 16:21:02
BasePriority : Normal
FileVersion : 7.0.2.16
ProductVersion : 7.0.2.16
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2006 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:41 [supercopier2.exe]
FilePath : C:\Program Files\SuperCopier2\
ProcessID : 3020
ThreadCreationTime : 28-01-2007 16:21:02
BasePriority : Normal
FileVersion : 2.0.0.579
CompanyName : SFX TEAM
FileDescription : SuperCopier 2 (explorer file copy replacement)
InternalName : SuperCopier2
LegalCopyright : GNU GPL

#:42 [ctfmon.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3040
ThreadCreationTime : 28-01-2007 16:21:03
BasePriority : Normal
FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
ProductVersion : 5.1.2600.2180
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:43 [hphipm09.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 3120
ThreadCreationTime : 28-01-2007 16:21:03
BasePriority : Normal
FileVersion : 4, 5, 0, 770
ProductVersion : 4, 5, 0, 770
ProductName : HP PML
CompanyName : HP
FileDescription : PML Driver
InternalName : PmlDrv
LegalCopyright : Copyright © 1998, 1999 Hewlett-Packard Company
OriginalFilename : PmlDrv.exe

#:44 [freebrowser.exe]
FilePath : C:\Program Files\freeBrowser\freeBrowser\
ProcessID : 3144
ThreadCreationTime : 28-01-2007 16:21:04
BasePriority : Normal
FileVersion : 0, 9, 0, 0
ProductVersion : 0, 9, 0, 0
ProductName : FreeBrowser
CompanyName : FreeBrowser Team
FileDescription : FreeBrowser
InternalName : FreeBrowser.exe
LegalCopyright : (c) FreeBrowser Team. softwares. Tous droits réservés.
OriginalFilename : FreeBrowser.exe

#:45 [yztoolbar.exe]
FilePath : C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\
ProcessID : 3316
ThreadCreationTime : 28-01-2007 16:21:08
BasePriority : Normal
FileVersion : 1, 3, 0, 0
ProductVersion : 1, 3, 0, 0
ProductName : Y'z ToolBar
CompanyName : Y'z@Home
FileDescription : ToolBar icon can be changed.
InternalName : YzToolBar
LegalCopyright : Copyright (C) 2002 M.Yamaguchi
OriginalFilename : YzToolBar.exe
Comments : I use YzToolBar.dll. Please put on the same folder.

#:46 [yahoowidgetengine.exe]
FilePath : C:\Program Files\Yahoo!\Yahoo! Widget Engine\
ProcessID : 3400
ThreadCreationTime : 28-01-2007 16:21:11
BasePriority : Normal
FileVersion : 3.1.4
ProductVersion : 3.1.4
ProductName : Yahoo! Widget Engine
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Widget Engine
InternalName : Yahoo! Widget Engine
LegalCopyright : Copyright (C) 2004-2006 Yahoo! Inc.
OriginalFilename : YahooWidgetEngine.exe

#:47 [yahoowidgetengine.exe]
FilePath : C:\Program Files\Yahoo!\Yahoo! Widget Engine\
ProcessID : 3620
ThreadCreationTime : 28-01-2007 16:21:19
BasePriority : Normal
FileVersion : 3.1.4
ProductVersion : 3.1.4
ProductName : Yahoo! Widget Engine
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Widget Engine
InternalName : Yahoo! Widget Engine
LegalCopyright : Copyright (C) 2004-2006 Yahoo! Inc.
OriginalFilename : YahooWidgetEngine.exe

#:48 [yahoowidgetengine.exe]
FilePath : C:\Program Files\Yahoo!\Yahoo! Widget Engine\
ProcessID : 3668
ThreadCreationTime : 28-01-2007 16:21:20
BasePriority : Normal
FileVersion : 3.1.4
ProductVersion : 3.1.4
ProductName : Yahoo! Widget Engine
CompanyName : Yahoo! Inc.
FileDescription : Yahoo! Widget Engine
InternalName : Yahoo! Widget Engine
LegalCopyright : Copyright (C) 2004-2006 Yahoo! Inc.
OriginalFilename : YahooWidgetEngine.exe

#:49 [vlc.exe]
FilePath : C:\Program Files\freeBrowser\vlc\
ProcessID : 1436
ThreadCreationTime : 28-01-2007 16:21:40
BasePriority : Normal

#:50 [firefox.exe]
FilePath : C:\Program Files\Mozilla Firefox\
ProcessID : 3896
ThreadCreationTime : 29-01-2007 00:43:11
BasePriority : Normal

#:51 [emule.exe]
FilePath : C:\Program Files\eMule\
ProcessID : 1528
ThreadCreationTime : 29-01-2007 00:52:01
BasePriority : Normal
FileVersion : 0.47.2 Unicode
ProductVersion : 0.47.2 Unicode
ProductName : eMule
CompanyName : https://www.emule-project.net/home/perl/general.cgi?l=1
FileDescription : eMule
InternalName : emule.exe
LegalCopyright : Copyright © 2002-2006 Merkur - read license.txt for more infos
OriginalFilename : emule.exe

#:52 [guard.exe]
FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
ProcessID : 1516
ThreadCreationTime : 29-01-2007 12:45:37
BasePriority : Normal
FileVersion : 7, 5, 0, 47
ProductVersion : 7, 5, 0, 47
ProductName : AVG Anti-Spyware
CompanyName : Anti-Malware Development a.s.
FileDescription : AVG Anti-Spyware guard
InternalName : AVG Anti-Spyware guard
LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
OriginalFilename : guard.exe

#:53 [avgas.exe]
FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\
ProcessID : 2424
ThreadCreationTime : 29-01-2007 12:45:42
BasePriority : Normal
FileVersion : 7, 5, 0, 50
ProductVersion : 7, 5, 0, 50
ProductName : AVG Anti-Spyware
CompanyName : Anti-Malware Development a.s.
FileDescription : AVG Anti-Spyware
InternalName : AVG Anti-Spyware
LegalCopyright : Copyright © 2006 Anti-Malware Development a.s.
OriginalFilename : avgas.exe

#:54 [ad-aware.exe]
FilePath : C:\PROGRA~1\Lavasoft\AD-AWA~1\
ProcessID : 3704
ThreadCreationTime : 29-01-2007 12:46:44
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:55 [hh.exe]
FilePath : C:\WINDOWS\
ProcessID : 3424
ThreadCreationTime : 29-01-2007 12:46:44
BasePriority : Normal
FileVersion : 5.2.3790.2453 (srv03_sp1_gdr.050525-1542)
ProductVersion : 5.2.3790.2453
ProductName : HTML Help
CompanyName : Microsoft Corporation
FileDescription : Microsoft® HTML Help Executable
InternalName : HH 1.41
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : HH.exe

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Softomate Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : clsid\{ca3eb689-8f09-4026-aa10-b9534c691ce0}

Softomate Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : interface\{4897bba6-48d9-468c-8efa-846275d7701b}

Softomate Toolbar Object Recognized!
Type : Regkey
Data :
TAC Rating : 9
Category : Data Miner
Comment :
Rootkey : HKEY_CLASSES_ROOT
Object : typelib\{4509d3cc-b642-4745-b030-645b79522c6d}

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 3
Objects found so far: 3

Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 3

Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@advertising[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:43
Value : Cookie:trolls@advertising.com/
Expires : 15-10-2048 02:13:26
LastSync : Hits:43
UseCount : 0
Hits : 43

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@adtech[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:trolls@adtech.de/
Expires : 18-10-2016 14:42:54
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@pmads.valuead[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:trolls@pmads.valuead.com/
Expires : 01-01-2021 01:00:00
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@ehg-neuftelecom.hitbox[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:13
Value : Cookie:trolls@ehg-neuftelecom.hitbox.com/
Expires : 17-01-2008 16:34:48
LastSync : Hits:13
UseCount : 0
Hits : 13

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@apmebf[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:trolls@apmebf.com/
Expires : 10-11-2011 17:34:54
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@adserver.aol[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:trolls@adserver.aol.fr/
Expires : 17-10-2016 11:55:24
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@as1.falkag[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:12
Value : Cookie:trolls@as1.falkag.de/
Expires : 23-12-2006 17:25:22
LastSync : Hits:12
UseCount : 0
Hits : 12

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@statse.webtrendslive[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:20
Value : Cookie:trolls@statse.webtrendslive.com/
Expires : 24-11-2016 19:17:38
LastSync : Hits:20
UseCount : 0
Hits : 20

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@server.iad.liveperson[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:9
Value : Cookie:trolls@server.iad.liveperson.net/
Expires : 21-11-2007 23:26:36
LastSync : Hits:9
UseCount : 0
Hits : 9

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@stat.onestat[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:trolls@stat.onestat.com/
Expires : 17-01-2017 01:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@fl01.ct2.comclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:trolls@fl01.ct2.comclick.com/
Expires : 10-01-2029 01:00:00
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@questionmarket[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:trolls@questionmarket.com/
Expires : 31-01-2008 20:40:12
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@tribalfusion[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:trolls@tribalfusion.com/
Expires : 01-01-2038 01:00:00
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@www.smartadserver[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:251
Value : Cookie:trolls@www.smartadserver.com/
Expires : 12-01-2027 16:35:08
LastSync : Hits:251
UseCount : 0
Hits : 251

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@doubleclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:5
Value : Cookie:trolls@doubleclick.net/
Expires : 25-01-2010 19:04:22
LastSync : Hits:5
UseCount : 0
Hits : 5

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@mediaplex[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:trolls@mediaplex.com/
Expires : 22-06-2009 01:00:00
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@fastclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:trolls@fastclick.net/
Expires : 10-11-2008 17:35:00
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@statcounter[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:trolls@statcounter.com/
Expires : 20-11-2011 23:28:30
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@2o7[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:23
Value : Cookie:trolls@2o7.net/
Expires : 06-12-2011 12:13:52
LastSync : Hits:23
UseCount : 0
Hits : 23

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@atdmt[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:trolls@atdmt.com/
Expires : 09-01-2012 01:00:00
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@bluestreak[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:trolls@bluestreak.com/
Expires : 26-01-2017 07:53:22
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@valueclick[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:trolls@valueclick.net/
Expires : 05-11-2031 17:35:00
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@hitbox[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:trolls@hitbox.com/
Expires : 17-01-2008 16:34:48
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@weborama[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:7
Value : Cookie:trolls@weborama.fr/
Expires : 16-01-2009 16:34:46
LastSync : Hits:7
UseCount : 0
Hits : 7

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@ads.pointroll[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:4
Value : Cookie:trolls@ads.pointroll.com/
Expires : 01-01-2010 01:00:00
LastSync : Hits:4
UseCount : 0
Hits : 4

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@serving-sys[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:11
Value : Cookie:trolls@serving-sys.com/
Expires : 31-12-2037 23:00:00
LastSync : Hits:11
UseCount : 0
Hits : 11

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@data.coremetrics[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:3
Value : Cookie:trolls@data.coremetrics.com/
Expires : 10-11-2021 17:22:00
LastSync : Hits:3
UseCount : 0
Hits : 3

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@estat[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:6
Value : Cookie:trolls@estat.com/
Expires : 23-10-2016 16:53:06
LastSync : Hits:6
UseCount : 0
Hits : 6

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : trolls@247realmedia[2].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:2
Value : Cookie:trolls@247realmedia.com/
Expires : 01-01-2021 01:00:00
LastSync : Hits:2
UseCount : 0
Hits : 2

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 29
Objects found so far: 32

Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 32

Deep scanning and examining files (G:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for G:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 32

Deep scanning and examining files (Z:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for Z:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 32

Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 32

Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 32

13:58:14 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:11:22.515
Objects scanned:330031
Objects identified:32
Objects ignored:0
New critical objects:32

AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 20:22:20 29/01/2007

+ Résultat de l'analyse:

C:\Program Files\118012 Toolbar\118012.dll -> Adware.Softomate : Ignoré.
C:\Program Files\118012 Toolbar\tbhelper.dll -> Adware.Softomate : Ignoré.
Z:\UTILITAIRES\MAINTENANCE SECURITE\Real Spy Monitor v2.58 Winall Incl Keygen-Virility.rar/Real.Spy.Monitor.v2.58.WinALL.Incl.Keygen-ViRiLiTY\NewSpy.exe ->

Not-A-Virus.Monitor.Win32.RealSpy.b : Ignoré.
Z:\UTILITAIRES\Real Spy Monitor v2.58 Winall Incl Keygen-Virility.rar/Real.Spy.Monitor.v2.58.WinALL.Incl.Keygen-ViRiLiTY\NewSpy.exe ->

Not-A-Virus.Monitor.Win32.RealSpy.b : Ignoré.
C:\Program Files\LogMeIn\LMIinit.dll -> Not-A-Virus.RemoteAdmin.Win32.RemotelyAnywhere.a : Ignoré.
C:\WINDOWS\system32\LMIinit.dll -> Not-A-Virus.RemoteAdmin.Win32.RemotelyAnywhere.a : Ignoré.
C:\WINDOWS\system32\LMIinit.dll.000.bak -> Not-A-Virus.RemoteAdmin.Win32.RemotelyAnywhere.a : Ignoré.
[824] C:\WINDOWS\system32\LMIinit.dll -> Not-A-Virus.RemoteAdmin.Win32.RemotelyAnywhere.a : Ignoré.
:mozilla.69:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.70:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.71:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.72:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.74:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.75:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.76:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.314:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.315:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.316:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.317:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.318:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.319:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.320:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.321:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.549:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.550:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.596:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.660:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.233:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.234:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.235:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.580:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.582:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.583:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.584:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.587:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.419:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.420:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.183:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.184:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.188:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.189:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.190:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.77:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.425:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.73:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.805:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.767:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Clickbank : Nettoyé.
:mozilla.30:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.394:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.395:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.396:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.656:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Coremetrics : Nettoyé.
:mozilla.57:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.672:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.325:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.91:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.93:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.343:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Googleadservices :

Nettoyé.
:mozilla.379:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Googleadservices :

Nettoyé.
:mozilla.385:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Googleadservices :

Nettoyé.
:mozilla.471:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Googleadservices :

Nettoyé.
:mozilla.845:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.846:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.847:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.873:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.529:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.530:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.531:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.574:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.616:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.617:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.687:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.688:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.24:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.25:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.851:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.852:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.603:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.604:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.605:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.776:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.777:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.778:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.779:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.780:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Questionmarket :

Nettoyé.
:mozilla.781:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Questionmarket :

Nettoyé.
:mozilla.130:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.131:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.132:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.133:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.134:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.135:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.794:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.795:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.79:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Smartadserver :

Nettoyé.
:mozilla.80:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Smartadserver :

Nettoyé.
:mozilla.81:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Smartadserver :

Nettoyé.
:mozilla.88:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Smartadserver :

Nettoyé.
:mozilla.237:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.157:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Tradedoubler :

Nettoyé.
:mozilla.158:C:\Documents and Settings\trolls\Application Data\Mozilla\Firefox\Profiles\0ixellgn.default\cookies.txt -> TrackingCookie.Tradedoubler :
0
Réponse 3 / 9
trolls43 Messages postés 5 Statut Membre
 
et le rapport bitdefender

G:\Emule\incoming\PORTABLE\AIO.USB.Portable.+.Boot.Apps.Tools.(All.in.one).cRs2006\AIO.USB.Portable.+.Boot.Apps.Tools.(All.in.one).cRs2006\USB.cRs.exe=>(ZIP Sfx o)=>AutoPlay/Docs/Portable - Tools.(USB).cRs/Portable Nero 7203bUSB.rar=>Portable Nero 7203bUSB\Nero7.2.0.3b_Usb.exe=>(7z o)=>LaunchNero.exe

Infected with: Trojan.Pakes.EKB

G:\Emule\incoming\PORTABLE\AIO.USB.Portable.+.Boot.Apps.Tools.(All.in.one).cRs2006\AIO.USB.Portable.+.Boot.Apps.Tools.(All.in.one).cRs2006\USB.cRs.exe=>(ZIP Sfx o)=>AutoPlay/Docs/Portable - Tools.(USB).cRs/Portable Nero 7203bUSB.rar=>Portable Nero 7203bUSB\Nero7.2.0.3b_Usb.exe=>(7z o)=>LaunchNero.exe

Disinfection failed

G:\Emule\incoming\PORTABLE\AIO.USB.Portable.+.Boot.Apps.Tools.(All.in.one).cRs2006\AIO.USB.Portable.+.Boot.Apps.Tools.(All.in.one).cRs2006\USB.cRs.exe=>(ZIP Sfx o)=>AutoPlay/Docs/Portable - Tools.(USB).cRs/Portable Nero 7203bUSB.rar=>Portable Nero 7203bUSB\Nero7.2.0.3b_Usb.exe=>(7z o)=>LaunchNero.exe

Deleted

G:\Emule\incoming\PORTABLE\AIO.USB.Portable.+.Boot.Apps.Tools.(All.in.one).cRs2006\AIO.USB.Portable.+.Boot.Apps.Tools.(All.in.one).cRs2006\USB.cRs.exe=>(ZIP Sfx o)=>AutoPlay/Docs/Portable - Tools.(USB).cRs/Portable Nero 7203bUSB.rar=>Portable Nero 7203bUSB\Nero7.2.0.3b_Usb.exe=>(7z o)

Update failed

G:\Emule\incoming\PORTABLE\Portable Windows Xp Live Edition 2\Windows Xp Live Edition 2.iso=>I386/SYSTEM32/CALC.EXE

Infected with: Win32.Brontok.A@mm

G:\Emule\incoming\PORTABLE\Portable Windows Xp Live Edition 2\Windows Xp Live Edition 2.iso=>I386/SYSTEM32/CALC.EXE

Disinfection failed

G:\Emule\incoming\PORTABLE\Portable Windows Xp Live Edition 2\Windows Xp Live Edition 2.iso=>I386/SYSTEM32/CALC.EXE

Deleted

G:\Emule\incoming\PORTABLE\Portable Windows Xp Live Edition 2\Windows Xp Live Edition 2.iso

Update failed

G:\Emule\incoming\PORTABLE\Portable Windows Xp Live Edition 2\Windows Xp Live Edition 2.iso=>I386/SYSTEM32/REGEDIT.EXE

Infected with: Trojan.Patched.C

G:\Emule\incoming\PORTABLE\Portable Windows Xp Live Edition 2\Windows Xp Live Edition 2.iso=>I386/SYSTEM32/REGEDIT.EXE

Disinfection failed

G:\Emule\incoming\PORTABLE\Portable Windows Xp Live Edition 2\Windows Xp Live Edition 2.iso=>I386/SYSTEM32/REGEDIT.EXE

Deleted

G:\Emule\incoming\PORTABLE\Portable Windows Xp Live Edition 2\Windows Xp Live Edition 2.iso

Update failed

Z:\UTILITAIRES\BUREAUTIQUE\backup.pst=>[Subject: Mail server report.][From: sec@telcan.com]=>Update-KB3609-x86.zip=>Update-KB3609-x86.exe

Infected with: DeepScan:Generic.Stration.143142E9

Z:\UTILITAIRES\BUREAUTIQUE\backup.pst=>[Subject: Mail server report.][From: sec@telcan.com]=>Update-KB3609-x86.zip=>Update-KB3609-x86.exe

Disinfection failed

Z:\UTILITAIRES\BUREAUTIQUE\backup.pst=>[Subject: Mail server report.][From: sec@telcan.com]=>Update-KB3609-x86.zip=>Update-KB3609-x86.exe

Deleted

Z:\UTILITAIRES\BUREAUTIQUE\backup.pst=>[Subject: Mail server report.][From: sec@telcan.com]=>Update-KB3609-x86.zip

Updated

Z:\UTILITAIRES\BUREAUTIQUE\backup.pst

Update failed

Z:\UTILITAIRES\BUREAUTIQUE\backup.pst=>[Subject: Mail server report.][From: secur@telcan.com]=>Update-KB3609-x86.zip=>Update-KB3609-x86.exe

Infected with: DeepScan:Generic.Stration.143142E9

Z:\UTILITAIRES\BUREAUTIQUE\backup.pst=>[Subject: Mail server report.][From: secur@telcan.com]=>Update-KB3609-x86.zip=>Update-KB3609-x86.exe

Disinfection failed

Z:\UTILITAIRES\BUREAUTIQUE\backup.pst=>[Subject: Mail server report.][From: secur@telcan.com]=>Update-KB3609-x86.zip=>Update-KB3609-x86.exe

Deleted

Z:\UTILITAIRES\BUREAUTIQUE\backup.pst=>[Subject: Mail server report.][From: secur@telcan.com]=>Update-KB3609-x86.zip

Updated

Z:\UTILITAIRES\BUREAUTIQUE\backup.pst

Update failed

Z:\UTILITAIRES\jlb\Portables\Portable Kaspersky Anti-Virus 6.0.1.334 Beta.rar=>Portable Kaspersky Anti-virus 6.0.1.334 Beta.exe=>(RAR Sfx o)=>dat1.tmp=>(RAR Sfx o)=>avp6.exe

Infected with: Trojan.Bat.Adduser.M

Z:\UTILITAIRES\jlb\Portables\Portable Kaspersky Anti-Virus 6.0.1.334 Beta.rar=>Portable Kaspersky Anti-virus 6.0.1.334 Beta.exe=>(RAR Sfx o)=>dat1.tmp=>(RAR Sfx o)=>avp6.exe

Disinfection failed

Z:\UTILITAIRES\jlb\Portables\Portable Kaspersky Anti-Virus 6.0.1.334 Beta.rar=>Portable Kaspersky Anti-virus 6.0.1.334 Beta.exe=>(RAR Sfx o)=>dat1.tmp=>(RAR Sfx o)=>avp6.exe

Deleted

Z:\UTILITAIRES\jlb\Portables\Portable Kaspersky Anti-Virus 6.0.1.334 Beta.rar=>Portable Kaspersky Anti-virus 6.0.1.334 Beta.exe=>(RAR Sfx o)=>dat1.tmp=>(RAR Sfx o)

Update failed

Z:\UTILITAIRES\jlb\Portables\Portable Kaspersky Anti-Virus 6.0.1.334 Beta.rar=>Portable Kaspersky Anti-virus 6.0.1.334 Beta.exe=>(RAR Sfx o)=>Setup.exe

Infected with: Trojan.Bat.Agent.E

Z:\UTILITAIRES\jlb\Portables\Portable Kaspersky Anti-Virus 6.0.1.334 Beta.rar=>Portable Kaspersky Anti-virus 6.0.1.334 Beta.exe=>(RAR Sfx o)=>Setup.exe

Disinfection failed

Z:\UTILITAIRES\jlb\Portables\Portable Kaspersky Anti-Virus 6.0.1.334 Beta.rar=>Portable Kaspersky Anti-virus 6.0.1.334 Beta.exe=>(RAR Sfx o)=>Setup.exe

Deleted

Z:\UTILITAIRES\jlb\Portables\Portable Kaspersky Anti-Virus 6.0.1.334 Beta.rar=>Portable Kaspersky Anti-virus 6.0.1.334 Beta.exe=>(RAR Sfx o)

Update failed

Z:\UTILITAIRES\jlb\Portables\Portable.Nero.v.7.2.0.3b.PL.[oslonet.net].rar=>nero7.2.0.3b-USB-PLK.exe=>(RAR Sfx o)=>LaunchNero.exe

Infected with: Trojan.Pakes.EKB

Z:\UTILITAIRES\jlb\Portables\Portable.Nero.v.7.2.0.3b.PL.[oslonet.net].rar=>nero7.2.0.3b-USB-PLK.exe=>(RAR Sfx o)=>LaunchNero.exe

Disinfection failed

Z:\UTILITAIRES\jlb\Portables\Portable.Nero.v.7.2.0.3b.PL.[oslonet.net].rar=>nero7.2.0.3b-USB-PLK.exe=>(RAR Sfx o)=>LaunchNero.exe

Deleted

Z:\UTILITAIRES\jlb\Portables\Portable.Nero.v.7.2.0.3b.PL.[oslonet.net].rar=>nero7.2.0.3b-USB-PLK.exe=>(RAR Sfx o)

Update failed

Z:\UTILITAIRES\jlb\Portables\Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER.rar=>Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER\PNOD.exe=>(RAR Sfx o)=>RunNOD32.exe

Infected with: Trojan.Bat.Adduser.M

Z:\UTILITAIRES\jlb\Portables\Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER.rar=>Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER\PNOD.exe=>(RAR Sfx o)=>RunNOD32.exe

Disinfection failed

Z:\UTILITAIRES\jlb\Portables\Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER.rar=>Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER\PNOD.exe=>(RAR Sfx o)=>RunNOD32.exe

Deleted

Z:\UTILITAIRES\jlb\Portables\Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER.rar=>Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER\PNOD.exe=>(RAR Sfx o)

Update failed

Z:\UTILITAIRES\jlb\Portables\Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER.rar=>Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER\PNOD.exe=>(RAR Sfx o)=>Setup.exe

Infected with: Trojan.Bat.Agent.E

Z:\UTILITAIRES\jlb\Portables\Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER.rar=>Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER\PNOD.exe=>(RAR Sfx o)=>Setup.exe

Disinfection failed

Z:\UTILITAIRES\jlb\Portables\Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER.rar=>Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER\PNOD.exe=>(RAR Sfx o)=>Setup.exe

Deleted

Z:\UTILITAIRES\jlb\Portables\Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER.rar=>Portable.NOD32.Antivirus.System.2.51.28.with.Fix.goldesel.6x.to@SKOLOPENDER\PNOD.exe=>(RAR Sfx o)

Update failed

Z:\UTILITAIRES\jlb\Portables\Portable.Windows.XP.Live.Edition.2.[oslonet.net].rar=>Windows Xp Live Edition 2.iso=>I386/SYSTEM32/CALC.EXE

Infected with: Win32.Brontok.A@mm

Z:\UTILITAIRES\jlb\Portables\Portable.Windows.XP.Live.Edition.2.[oslonet.net].rar=>Windows Xp Live Edition 2.iso=>I386/SYSTEM32/CALC.EXE

Disinfection failed

Z:\UTILITAIRES\jlb\Portables\Portable.Windows.XP.Live.Edition.2.[oslonet.net].rar=>Windows Xp Live Edition 2.iso=>I386/SYSTEM32/CALC.EXE

Deleted

Z:\UTILITAIRES\jlb\Portables\Portable.Windows.XP.Live.Edition.2.[oslonet.net].rar=>Windows Xp Live Edition 2.iso

Update failed

Z:\UTILITAIRES\jlb\Portables\Portable.Windows.XP.Live.Edition.2.[oslonet.net].rar=>Windows Xp Live Edition 2.iso=>I386/SYSTEM32/REGEDIT.EXE

Infected with: Trojan.Patched.C

Z:\UTILITAIRES\jlb\Portables\Portable.Windows.XP.Live.Edition.2.[oslonet.net].rar=>Windows Xp Live Edition 2.iso=>I386/SYSTEM32/REGEDIT.EXE

Disinfection failed

Z:\UTILITAIRES\jlb\Portables\Portable.Windows.XP.Live.Edition.2.[oslonet.net].rar=>Windows Xp Live Edition 2.iso=>I386/SYSTEM32/REGEDIT.EXE

Deleted

Z:\UTILITAIRES\jlb\Portables\Portable.Windows.XP.Live.Edition.2.[oslonet.net].rar=>Windows Xp Live Edition 2.iso

Update failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Norton Ghost 10.0 FR.zip=>NORTON GHOST 10.0 FR.nrg=>SUPPORT/LIVEREG/ADVISOR.EXE

Infected with: Trojan.Vb.YD

Z:\UTILITAIRES\MAINTENANCE SECURITE\Norton Ghost 10.0 FR.zip=>NORTON GHOST 10.0 FR.nrg=>SUPPORT/LIVEREG/ADVISOR.EXE

Disinfection failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Norton Ghost 10.0 FR.zip=>NORTON GHOST 10.0 FR.nrg=>SUPPORT/LIVEREG/ADVISOR.EXE

Deleted

Z:\UTILITAIRES\MAINTENANCE SECURITE\Norton Ghost 10.0 FR.zip=>NORTON GHOST 10.0 FR.nrg

Update failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Symantec pcAnywhere/Symantec pcAnywhere.msi=>(Embedded EXE)=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Infected with: Trojan.Patched.C

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Symantec pcAnywhere/Symantec pcAnywhere.msi=>(Embedded EXE)=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Disinfection failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Symantec pcAnywhere/Symantec pcAnywhere.msi=>(Embedded EXE)=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Deleted

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Symantec pcAnywhere/Symantec pcAnywhere.msi=>(Embedded EXE)=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)

Update failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Packager/Products/Symantec pcAnywhere 11.0.0.730.PMI=>(Embedded CAB)=>IMMC=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Infected with: Trojan.Patched.C

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Packager/Products/Symantec pcAnywhere 11.0.0.730.PMI=>(Embedded CAB)=>IMMC=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Disinfection failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Packager/Products/Symantec pcAnywhere 11.0.0.730.PMI=>(Embedded CAB)=>IMMC=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Deleted

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Packager/Products/Symantec pcAnywhere 11.0.0.730.PMI=>(Embedded CAB)=>IMMC=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)

Update failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Packager/Products/Symantec pcAnywhere 11.0.0.730.PMI=>(Embedded CAB)=>{ff18726a-6f39-45b9-8338-7797a4f7de23}=>(Embedded EXE)=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Infected with: Trojan.Patched.C

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Packager/Products/Symantec pcAnywhere 11.0.0.730.PMI=>(Embedded CAB)=>{ff18726a-6f39-45b9-8338-7797a4f7de23}=>(Embedded EXE)=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Disinfection failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Packager/Products/Symantec pcAnywhere 11.0.0.730.PMI=>(Embedded CAB)=>{ff18726a-6f39-45b9-8338-7797a4f7de23}=>(Embedded EXE)=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Deleted

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Packager/Products/Symantec pcAnywhere 11.0.0.730.PMI=>(Embedded CAB)=>{ff18726a-6f39-45b9-8338-7797a4f7de23}=>(Embedded EXE)=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)

Update failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Tools/Internet Explorer 5.5 SP2/hhupd.cab=>hh.exe

Infected with: Trojan.Patched.C

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Tools/Internet Explorer 5.5 SP2/hhupd.cab=>hh.exe

Disinfection failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Tools/Internet Explorer 5.5 SP2/hhupd.cab=>hh.exe

Deleted

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Tools/Internet Explorer 5.5 SP2/hhupd.cab

Update failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Tools/MMC/IMMC.EXE=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Infected with: Trojan.Patched.C

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Tools/MMC/IMMC.EXE=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Disinfection failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Tools/MMC/IMMC.EXE=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Deleted

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Tools/MMC/IMMC.EXE=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)

Update failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Unsupported/pcAnywhere 9.2.1/Symantec pcAnywhere.Msi=>(Embedded EXE)=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Infected with: Trojan.Patched.C

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Unsupported/pcAnywhere 9.2.1/Symantec pcAnywhere.Msi=>(Embedded EXE)=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Disinfection failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Unsupported/pcAnywhere 9.2.1/Symantec pcAnywhere.Msi=>(Embedded EXE)=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)=>hh.exe

Deleted

Z:\UTILITAIRES\MAINTENANCE SECURITE\Pc Anywhere v11 Fr.rar=>Pc Anywhere v11 Fr.iso=>Unsupported/pcAnywhere 9.2.1/Symantec pcAnywhere.Msi=>(Embedded EXE)=>(CAB Sfx r)=>hhupd.exe=>(CAB Sfx r)

Update failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Symantec - Norton Ghost 2005 9.0 French.zip=>Norton Ghost 2005 9.0 French.nrg=>I386/SYSTEM32/TASKMGR.EXE

Infected with: Win32.Brontok.A@mm

Z:\UTILITAIRES\MAINTENANCE SECURITE\Symantec - Norton Ghost 2005 9.0 French.zip=>Norton Ghost 2005 9.0 French.nrg=>I386/SYSTEM32/TASKMGR.EXE

Disinfection failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Symantec - Norton Ghost 2005 9.0 French.zip=>Norton Ghost 2005 9.0 French.nrg=>I386/SYSTEM32/TASKMGR.EXE

Deleted

Z:\UTILITAIRES\MAINTENANCE SECURITE\Symantec - Norton Ghost 2005 9.0 French.zip=>Norton Ghost 2005 9.0 French.nrg

Update failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Symantec Norton Ghost 2006.zip=>Symantec Norton Ghost 2006 v10Symantec Norton Ghost 2006 v10/NG061000EN.exe=>(RAR Sfx o)=>Support\LiveReg\Advisor.exe

Infected with: Trojan.Vb.YD

Z:\UTILITAIRES\MAINTENANCE SECURITE\Symantec Norton Ghost 2006.zip=>Symantec Norton Ghost 2006 v10Symantec Norton Ghost 2006 v10/NG061000EN.exe=>(RAR Sfx o)=>Support\LiveReg\Advisor.exe

Disinfection failed

Z:\UTILITAIRES\MAINTENANCE SECURITE\Symantec Norton Ghost 2006.zip=>Symantec Norton Ghost 2006 v10Symantec Norton Ghost 2006 v10/NG061000EN.exe=>(RAR Sfx o)=>Support\LiveReg\Advisor.exe

Deleted

Z:\UTILITAIRES\MAINTENANCE SECURITE\Symantec Norton Ghost 2006.zip=>Symantec Norton Ghost 2006 v10Symantec Norton Ghost 2006 v10/NG061000EN.exe=>(RAR Sfx o)

Update failed

Z:\UTILITAIRES\SYSTEME\Windows.Ultimate.Boot.CD.UBCD.ISO.Universal.Boot.Disk 21.Sep.2006.ISO=>I386/SYSTEM32/CALC.EXE

Infected with: Win32.Brontok.A@mm

Z:\UTILITAIRES\SYSTEME\Windows.Ultimate.Boot.CD.UBCD.ISO.Universal.Boot.Disk 21.Sep.2006.ISO=>I386/SYSTEM32/CALC.EXE

Disinfection failed

Z:\UTILITAIRES\SYSTEME\Windows.Ultimate.Boot.CD.UBCD.ISO.Universal.Boot.Disk 21.Sep.2006.ISO=>I386/SYSTEM32/CALC.EXE

Deleted

Z:\UTILITAIRES\SYSTEME\Windows.Ultimate.Boot.CD.UBCD.ISO.Universal.Boot.Disk 21.Sep.2006.ISO

Update failed
0
Réponse 4 / 9
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Salut

Ad Aware je ne te l'avais pas demandé.
Mais pas grave

Continue avec Bitdefender et L'Hitjakthis

Bon courage
A+
0

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question
Réponse 5 / 9
trolls43 Messages postés 5 Statut Membre
 
Pour bit defender il est un post au dessu et je t ai refai t un hijack
merci

Logfile of HijackThis v1.99.1
Scan saved at 09:05:37, on 30/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\LogMeIn\RaMaint.exe
C:\Program Files\LogMeIn\LogMeIn.exe
C:\MDaemon\APP\MDAEMON.EXE
C:\Program Files\LogMeIn\LogMeInSystray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CDBurnerXP\NMSAccess.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\MDaemon\WebAdmin\WebAdmin.exe
C:\MDaemon\APP\CFEngine.exe
C:\MDaemon\WorldClient\WorldClient.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\hphmon03.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\freeBrowser\vlc\vlc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Infinity USB\INFUSB.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\explorer.exe
C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\trolls\Bureau\hijackthis\scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: XBTP01262 Class - {633CC3EB-9474-43EE-B544-5B1998FFFB57} - C:\PROGRA~1\118012~1\118012.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: 118012 Toolbar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\118012 Toolbar\118012.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EasyMod] C:\Program Files\EasyBox\EasyMod.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Ub4TrayApp] "C:\Program Files\Astase\UltraBackup\4.0\bin\ubtray.exe" /start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B1334DF-FABE-453E-AED0-C8850956B8CB}: NameServer = 212.27.54.252,212.27.53.252
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: LMIinit - C:\WINDOWS\SYSTEM32\LMIinit.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\LogMeIn.exe
O23 - Service: MDaemon - Alt-N Technologies, Ltd. - C:\MDaemon\APP\MDAEMON.EXE
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccess.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
O23 - Service: WebAdmin - Alt-N Technologies, Ltd. - C:\MDaemon\WebAdmin\WebAdmin.exe
0
Réponse 6 / 9
trolls43 Messages postés 5 Statut Membre
 
up
0
Réponse 7 / 9
trolls43
 
je sais plus trop quoi faire là , et il infecte de plus en plus de fichiers .exe
Merci d'avance
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Re,

Faut patienter un peu --lol--

Dis moi si tu connais ça déjà, si ==> NON tu les supprimes via ajout/supp des programmes

Infinity USB
freeBrowser
EasyMod


Tu n'as pas de pare-feu
Donc installe le, désactive le pare-feu Windows

Kério (pare feu):
kerio
lire le tuto: pour configurer et comprendre Kerio
https://kerio.probb.fr/f2-sunbelt-kerio-personal-firewall
https://www.vulgarisation-informatique.com/kerio.php
https://forums.cnetfrance.fr



Ensuite refais l'Hitjakthis, il est mal placé
Suit la procédure


F - Hijackthis - Outil de diagnostic et réparation
lire démo
http://pageperso.aol.fr/balltrap34/Hijenr.gif
http://pageperso.aol.fr/balltrap34/demohijack.htm
Télécharge version française ici
http://telechargement.zebulon.fr/160-patch-francais-pour-hijackthis-1991.html
Copie/colle le rapport

Bon courage

A++


ps ==> je pense que c'est ==> O3 - Toolbar: 118012 Toolbar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\118012 Toolbar\118012.dll la grosse merdouille
Mais on verra avec le new log

A++
0
Réponse 8 / 9
trolls43
 
freebowser et easymod ce sont les logiciels qu ime permettent de dialoguer avec ma freebox , usbinfinity c'est mon programateur de cartes a puces et 118012 c'est une toolbar des pagesjaunes pour les recherches inversees dans l'annuaire
voilà le nouveau log , kerio est installé maintenant
merci

Logfile of HijackThis v1.99.1
Scan saved at 13:17:38, on 30/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\LogMeIn\RaMaint.exe
C:\Program Files\LogMeIn\LogMeIn.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\LogMeIn\LogMeInSystray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CDBurnerXP\NMSAccess.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\hphmon03.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
C:\Program Files\Adobe\Acrobat 7.0\Acrobat\acrobat_sl.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\freeBrowser\vlc\vlc.exe
C:\Documents and Settings\trolls\Bureau\hijackthis\scanner.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: XBTP01262 Class - {633CC3EB-9474-43EE-B544-5B1998FFFB57} - C:\PROGRA~1\118012~1\118012.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: 118012 Toolbar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\118012 Toolbar\118012.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EasyMod] C:\Program Files\EasyBox\EasyMod.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Ub4TrayApp] "C:\Program Files\Astase\UltraBackup\4.0\bin\ubtray.exe" /start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B1334DF-FABE-453E-AED0-C8850956B8CB}: NameServer = 212.27.54.252,212.27.53.252
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: LMIinit - LMIinit.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\LogMeIn.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccess.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
118012 c'est une toolbar des pagesjaunes pour les recherches inversees dans l'annuaire

C'est bien ce qu'il me semblait ==> bourrée de spywares, "X" - Certified spyware/foistware, or other malware

http://www.castlecops.com/CLSID.html

Faut le supprimer.

Relance HijackThis, choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked"
O3 - Toolbar: 118012 Toolbar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - C:\Program Files\118012 Toolbar\118012.dll





A++

0
Réponse 9 / 9
trolls43
 
j ai fait ce que tu m'as dit voilà le log , je te tiens au courant si le virus reapparait , dans le cas contraire un enorme merci ..

Logfile of HijackThis v1.99.1
Scan saved at 13:36:29, on 30/01/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
C:\Program Files\LogMeIn\RaMaint.exe
C:\Program Files\LogMeIn\LogMeIn.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\LogMeIn\LogMeInSystray.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\CDBurnerXP\NMSAccess.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RunDLL32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
C:\WINDOWS\system32\hphmon03.exe
C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\HPHipm09.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\SuperCopier2\SuperCopier2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
C:\Program Files\freeBrowser\vlc\vlc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe
C:\Documents and Settings\trolls\Bureau\hijackthis\scanner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.google.fr/keyword/%s
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\system32\hphmon03.exe
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [LogMeIn GUI] "C:\Program Files\LogMeIn\LogMeInSystray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [EasyMod] C:\Program Files\EasyBox\EasyMod.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SuperCopier2.exe] C:\Program Files\SuperCopier2\SuperCopier2.exe
O4 - HKCU\..\Run: [Ub4TrayApp] "C:\Program Files\Astase\UltraBackup\4.0\bin\ubtray.exe" /start
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [freeBrowser] C:\Program Files\freeBrowser\freeBrowser\freeBrowser.exe
O4 - Startup: Y'z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O4 - Global Startup: Lancement rapide d'Adobe Acrobat.lnk = ?
O8 - Extra context menu item: Convertir en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la cible du lien en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la cible du lien en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir la sélection en Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convertir la sélection en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convertir les liens sélectionnés en fichier Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convertir les liens sélectionnés en un fichier PDF existant - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} (Performance Viewer Activex Control) - https://secure.logmein.com/activex/ractrl.cab?lmi=100
O17 - HKLM\System\CCS\Services\Tcpip\..\{3B1334DF-FABE-453E-AED0-C8850956B8CB}: NameServer = 212.27.54.252,212.27.53.252
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: LMIinit - LMIinit.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files\LogMeIn\RaMaint.exe
O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files\LogMeIn\LogMeIn.exe
O23 - Service: NMSAccess - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccess.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver - HP - C:\WINDOWS\system32\HPHipm09.exe
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
OK

Y'a du ménage à faire
Soit je repasse
Soit on prends le relais

A++
0
^^Marie^^ Messages postés 126523 Date d'inscription   Statut Membre Dernière intervention   3 279
 
Juste en passant

Désinstalle moi TOUT TON hitjakthis, refais le comme il faut



télécharge HijackThis (version francaise) ici:
hijackthis

Dézippe le dans un dossier prévu à cet effet.

Par exemple C:\hijackthis < Enregistre le bien dans c : !

Démo (merci à Balltrap) :
instalation hijackthis
http://pageperso.aol.fr/balltrap34/Hijenr.gif

Lance le puis:
clique sur "faire un scan et sauvegarder le log" (cf démo)
faire un copier coller du log entier sur le forum

Démo : (merci à balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm

Bon courage

a+


0

Discussions similaires

Problème avec "PUADIManager:Win32/OfferCore
Knaki -
bazfile -

3 réponses
PUADlManager:Win32/OfferCore
tenmalade -
tenmalade -

2 réponses
win32:malware-gen bloqué par avast
ikkual -
Utilisateur anonyme -

69 réponses
PUABundler:Win32/CandyOpen : dangereux ?
joubine -
bazfile -

2 réponses
Pb Windows 7, .EXE n'est pas app win32 valide
Witeric -
Lio -

15 réponses