Cheval de troie

luis170395 Messages postés 334 Statut Membre -  
luis170395 Messages postés 334 Statut Membre -
Bonjour rapide,
Avast me signale toute les 30 secondes que je suis infectés par des chevals de troie, puis zone alarm a son tour signale que les fichier en question tente d'accéder à internet. Sur le message d'avast je fais supprimmer mais les messages continuent. J'ai déja eu à faire face à un cheval de troie qui tenter d'accéder à msn mais j'ai su quoi faire, tiens en ce moment, TODO:<file description> tente d'accéder à internet.
Aidez moi je vous en suppli, je ne sais pas quoi faire.

Cordialement affolé Luis.
Configuration: Windows XP
Internet Explorer 7.0

12 réponses

  1. luis170395 Messages postés 334 Statut Membre 51
     
    PS : j'ai été obligé d'utiliser IE car mozilla ne veux pas démmarer.
    0
  2. luis170395 Messages postés 334 Statut Membre 51
     
    up plz
    0
  3. luis170395 Messages postés 334 Statut Membre 51
     
    voici le rapport de trojan remover (c'est long, c'est pas grave si vous avez la flemme!) :
    ***** NORMAL SCAN FOR ACTIVE MALWARE *****
    Trojan Remover Ver 6.6.0.2465. For information, email simplysupsupport@aol.com
    [Unregistered version]
    Scan started at: 27/04/2007 19:02:31
    Using Database v6787
    Operating System: Windows XP Home Edition Service Pack 2 (Build 2600)
    Using data directory: C:\Documents and Settings\HP_Propriétaire\Application Data\Simply Super Software\Trojan Remover\
    Logfile directory: C:\Documents and Settings\HP_Propriétaire\Mes documents\Simply Super Software\Trojan Remover Logfiles\
    Running with Administrator privileges

    **************************************************
    Checking Registry exefile command for modifications
    Checking Registry comfile command for modifications
    Checking Registry piffile command for modifications
    Checking Registry batfile command for modifications
    Checking Registry regfile command for modifications
    Checking Registry cmdfile command for modifications
    Checking Registry scrfile command for modifications

    **************************************************
    19:02:31: Scanning ----------WIN.INI-----------
    WIN.INI found in C:\WINDOWS

    **************************************************
    19:02:31: Scanning --------SYSTEM.INI---------
    SYSTEM.INI found in C:\WINDOWS

    **************************************************
    19:02:31: ----- SCANNING FOR ROOTKIT SERVICES -----
    No hidden Services were detected.

    **************************************************
    19:02:32: Scanning -----WINDOWS REGISTRY-----
    --------------------
    Checking HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon
    This key's "Shell" value calls the following program(s):
    Explorer.exe - this entry has been left in place
    ----------
    This key's "Userinit" value calls the following program(s):
    C:\WINDOWS\system32\userinit.exe - this entry has been left in place
    ----------
    This key's "System" value appears to be blank
    ----------
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    --------------------
    Checking HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows
    Value Name = load
    The Data Value for this entry appears to be blank
    --------------------
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    This Registry Key attempts to run the following program(s):
    Value Name = LXBUCATS
    Value Data = rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXBUtime.dll,_RunDLLEntry@16 - this command has been left in place
    --------------------
    Value Name = ZoneAlarm Client
    Value Data = C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe - this command has been left in place
    --------------------
    Value Name = avast!
    Value Data = C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe - this command has been left in place
    --------------------
    Value Name = SoundMan
    Value Data = SOUNDMAN.EXE - this command has been left in place
    --------------------
    Value Name = .nvsvc
    Value Data = C:\WINDOWS\system\smss.exe /w - this command has been left in place
    --------------------
    Value Name = TrojanScanner
    Value Data = C:\Program Files\Trojan Remover\Trjscan.exe - this program is Trojan Remover's own scan file
    --------------------
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce
    This Registry Key appears to be empty
    --------------------
    Checking HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx
    This Registry Key appears to be empty
    --------------------
    Checking HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    This Registry Key attempts to run the following program(s):
    Value Name = swg
    Value Data = C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe - this command has been left in place
    --------------------
    Value Name = Spyware & Adware Removal
    Value Data = C:\Program Files\Spyware & Adware Removal\SAR.exe" NoHint - this command has been left in place [file not found to scan]
    --------------------
    Value Name = ctfmon.exe
    Value Data = C:\WINDOWS\system32\ctfmon.exe - this command has been left in place
    --------------------
    Value Name = SpybotSD TeaTimer
    Value Data = C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe - this command has been left in place
    --------------------
    --------------------
    Checking HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce
    This Registry Key appears to be empty

    **************************************************
    19:02:34: Scanning -----SHELLEXECUTEHOOKS-----
    ValueName: {AEB6717E-7E19-11d0-97EE-00C04FD91972}
    File: shell32.dll - this file is expected and has been left in place
    ----------

    **************************************************
    19:02:34: Scanning -----HIDDEN REGISTRY ENTRIES-----
    Taskdir check completed
    ----------
    No Registry Run Keys Hidden Entries found
    ----------

    **************************************************
    19:02:34: Scanning -----ACTIVE SCREENSAVER-----
    ScreenSaver=C:\WINDOWS\system32\AVASTSS.scr - this command has been left in place
    --------------------

    **************************************************
    19:02:34: Scanning ----- REGISTRY ACTIVE SETUP KEYS -----
    Checking the StubPath calls in the Active Setup\Installed Components registry keys:
    Key=<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}
    StubPath=C:\WINDOWS\system32\ieudinit.exe - this reference has been left in place
    ----------
    Key=>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}
    StubPath=C:\WINDOWS\inf\unregmp2.exe - this reference has been left in place
    ----------
    Key=>{26923b43-4d38-484f-9b9e-de460746276c}
    StubPath=C:\WINDOWS\system32\ie4uinit.exe - this reference has been left in place
    ----------
    Key=>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}
    StubPath=C:\WINDOWS\system32\shmgrate.exe - this reference has been left in place
    ----------
    Key={2C7339CF-2B09-4501-B3F3-F3508C9228ED}
    StubPath=C:\WINDOWS\system32\regsvr32.exe - this reference has been left in place
    ----------
    Key={44BBA840-CC51-11CF-AAFA-00AA00B6015C}
    StubPath=C:\Program Files\Outlook Express\setup50.exe - this reference has been left in place
    ----------
    Key={7790769C-0471-11d2-AF11-00C04FA35D02}
    StubPath=C:\Program Files\Outlook Express\setup50.exe - this reference has been left in place
    ----------
    Key={89820200-ECBD-11cf-8B85-00AA005B4340}
    StubPath=regsvr32.exe - this reference has been left in place
    ----------
    Key={89820200-ECBD-11cf-8B85-00AA005B4383}
    StubPath=C:\WINDOWS\system32\ie4uinit.exe - this reference has been left in place
    ----------

    **************************************************
    19:02:36: Scanning ----- SERVICEDLL REGISTRY KEYS -----
    Checking DLL files called from the CurrentControlSet\Services Keys:
    --------------------
    Key=Alerter
    ServiceDLL=%SystemRoot%\system32\alrsvc.dll - this reference has been left in place
    --------------------
    Key=AppMgmt
    ServiceDLL=%SystemRoot%\System32\appmgmts.dll - this file is globally excluded (file cannot be found)
    --------------------
    Key=AudioSrv
    ServiceDLL=%SystemRoot%\System32\audiosrv.dll - this reference has been left in place
    --------------------
    Key=BITS
    ServiceDLL=C:\WINDOWS\system32\qmgr.dll - this reference has been left in place
    --------------------
    Key=Browser
    ServiceDLL=%SystemRoot%\System32\browser.dll - this reference has been left in place
    --------------------
    Key=CryptSvc
    ServiceDLL=%SystemRoot%\System32\cryptsvc.dll - this reference has been left in place
    --------------------
    Key=DcomLaunch
    ServiceDLL=%SystemRoot%\system32\rpcss.dll - this reference has been left in place
    --------------------
    Key=Dhcp
    ServiceDLL=%SystemRoot%\System32\dhcpcsvc.dll - this reference has been left in place
    --------------------
    Key=dmserver
    ServiceDLL=%SystemRoot%\System32\dmserver.dll - this reference has been left in place
    --------------------
    Key=Dnscache
    ServiceDLL=%SystemRoot%\System32\dnsrslvr.dll - this reference has been left in place
    --------------------
    Key=ERSvc
    ServiceDLL=%SystemRoot%\System32\ersvc.dll - this reference has been left in place
    --------------------
    Key=EventSystem
    ServiceDLL=C:\WINDOWS\system32\es.dll - this reference has been left in place
    --------------------
    Key=FastUserSwitchingCompatibility
    ServiceDLL=%SystemRoot%\System32\shsvcs.dll - this reference has been left in place
    --------------------
    Key=helpsvc
    ServiceDLL=%WINDIR%\PCHealth\HelpCtr\Binaries\pchsvc.dll - this reference has been left in place
    --------------------
    Key=HidServ
    ServiceDLL=%SystemRoot%\System32\hidserv.dll - this file is globally excluded (file cannot be found)
    --------------------
    Key=HTTPFilter
    ServiceDLL=%SystemRoot%\System32\w3ssl.dll - this reference has been left in place
    --------------------
    Key=lanmanserver
    ServiceDLL=%SystemRoot%\System32\srvsvc.dll - this reference has been left in place
    --------------------
    Key=lanmanworkstation
    ServiceDLL=%SystemRoot%\System32\wkssvc.dll - this reference has been left in place
    --------------------
    Key=LmHosts
    ServiceDLL=%SystemRoot%\System32\lmhsvc.dll - this reference has been left in place
    --------------------
    Key=Messenger
    ServiceDLL=%SystemRoot%\System32\msgsvc.dll - this reference has been left in place
    --------------------
    Key=Netman
    ServiceDLL=%SystemRoot%\System32\netman.dll - this reference has been left in place
    --------------------
    Key=Nla
    ServiceDLL=%SystemRoot%\System32\mswsock.dll - this reference has been left in place
    --------------------
    Key=NtmsSvc
    ServiceDLL=%SystemRoot%\system32\ntmssvc.dll - this reference has been left in place
    --------------------
    Key=RasAuto
    ServiceDLL=%SystemRoot%\System32\rasauto.dll - this reference has been left in place
    --------------------
    Key=RasMan
    ServiceDLL=%SystemRoot%\System32\rasmans.dll - this reference has been left in place
    --------------------
    Key=RemoteAccess
    ServiceDLL=%SystemRoot%\System32\mprdim.dll - this reference has been left in place
    --------------------
    Key=RpcSs
    ServiceDLL=%SystemRoot%\system32\rpcss.dll - this reference has been left in place
    --------------------
    Key=Schedule
    ServiceDLL=%SystemRoot%\system32\schedsvc.dll - this reference has been left in place
    --------------------
    Key=seclogon
    ServiceDLL=%SystemRoot%\System32\seclogon.dll - this reference has been left in place
    --------------------
    Key=SENS
    ServiceDLL=%SystemRoot%\system32\sens.dll - this reference has been left in place
    --------------------
    Key=SharedAccess
    ServiceDLL=%SystemRoot%\System32\ipnathlp.dll - this reference has been left in place
    --------------------
    Key=ShellHWDetection
    ServiceDLL=%SystemRoot%\System32\shsvcs.dll - this reference has been left in place
    --------------------
    Key=srservice
    ServiceDLL=C:\WINDOWS\system32\srsvc.dll - this reference has been left in place
    --------------------
    Key=SSDPSRV
    ServiceDLL=%SystemRoot%\System32\ssdpsrv.dll - this reference has been left in place
    --------------------
    Key=stisvc
    ServiceDLL=%SystemRoot%\system32\wiaservc.dll - this reference has been left in place
    --------------------
    Key=TapiSrv
    ServiceDLL=%SystemRoot%\System32\tapisrv.dll - this reference has been left in place
    --------------------
    Key=TermService
    ServiceDLL=%SystemRoot%\System32\termsrv.dll - this reference has been left in place
    --------------------
    Key=Themes
    ServiceDLL=%SystemRoot%\System32\shsvcs.dll - this reference has been left in place
    --------------------
    Key=TrkWks
    ServiceDLL=%SystemRoot%\system32\trkwks.dll - this reference has been left in place
    --------------------
    Key=upnphost
    ServiceDLL=%SystemRoot%\System32\upnphost.dll - this reference has been left in place
    --------------------
    Key=W32Time
    ServiceDLL=C:\WINDOWS\system32\w32time.dll - this reference has been left in place
    --------------------
    Key=WebClient
    ServiceDLL=%SystemRoot%\System32\webclnt.dll - this reference has been left in place
    --------------------
    Key=winmgmt
    ServiceDLL=%SystemRoot%\system32\wbem\WMIsvc.dll - this reference has been left in place
    --------------------
    Key=WmdmPmSN
    ServiceDLL=C:\WINDOWS\system32\MsPMSNSv.dll - this reference has been left in place
    --------------------
    Key=wscsvc
    ServiceDLL=%SYSTEMROOT%\system32\wscsvc.dll - this reference has been left in place
    --------------------
    Key=wuauserv
    ServiceDLL=C:\WINDOWS\system32\wuauserv.dll - this reference has been left in place
    --------------------
    Key=WudfSvc
    ServiceDLL=%SystemRoot%\System32\WUDFSvc.dll - this reference has been left in place
    --------------------
    Key=WZCSVC
    ServiceDLL=%SystemRoot%\System32\wzcsvc.dll - this reference has been left in place
    --------------------
    Key=xmlprov
    ServiceDLL=%SystemRoot%\System32\xmlprov.dll - this reference has been left in place

    **************************************************
    19:02:41: Scanning ----- SERVICES REGISTRY KEYS -----
    Checking files called from the CurrentControlSet\Services Keys:
    Key=aaudstum
    ImagePath=\??\C:\DOCUME~1\HP_PRO~1\LOCALS~1\Temp\aaudstum.sys - this reference has been left in place [file not found to scan]
    ----------
    Key=ACPI
    ImagePath=system32\DRIVERS\ACPI.sys - this reference has been left in place
    ----------
    Key=AdfuUd
    ImagePath=System32\Drivers\AdfuUd.sys - this reference has been left in place
    ----------
    Key=ADSLAutoconnect
    ImagePath="C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe" -z - this reference has been left in place
    ----------
    Key=aec
    ImagePath=system32\drivers\aec.sys - this reference has been left in place
    ----------
    Key=AFD
    ImagePath=\SystemRoot\System32\drivers\afd.sys - this reference has been left in place
    ----------
    Key=ALCXWDM
    ImagePath=system32\drivers\ALCXWDM.SYS - this reference has been left in place
    ----------
    Key=ALG
    ImagePath=%SystemRoot%\System32\alg.exe - this reference has been left in place
    ----------
    Key=AmdK8
    ImagePath=system32\DRIVERS\AmdK8.sys - this reference has been left in place
    ----------
    Key=Arp1394
    ImagePath=system32\DRIVERS\arp1394.sys - this reference has been left in place
    ----------
    Key=aspnet_state
    ImagePath=%SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe - this reference has been left in place
    ----------
    Key=aswUpdSv
    ImagePath="C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe" - this reference has been left in place
    ----------
    Key=AsyncMac
    ImagePath=system32\DRIVERS\asyncmac.sys - this reference has been left in place
    ----------
    Key=atapi
    ImagePath=system32\DRIVERS\atapi.sys - this reference has been left in place
    ----------
    Key=Ati HotKey Poller
    ImagePath=%SystemRoot%\system32\Ati2evxx.exe - this reference has been left in place
    ----------
    Key=ati2mtag
    ImagePath=system32\DRIVERS\ati2mtag.sys - this reference has been left in place
    ----------
    Key=Atmarpc
    ImagePath=system32\DRIVERS\atmarpc.sys - this reference has been left in place
    ----------
    Key=audstub
    ImagePath=system32\DRIVERS\audstub.sys - this reference has been left in place
    ----------
    Key=avast! Antivirus
    ImagePath="C:\Program Files\Alwil Software\Avast4\ashServ.exe" - this reference has been left in place
    ----------
    Key=avast! Mail Scanner
    ImagePath="C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service - this reference has been left in place
    ----------
    Key=avast! Web Scanner
    ImagePath="C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service - this reference has been left in place
    ----------
    Key=Boonty Games
    ImagePath="C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe" - this reference has been left in place
    ----------
    Key=Bridge
    ImagePath=system32\DRIVERS\bridge.sys - this reference has been left in place
    ----------
    Key=BridgeMP
    ImagePath=system32\DRIVERS\bridge.sys - this reference has been left in place
    ----------
    Key=CCDECODE
    ImagePath=system32\DRIVERS\CCDECODE.sys - this reference has been left in place
    ----------
    Key=Cdrom
    ImagePath=system32\DRIVERS\cdrom.sys - this reference has been left in place
    ----------
    Key=CiSvc
    ImagePath=%SystemRoot%\system32\cisvc.exe - this reference has been left in place
    ----------
    Key=ClipSrv
    ImagePath=%SystemRoot%\system32\clipsrv.exe - this reference has been left in place
    ----------
    Key=clr_optimization_v2.0.50727_32
    ImagePath=C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe - this reference has been left in place
    ----------
    Key=COMSysApp
    ImagePath=C:\WINDOWS\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} - this reference has been left in place
    ----------
    Key=CO_Mon
    ImagePath=\??\C:\WINDOWS\system32\Drivers\CO_Mon.sys - this reference has been left in place
    ----------
    Key=Disk
    ImagePath=system32\DRIVERS\disk.sys - this reference has been left in place
    ----------
    Key=dmadmin
    ImagePath=%SystemRoot%\System32\dmadmin.exe /com - this reference has been left in place
    ----------
    Key=dmboot
    ImagePath=System32\drivers\dmboot.sys - this reference has been left in place
    ----------
    Key=dmio
    ImagePath=System32\drivers\dmio.sys - this reference has been left in place
    ----------
    Key=dmload
    ImagePath=System32\drivers\dmload.sys - this reference has been left in place
    ----------
    Key=DMusic
    ImagePath=system32\drivers\DMusic.sys - this reference has been left in place
    ----------
    Key=driverhardwarev2
    ImagePath=\??\C:\Program Files\HardwareDetection\driverhardwarev2.sys - this reference has been left in place
    ----------
    Key=drmkaud
    ImagePath=system32\drivers\drmkaud.sys - this reference has been left in place
    ----------
    Key=Eventlog
    ImagePath=%SystemRoot%\system32\services.exe - this reference has been left in place
    ----------
    Key=Fdc
    ImagePath=system32\DRIVERS\fdc.sys - this reference has been left in place
    ----------
    Key=Flpydisk
    ImagePath=system32\DRIVERS\flpydisk.sys - this reference has been left in place
    ----------
    Key=FltMgr
    ImagePath=system32\DRIVERS\fltMgr.sys - this reference has been left in place
    ----------
    Key=FontCache3.0.0.0
    ImagePath=c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe - this reference has been left in place
    ----------
    Key=Ftdisk
    ImagePath=system32\DRIVERS\ftdisk.sys - this reference has been left in place
    ----------
    Key=Gpc
    ImagePath=system32\DRIVERS\msgpc.sys - this reference has been left in place
    ----------
    Key=gusvc
    ImagePath="C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" - this reference has been left in place
    ----------
    Key=hamachi_oem
    ImagePath=system32\DRIVERS\gan_adapter.sys - this reference has been left in place
    ----------
    Key=HidUsb
    ImagePath=system32\DRIVERS\hidusb.sys - this reference has been left in place
    ----------
    Key=HTTP
    ImagePath=System32\Drivers\HTTP.sys - this reference has been left in place
    ----------
    Key=i8042prt
    ImagePath=system32\DRIVERS\i8042prt.sys - this reference has been left in place
    ----------
    Key=IDriverT
    ImagePath="C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe" - this reference has been left in place
    ----------
    Key=idsvc
    ImagePath="C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe" - this reference has been left in place
    ----------
    Key=Imapi
    ImagePath=system32\DRIVERS\imapi.sys - this reference has been left in place
    ----------
    Key=Imapi Helper
    ImagePath="C:\Program Files\Alex Feinman\ISO Recorder\ImapiHelper.exe" - this reference has been left in place
    ----------
    Key=ImapiService
    ImagePath=C:\WINDOWS\system32\imapi.exe - this reference has been left in place
    ----------
    Key=IntelIde
    ImagePath=system32\DRIVERS\intelide.sys - this reference has been left in place
    ----------
    Key=intelppm
    ImagePath=system32\DRIVERS\intelppm.sys - this reference has been left in place [file not found to scan]
    ----------
    Key=Ip6Fw
    ImagePath=system32\DRIVERS\Ip6Fw.sys - this reference has been left in place
    ----------
    Key=IpFilterDriver
    ImagePath=system32\DRIVERS\ipfltdrv.sys - this reference has been left in place
    ----------
    Key=IpInIp
    ImagePath=system32\DRIVERS\ipinip.sys - this reference has been left in place
    ----------
    Key=IpNat
    ImagePath=system32\DRIVERS\ipnat.sys - this reference has been left in place
    ----------
    Key=iPod Service
    ImagePath="C:\Program Files\iPod\bin\iPodService.exe" - this reference has been left in place [file not found to scan]
    ----------
    Key=IPSec
    ImagePath=system32\DRIVERS\ipsec.sys - this reference has been left in place
    ----------
    Key=IRENUM
    ImagePath=system32\DRIVERS\irenum.sys - this reference has been left in place
    ----------
    Key=isapnp
    ImagePath=system32\DRIVERS\isapnp.sys - this reference has been left in place
    ----------
    Key=Kbdclass
    ImagePath=system32\DRIVERS\kbdclass.sys - this reference has been left in place
    ----------
    Key=kmixer
    ImagePath=system32\drivers\kmixer.sys - this reference has been left in place
    ----------
    Key=ltmodem5
    ImagePath=system32\DRIVERS\ltmdmnt.sys - this reference has been left in place
    ----------
    Key=Lvckap
    ImagePath=\??\C:\WINDOWS\system32\drivers\Lvckap.sys - this reference has been left in place
    ----------
    Key=lvmvdrv
    ImagePath=\??\C:\WINDOWS\system32\drivers\lvmvdrv.sys - this reference has been left in place
    ----------
    Key=LVPrcMon
    ImagePath=\??\C:\WINDOWS\system32\drivers\LVPrcMon.sys - this reference has been left in place
    ----------
    Key=LVPrcSrv
    ImagePath=c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe - this reference has been left in place
    ----------
    Key=LVUSBSta
    ImagePath=system32\drivers\lvusbsta.sys - this reference has been left in place
    ----------
    Key=lxbu_device
    ImagePath=C:\WINDOWS\system32\lxbucoms.exe -service - this reference has been left in place
    ----------
    Key=MDM
    ImagePath="C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE" - this reference has been left in place
    ----------
    Key=mnmsrvc
    ImagePath=C:\WINDOWS\system32\mnmsrvc.exe - this reference has been left in place
    ----------
    Key=Mouclass
    ImagePath=system32\DRIVERS\mouclass.sys - this reference has been left in place
    ----------
    Key=mouhid
    ImagePath=system32\DRIVERS\mouhid.sys - this reference has been left in place
    ----------
    Key=MRxDAV
    ImagePath=system32\DRIVERS\mrxdav.sys - this reference has been left in place
    ----------
    Key=MRxSmb
    ImagePath=system32\DRIVERS\mrxsmb.sys - this reference has been left in place
    ----------
    Key=MSDTC
    ImagePath=C:\WINDOWS\system32\msdtc.exe - this reference has been left in place
    ----------
    Key=MSIServer
    ImagePath=C:\WINDOWS\system32\msiexec.exe /V - this reference has been left in place
    ----------
    Key=MSKSSRV
    ImagePath=system32\drivers\MSKSSRV.sys - this reference has been left in place
    ----------
    Key=MSPCLOCK
    ImagePath=system32\drivers\MSPCLOCK.sys - this reference has been left in place
    ----------
    Key=MSPQM
    ImagePath=system32\drivers\MSPQM.sys - this reference has been left in place
    ----------
    Key=mssmbios
    ImagePath=system32\DRIVERS\mssmbios.sys - this reference has been left in place
    ----------
    Key=MSTEE
    ImagePath=system32\drivers\MSTEE.sys - this reference has been left in place
    ----------
    Key=NABTSFEC
    ImagePath=system32\DRIVERS\NABTSFEC.sys - this reference has been left in place
    ----------
    Key=NdisIP
    ImagePath=system32\DRIVERS\NdisIP.sys - this reference has been left in place
    ----------
    Key=NdisTapi
    ImagePath=system32\DRIVERS\ndistapi.sys - this reference has been left in place
    ----------
    Key=Ndisuio
    ImagePath=system32\DRIVERS\ndisuio.sys - this reference has been left in place
    ----------
    Key=NdisWan
    ImagePath=system32\DRIVERS\ndiswan.sys - this reference has been left in place
    ----------
    Key=NetBIOS
    ImagePath=system32\DRIVERS\netbios.sys - this reference has been left in place
    ----------
    Key=NetBT
    ImagePath=system32\DRIVERS\netbt.sys - this reference has been left in place
    ----------
    Key=NetDDE
    ImagePath=%SystemRoot%\system32\netdde.exe - this reference has been left in place
    ----------
    Key=NetDDEdsdm
    ImagePath=%SystemRoot%\system32\netdde.exe - this reference has been left in place
    ----------
    Key=Netlogon
    ImagePath=%SystemRoot%\system32\lsass.exe - this reference has been left in place
    ----------
    Key=NIC1394
    ImagePath=system32\DRIVERS\nic1394.sys - this reference has been left in place
    ----------
    Key=NPPTNT2
    ImagePath=\??\C:\WINDOWS\system32\npptNT2.sys - this reference has been left in place
    ----------
    Key=NtLmSsp
    ImagePath=%SystemRoot%\system32\lsass.exe - this reference has been left in place
    ----------
    Key=NwlnkFlt
    ImagePath=system32\DRIVERS\nwlnkflt.sys - this reference has been left in place
    ----------
    Key=NwlnkFwd
    ImagePath=system32\DRIVERS\nwlnkfwd.sys - this reference has been left in place
    ----------
    Key=NwlnkIpx
    ImagePath=system32\DRIVERS\nwlnkipx.sys - this reference has been left in place
    ----------
    Key=NwlnkNb
    ImagePath=system32\DRIVERS\nwlnknb.sys - this reference has been left in place
    ----------
    Key=NwlnkSpx
    ImagePath=system32\DRIVERS\nwlnkspx.sys - this reference has been left in place
    ----------
    Key=ohci1394
    ImagePath=system32\DRIVERS\ohci1394.sys - this reference has been left in place
    ----------
    Key=ose
    ImagePath="C:\Program Files\Fichiers communs\Microsoft Shared\Source Engine\OSE.EXE" - this reference has been left in place
    ----------
    Key=Parport
    ImagePath=system32\DRIVERS\parport.sys - this reference has been left in place
    ----------
    Key=PCAMPR5
    ImagePath=\??\C:\WINDOWS\system32\PCAMPR5.SYS - this reference has been left in place [file not found to scan]
    ----------
    Key=PCANDIS5
    ImagePath=\??\C:\WINDOWS\system32\PCANDIS5.SYS - this reference has been left in place
    ----------
    Key=PCI
    ImagePath=system32\DRIVERS\pci.sys - this reference has been left in place
    ----------
    Key=PCIIde
    ImagePath=system32\DRIVERS\pciide.sys - this reference has been left in place
    ----------
    Key=PlugPlay
    ImagePath=%SystemRoot%\system32\services.exe - this reference has been left in place
    ----------
    Key=PolicyAgent
    ImagePath=%SystemRoot%\system32\lsass.exe - this reference has been left in place
    ----------
    Key=PptpMiniport
    ImagePath=system32\DRIVERS\raspptp.sys - this reference has been left in place
    ----------
    Key=Processor
    ImagePath=system32\DRIVERS\processr.sys - this reference has been left in place
    ----------
    Key=ProtectedStorage
    ImagePath=%SystemRoot%\system32\lsass.exe - this reference has been left in place
    ----------
    Key=Ps2
    ImagePath=system32\DRIVERS\PS2.sys - this reference has been left in place
    ----------
    Key=PSched
    ImagePath=system32\DRIVERS\psched.sys - this reference has been left in place
    ----------
    Key=Ptilink
    ImagePath=system32\DRIVERS\ptilink.sys - this reference has been left in place
    ----------
    Key=PxHelp20
    ImagePath=System32\Drivers\PxHelp20.sys - this reference has been left in place
    ----------
    Key=QCMerced
    ImagePath=system32\DRIVERS\LVCM.sys - this reference has been left in place
    ----------
    Key=RasAcd
    ImagePath=system32\DRIVERS\rasacd.sys - this reference has been left in place
    ----------
    Key=Rasl2tp
    ImagePath=system32\DRIVERS\rasl2tp.sys - this reference has been left in place
    ----------
    Key=RasPppoe
    ImagePath=system32\DRIVERS\raspppoe.sys - this reference has been left in place
    ----------
    Key=Raspti
    ImagePath=system32\DRIVERS\raspti.sys - this reference has been left in place
    ----------
    Key=Rdbss
    ImagePath=system32\DRIVERS\rdbss.sys - this reference has been left in place
    ----------
    Key=RDPCDD
    ImagePath=System32\DRIVERS\RDPCDD.sys - this reference has been left in place
    ----------
    Key=RDSessMgr
    ImagePath=C:\WINDOWS\system32\sessmgr.exe - this reference has been left in place
    ----------
    Key=redbook
    ImagePath=system32\DRIVERS\redbook.sys - this reference has been left in place
    ----------
    Key=RpcLocator
    ImagePath=%SystemRoot%\system32\locator.exe - this reference has been left in place
    ----------
    Key=RSVP
    ImagePath=%SystemRoot%\system32\rsvp.exe - this reference has been left in place
    ----------
    Key=RTL8023xp
    ImagePath=system32\DRIVERS\Rtlnicxp.sys - this reference has been left in place
    ----------
    Key=rtl8139
    ImagePath=system32\DRIVERS\RTL8139.SYS - this reference has been left in place
    ----------
    Key=SamSs
    ImagePath=%SystemRoot%\system32\lsass.exe - this reference has been left in place
    ----------
    Key=SCardSvr
    ImagePath=%SystemRoot%\System32\SCardSvr.exe - this reference has been left in place
    ----------
    Key=Secdrv
    ImagePath=system32\DRIVERS\secdrv.sys - this reference has been left in place
    ----------
    Key=SerialKeys
    ImagePath=C:\WINDOWS\system32\skeys.exe - this reference has been left in place
    ----------
    Key=sfdrv01
    ImagePath=System32\drivers\sfdrv01.sys - this reference has been left in place
    ----------
    Key=sfhlp02
    ImagePath=System32\drivers\sfhlp02.sys - this reference has been left in place
    ----------
    Key=sfvfs02
    ImagePath=System32\drivers\sfvfs02.sys - this reference has been left in place
    ----------
    Key=SLIP
    ImagePath=system32\DRIVERS\SLIP.sys - this reference has been left in place
    ----------
    Key=splitter
    ImagePath=system32\drivers\splitter.sys - this reference has been left in place
    ----------
    Key=Spooler
    ImagePath=%SystemRoot%\system32\spoolsv.exe - this reference has been left in place
    ----------
    Key=sr
    ImagePath=system32\DRIVERS\sr.sys - this reference has been left in place
    ----------
    Key=srescan
    ImagePath=system32\ZoneLabs\srescan.sys - this reference has been left in place
    ----------
    Key=Srv
    ImagePath=system32\DRIVERS\srv.sys - this reference has been left in place
    ----------
    Key=streamip
    ImagePath=system32\DRIVERS\StreamIP.sys - this reference has been left in place
    ----------
    Key=swenum
    ImagePath=system32\DRIVERS\swenum.sys - this reference has been left in place
    ----------
    Key=swmidi
    ImagePath=system32\drivers\swmidi.sys - this reference has been left in place
    ----------
    Key=SwPrv
    ImagePath=C:\WINDOWS\system32\dllhost.exe /Processid:{383FA16D-AF8F-4C60-B213-2B9363664871} - this reference has been left in place
    ----------
    Key=sysaudio
    ImagePath=system32\drivers\sysaudio.sys - this reference has been left in place
    ----------
    Key=SysmonLog
    ImagePath=%SystemRoot%\system32\smlogsvc.exe - this reference has been left in place
    ----------
    Key=Tcpip
    ImagePath=system32\DRIVERS\tcpip.sys - this reference has been left in place
    ----------
    Key=TermDD
    ImagePath=system32\DRIVERS\termdd.sys - this reference has been left in place
    ----------
    Key=Update
    ImagePath=system32\DRIVERS\update.sys - this reference has been left in place
    ----------
    Key=UPS
    ImagePath=%SystemRoot%\System32\ups.exe - this reference has been left in place
    ----------
    Key=usbaudio
    ImagePath=system32\drivers\usbaudio.sys - this reference has been left in place
    ----------
    Key=usbccgp
    ImagePath=system32\DRIVERS\usbccgp.sys - this reference has been left in place
    ----------
    Key=usbehci
    ImagePath=system32\DRIVERS\usbehci.sys - this reference has been left in place
    ----------
    Key=usbhub
    ImagePath=system32\DRIVERS\usbhub.sys - this reference has been left in place
    ----------
    Key=usbohci
    ImagePath=system32\DRIVERS\usbohci.sys - this reference has been left in place
    ----------
    Key=usbprint
    ImagePath=system32\DRIVERS\usbprint.sys - this reference has been left in place
    ----------
    Key=usbscan
    ImagePath=system32\DRIVERS\usbscan.sys - this reference has been left in place
    ----------
    Key=USBSTOR
    ImagePath=system32\DRIVERS\USBSTOR.SYS - this reference has been left in place
    ----------
    Key=usbuhci
    ImagePath=system32\DRIVERS\usbuhci.sys - this reference has been left in place
    ----------
    Key=USB_RNDIS
    ImagePath=system32\DRIVERS\usb8023.sys - this reference has been left in place
    ----------
    Key=usnjsvc
    ImagePath="C:\Program Files\MSN Messenger\usnsvc.exe" - this reference has been left in place
    ----------
    Key=VgaSave
    ImagePath=\SystemRoot\System32\drivers\vga.sys - this reference has been left in place
    ----------
    Key=ViaIde
    ImagePath=system32\DRIVERS\viaide.sys - this reference has been left in place
    ----------
    Key=vsdatant
    ImagePath=System32\vsdatant.sys - this reference has been left in place
    ----------
    Key=vsmon
    ImagePath=C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service - this file is globally excluded
    ----------
    Key=VSS
    ImagePath=%SystemRoot%\System32\vssvc.exe - this reference has been left in place
    ----------
    Key=Wanarp
    ImagePath=system32\DRIVERS\wanarp.sys - this reference has been left in place
    ----------
    Key=wdmaud
    ImagePath=system32\drivers\wdmaud.sys - this reference has been left in place
    ----------
    Key=WmiApSrv
    ImagePath=C:\WINDOWS\system32\wbem\wmiapsrv.exe - this reference has been left in place
    ----------
    Key=WMPNetworkSvc
    ImagePath=C:\Program Files\Windows Media Player\WMPNetwk.exe - this reference has been left in place
    ----------
    Key=WSTCODEC
    ImagePath=system32\DRIVERS\WSTCODEC.SYS - this reference has been left in place
    ----------
    Key=WudfPf
    ImagePath=system32\DRIVERS\WudfPf.sys - this reference has been left in place
    ----------
    Key=WudfRd
    ImagePath=system32\DRIVERS\wudfrd.sys - this reference has been left in place
    ----------

    **************************************************
    19:03:26: Scanning -----VXD ENTRIES-----
    Checking VMM32 VxD files being loaded

    **************************************************
    19:03:26: Scanning ----- WINLOGON\NOTIFY DLLS -----
    Checking DLLs called from the Winlogon\Notify key:
    Key=AtiExtEvent
    DLLName=Ati2evxx.dll - this reference has been left in place
    ----------
    Key=crypt32chain
    DLLName=crypt32.dll - this reference has been left in place
    ----------
    Key=cryptnet
    DLLName=cryptnet.dll - this reference has been left in place
    ----------
    Key=cscdll
    DLLName=cscdll.dll - this reference has been left in place
    ----------
    Key=ScCertProp
    DLLName=wlnotify.dll - this reference has been left in place
    ----------
    Key=Schedule
    DLLName=wlnotify.dll - this reference has been left in place
    ----------
    Key=sclgntfy
    DLLName=sclgntfy.dll - this reference has been left in place
    ----------
    Key=SensLogn
    DLLName=WlNotify.dll - this reference has been left in place
    ----------
    Key=termsrv
    DLLName=wlnotify.dll - this reference has been left in place
    ----------
    Key=WgaLogon
    DLLName=WgaLogon.dll - this reference has been left in place
    ----------
    Key=wlballoon
    DLLName=wlnotify.dll - this reference has been left in place
    ----------

    **************************************************
    19:03:27: Scanning ----- CONTEXTMENUHANDLERS -----
    Key = avast
    CLSID = {472083B0-C522-11CF-8763-00608CC02F24}
    C:\Program Files\Alwil Software\Avast4\ashShell.dll - this ContextMenuHandler has been left in place
    ----------
    Key = BriefcaseMenu
    CLSID = {85BBD920-42A0-1069-A2E4-08002B30309D}
    syncui.dll - this ContextMenuHandler has been left in place
    ----------
    Key = Fichiers hors connexion
    CLSID = {750fdf0e-2a26-11d1-a3ea-080036587f03}
    %SystemRoot%\System32\cscui.dll - this ContextMenuHandler has been left in place
    ----------
    Key = NppShellExt
    CLSID = {1CE8B2C9-EAEF-43fc-8218-F092E4F94A47}
    File = [CLSID does not appear to reference a file]
    ----------
    Key = Open With
    CLSID = {09799AFB-AD67-11d1-ABCD-00C04FC30936}
    %SystemRoot%\system32\SHELL32.dll - this ContextMenuHandler has been left in place
    ----------
    Key = Open With EncryptionMenu
    CLSID = {A470F8CF-A1E8-4f65-8335-227475AA5C46}
    %SystemRoot%\system32\SHELL32.dll - this ContextMenuHandler has been left in place
    ----------
    Key = Trojan Remover
    CLSID = {52B87208-9CCF-42C9-B88E-069281105805}
    C:\PROGRA~1\TROJAN~1\Trshlex.dll - this ContextMenuHandler has been left in place
    ----------
    Key = ZLAVShExt
    CLSID = {D9872D13-7651-4471-9EEE-F0A00218BEBB}
    C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll - this ContextMenuHandler has been left in place
    ----------
    Key = {a2a9545d-a0c2-42b4-9708-a0b2badd77c8}
    %SystemRoot%\system32\SHELL32.dll - this ContextMenuHandler has been left in place
    ----------

    **************************************************
    19:03:28: Scanning ----- FOLDER\COLUMNHANDLERS -----
    Key = {0D2E74C4-3C34-11d2-A27E-00C04FC30871}
    %SystemRoot%\system32\SHELL32.dll - this Folder\ColumnHandler has been left in place
    ----------
    Key = {24F14F01-7B1C-11d1-838f-0000F80461CF}
    %SystemRoot%\system32\SHELL32.dll - this Folder\ColumnHandler has been left in place
    ----------
    Key = {24F14F02-7B1C-11d1-838f-0000F80461CF}
    %SystemRoot%\system32\SHELL32.dll - this Folder\ColumnHandler has been left in place
    ----------
    Key = {66742402-F9B9-11D1-A202-0000F81FEDEE}
    %SystemRoot%\system32\SHELL32.dll - this Folder\ColumnHandler has been left in place
    ----------
    Key = {F9DB5320-233E-11D1-9F84-707F02C10627}
    C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll - this Folder\ColumnHandler has been left in place
    ----------

    **************************************************
    19:03:28: Scanning ----- BROWSER HELPER OBJECTS -----
    Key = {22BF413B-C6D2-4d91-82A9-A0F997BA588C}
    C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL - this Browser Helper Object has been left in place
    ----------
    Key = {53707962-6F74-2D53-2644-206D7942484F}
    C:\PROGRA~1\SPYBOT~1\SDHelper.dll - this Browser Helper Object has been left in place
    ----------
    Key = {9030D464-4C02-4ABF-8ECC-5164760863C6}
    C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - this Browser Helper Object has been left in place
    ----------
    Key = {AA58ED58-01DD-4d91-8333-CF10577473F7}
    c:\program files\google\googletoolbar2.dll - this Browser Helper Object has been left in place
    ----------

    **************************************************
    19:03:28: Scanning ----- SHELLSERVICEOBJECTS -----
    Key = PostBootReminder
    %SystemRoot%\system32\SHELL32.dll - this ShellServiceObject has been left in place
    ----------
    Key = CDBurn
    %SystemRoot%\system32\SHELL32.dll - this ShellServiceObject has been left in place
    ----------
    Key = WebCheck
    C:\WINDOWS\system32\webcheck.dll - this ShellServiceObject has been left in place
    ----------
    Key = SysTray
    C:\WINDOWS\system32\stobject.dll - this ShellServiceObject has been left in place
    ----------
    Key = WPDShServiceObj
    C:\WINDOWS\system32\WPDShServiceObj.dll - this ShellServiceObject has been left in place
    ----------

    **************************************************
    19:03:29: Scanning ----- SHAREDTASKSCHEDULER ENTRIES -----
    Value = {438755C2-A8BA-11D1-B96B-00A0C90312E1}
    Comment = Pré-chargeur Browseui
    File: %SystemRoot%\system32\browseui.dll - this SharedTaskScheduler entry has been left in place
    ----------
    Value = {8C7461EF-2B13-11d2-BE35-3078302C2030}
    Comment = Démon de cache des catégories de composant
    File: %SystemRoot%\system32\browseui.dll - this SharedTaskScheduler entry has been left in place
    ----------

    **************************************************
    19:03:29: Scanning ----- IMAGEFILE DEBUGGERS -----
    No "Debugger" entries found.

    **************************************************
    19:03:29: Scanning ----- APPINIT_DLLS -----
    The AppInit_DLLs value is blank

    **************************************************
    19:03:29: Scanning ------ COMMON STARTUP GROUP ------
    [C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage]
    The Common Startup Group attempts to load the following file(s) at boot time:
    desktop.ini - this file is expected and has been left in place
    --------------------
    HP Digital Imaging Monitor.lnk - this links to C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe and has been left in place
    --------------------
    Lancement rapide d'Adobe Reader.lnk - this links to C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe and has been left in place
    --------------------

    **************************************************
    No User Startup Groups were located to check

    **************************************************
    19:03:29: Scanning ----- SCHEDULED TASKS -----

    **************************************************
    19:03:29: ----- EXTRA CHECKS -----
    PE386 rootkit checks completed
    ----------
    Winlogon registry rootkit checks completed
    ----------
    Heuristic checks for hidden files/drivers completed
    ----------

    **************************************************
    19:03:29: Scanning ------ DOWNLOADED PROGRAM FILES ------
    The following files are located in the DOWNLOADED PROGRAM FILES directory:
    C:\WINDOWS\Downloaded Program Files\avsniff.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\avsniff.inf - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\avsniffdlgs.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\AXXPEE.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\CabSA.inf - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\catalog.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\desktop.ini - this file is expected and has been left in place
    C:\WINDOWS\Downloaded Program Files\dwusplay.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\dwusplay.exe - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\ecbootil.vxd - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\ecmldr32.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\ecmsvr32.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\erma.inf - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\GAME_UNO1.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\GAME_UNO1.INF - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\IaLdr32.inf - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\isusweb.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\messengerstatsclient.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\MessengerStatsPAClient.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\MsnPUpld.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\MsnPUpld.inf - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\navapi.vxd - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\navapi32.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\naveng32.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\navex32a.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\OGAControl.inf - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\opuc.inf - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\PURen-us.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\purfr-fr.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\rufsi.dll - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\scrauth.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\swflash.inf - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\symaveng.cat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\symaveng.inf - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\tcdefs.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\tcscan7.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\tcscan8.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\tcscan9.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\tinf.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\tinfidx.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\tinfl.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\tscan1.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\tscan1hd.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\v.grd - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\v.sig - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\virscan.inf - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\virscan1.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\virscan2.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\virscan3.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\virscan4.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\virscan5.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\virscan6.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\virscan7.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\virscan8.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\virscan9.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\virscant.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\vscanmsx.dat - this file has been left in place
    C:\WINDOWS\Downloaded Program Files\zdone.dat - this file has been left in place

    **************************************************
    19:03:40: Scanning ----- RUNNING PROCESSES -----

    C:\WINDOWS\System32\smss.exe
    --------------------
    C:\WINDOWS\system32\csrss.exe
    --------------------
    C:\WINDOWS\system32\winlogon.exe
    --------------------
    C:\WINDOWS\system32\services.exe
    --------------------
    C:\WINDOWS\system32\lsass.exe
    --------------------
    C:\WINDOWS\system32\Ati2evxx.exe
    --------------------
    C:\WINDOWS\system32\svchost.exe
    --------------------
    C:\WINDOWS\system32\svchost.exe
    --------------------
    C:\WINDOWS\System32\svchost.exe
    --------------------
    C:\WINDOWS\system32\svchost.exe
    --------------------
    C:\WINDOWS\system32\svchost.exe
    --------------------
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    --------------------
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    --------------------
    C:\WINDOWS\system32\spoolsv.exe
    --------------------
    c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
    --------------------
    C:\WINDOWS\system32\Ati2evxx.exe
    --------------------
    C:\WINDOWS\Explorer.EXE
    --------------------
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    --------------------
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    --------------------
    C:\WINDOWS\SOUNDMAN.EXE
    --------------------
    C:\WINDOWS\system32\ctfmon.exe
    --------------------
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    --------------------
    C:\WINDOWS\system32\svchost.exe
    --------------------
    C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
    --------------------
    C:\WINDOWS\system32\svchost.exe
    --------------------
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    --------------------
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    --------------------
    C:\Program Files\ADSL Autoconnect\ADSL Autoconnect.exe
    --------------------
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    --------------------
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    --------------------
    C:\WINDOWS\System32\svchost.exe
    --------------------
    C:\WINDOWS\system32\svchost.exe
    --------------------
    C:\WINDOWS\System32\alg.exe
    --------------------
    C:\Program Files\Mozilla Firefox\firefox.exe
    --------------------
    C:\Program Files\Mozilla Firefox\firefox.exe
    --------------------
    C:\Program Files\Internet Explorer\IEXPLORE.EXE
    --------------------
    C:\Documents and Settings\HP_Propriétaire\Application Data\Simply Super Software\Trojan Remover\enr20.exe
    FileSize: 1 782 336
    [This is a Trojan Remover component]
    --------------------

    **************************************************
    19:03:48: Checking AUTOEXEC.BAT file
    AUTOEXEC.BAT found in C:\
    No malicious entries were found in the AUTOEXEC.BAT file

    **************************************************
    19:03:48: Checking AUTOEXEC.NT file
    AUTOEXEC.NT found in C:\WINDOWS\system32
    No malicious entries were found in the AUTOEXEC.NT file

    **************************************************
    ------ INTERNET EXPLORER HOME/START/SEARCH SETTINGS ------
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Start Page":
    about:blank
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\"Local Page":
    %SystemRoot%\system32\blank.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\"CustomizeSearch":
    https://www.bing.com/?toHttps=1&redig=8F3F334EA60E4B1CB4D040DCFE393A89{SUB_RFC1766}/srchasst/srchcust.htm
    HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search\"SearchAssistant":
    http://www.google.com/toolbar/ie8/sidebar.html
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Start Page":
    https://www.orange.fr/portail
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Local Page":
    C:\WINDOWS\system32\blank.htm
    HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\"Search Page":
    https://www.google.com/?gws_rd=ssl

    **************************************************

    NO CHANGES HAVE BEEN MADE TO YOUR SYSTEM FILES


    Scan completed at: 27/04/2007 19:03:48
    ************************************************************
    0
  4. luis170395 Messages postés 334 Statut Membre 51
     
    up up up
    0
  5. Vous n’avez pas trouvé la réponse que vous recherchez ?

    Posez votre question
  6. jlp
     
    scan avec A SQUARED efficace contre les cheveaux de troie:
    https://www.01net.com/telecharger/

    puis les antiespions suivant: ad aware, spybot:

    https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/26157.html
    https://www.01net.com/404/

    puis lance CCLEANER pour effacer les fichiers temporaires...

    https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html

    enfin fait un scan enligne avec KASPERKY ou PANDA par exemple:

    http://pandasoftware.fr
    0
  7. jlp
     
    quand tu lance les programme suaf le scan en ligne il faut les mettre a jour et de preference le faire en mode sans echec

    tiens nous au courant pour voir si ca a marché ou pas
    0
  8. luis170395 Messages postés 334 Statut Membre 51
     
    rapport a-squared-free :
    Version - a-squared Free 2.1

    Réglages Scan:

    Objets: Mémoire, Traces, Cookies, C:\WINDOWS\, C:\Program Files
    Scan archives: Marche
    Heuristiques: Marche
    Scan ADS: Marche

    Début du scan: 28/04/2007 10:00:29

    C:\Documents and Settings\Luis\Cookies\luis@2o7[2].txt Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Cookies\luis@weborama[2].txt Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:13 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:14 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:15 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:352 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:353 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:354 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:355 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:357 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:358 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:361 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:362 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:367 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:368 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:369 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:372 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:373 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:384 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:399 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:404 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:405 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:406 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:410 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:411 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:412 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:413 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:414 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:427 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:428 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:433 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:450 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:451 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:452 Détecter: Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:453 Détecter: Trace.TrackingCookie

    Scanné

    Fichiers: 48813
    Traces: 111397
    Cookies: 556
    Processus: 31

    Trouver

    Fichiers: 0
    Traces: 0
    Cookies: 35
    Processus: 0
    Clés de Registre: 0

    Fin du Scan: 28/04/2007 10:26:44
    Temps du Scan: 00:26:15

    C:\Documents and Settings\Luis\Cookies\luis@2o7[2].txt Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Cookies\luis@weborama[2].txt Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:13 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:14 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:15 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:352 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:353 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:354 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:355 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:357 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:358 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:361 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:362 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:367 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:368 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:369 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:372 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:373 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:384 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:399 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:404 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:405 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:406 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:410 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:411 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:412 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:413 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:414 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:427 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:428 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:433 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:450 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:451 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:452 Supprimé Trace.TrackingCookie
    C:\Documents and Settings\Luis\Application Data\Mozilla\Firefox\Profiles\ca315kh0.default\cookies.txt:453 Supprimé Trace.TrackingCookie

    Supprimé

    Fichiers: 0
    Traces: 0
    Cookies: 35
    0
  9. luis170395 Messages postés 334 Statut Membre 51
     
    spybot n'a détecter qu'un cookie traceur
    0
  10. luis170395 Messages postés 334 Statut Membre 51
     
    rapport ad aware :
    Ad-Aware SE Build 1.06r1
    Fichier journal créé le :samedi 28 avril 2007 10:51:20
    Created with Ad-Aware SE Personal, free for private use.
    Utilisation du fichier de définitions :SE1R167 23.04.2007
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Références détectées lors de l’analyse :
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    MRU List(Index TAC :0):16 Nombre total de références
    Tracking Cookie(Index TAC :3):14 Nombre total de références
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Ad-Aware SE Settings
    ===========================
    Définir : Rechercher les entrées à risque négligeable
    Définir : Mode sécurisé (tjrs demander confirm.)
    Définir : Analyser les processus actifs
    Définir : Scan registry
    Définir : Analyser en profondeur le registre
    Définir : Analyser mes favoris IE pour rech. URL interdites
    Définir : Analyser mon fichier Hosts

    Extended Ad-Aware SE Settings
    ===========================
    Définir : Décharger les modules et les processus reconnus pendant l’analyse
    Définir : Anal. reg. pr tous utili. et non pr utili. actuel uniqmnt
    Définir : Toujours essayer de décharger les modules avant la suppression
    Définir : Lors de la suppression, décharger l’Explorateur et IE si nécessaire
    Définir : Perm. Win. supp. fich. en cours au proch. démar.
    Définir : Supprimer les objets en quarantaine après la restauration
    Définir : Inclure les paramètres de base d'Ad-Aware dans le fichier journal
    Définir : Inclure les paramètres de base d'Ad-Aware dans le fichier journal
    Définir : Inclure un récapitulatif des références dans le fichier journal
    Définir : Inclure les détails des données ADS dans le fichier journal
    Définir : Émettre un son à la fin de l’analyse en cas de détection d'objets critiques

    28/04/2007 10:51:20 - L’analyse a démarré. (Analyse complète du système)

    MRU List Objet reconnu !
    Emplacement : : C:\Documents and Settings\Luis\Application Data\microsoft\office\recent
    Description : list of recently opened documents using microsoft office

    MRU List Objet reconnu !
    Emplacement : : C:\Documents and Settings\Luis\recent
    Description : list of recently opened documents

    MRU List Objet reconnu !
    Emplacement : : S-1-5-21-792680728-2042039511-3378621247-1011\software\microsoft\direct3d\mostrecentapplication
    Description : most recent application to use microsoft direct3d

    MRU List Objet reconnu !
    Emplacement : : software\microsoft\direct3d\mostrecentapplication
    Description : most recent application to use microsoft direct3d

    MRU List Objet reconnu !
    Emplacement : : S-1-5-21-792680728-2042039511-3378621247-1011\software\microsoft\direct3d\mostrecentapplication
    Description : most recent application to use microsoft direct X

    MRU List Objet reconnu !
    Emplacement : : software\microsoft\direct3d\mostrecentapplication
    Description : most recent application to use microsoft direct X

    MRU List Objet reconnu !
    Emplacement : : software\microsoft\directdraw\mostrecentapplication
    Description : most recent application to use microsoft directdraw

    MRU List Objet reconnu !
    Emplacement : : S-1-5-21-792680728-2042039511-3378621247-1011\software\microsoft\directinput\mostrecentapplication
    Description : most recent application to use microsoft directinput

    MRU List Objet reconnu !
    Emplacement : : S-1-5-21-792680728-2042039511-3378621247-1011\software\microsoft\directinput\mostrecentapplication
    Description : most recent application to use microsoft directinput

    MRU List Objet reconnu !
    Emplacement : : S-1-5-21-792680728-2042039511-3378621247-1011\software\microsoft\internet explorer\typedurls
    Description : list of recently entered addresses in microsoft internet explorer

    MRU List Objet reconnu !
    Emplacement : : S-1-5-21-792680728-2042039511-3378621247-1011\software\microsoft\mediaplayer\player\recentfilelist
    Description : list of recently used files in microsoft windows media player

    MRU List Objet reconnu !
    Emplacement : : S-1-5-21-792680728-2042039511-3378621247-1011\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru
    Description : list of recent programs opened

    MRU List Objet reconnu !
    Emplacement : : S-1-5-21-792680728-2042039511-3378621247-1011\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru
    Description : list of recently saved files, stored according to file extension

    MRU List Objet reconnu !
    Emplacement : : S-1-5-21-792680728-2042039511-3378621247-1011\software\microsoft\windows\currentversion\explorer\recentdocs
    Description : list of recent documents opened

    MRU List Objet reconnu !
    Emplacement : : S-1-5-21-792680728-2042039511-3378621247-1011\software\microsoft\windows\currentversion\explorer\runmru
    Description : mru list for items opened in start | run

    MRU List Objet reconnu !
    Emplacement : : S-1-5-21-792680728-2042039511-3378621247-1011\software\microsoft\windows media\wmsdk\general
    Description : windows media sdk

    Affichage des processus en cours d'exécution
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    #:1 [smss.exe]
    FilePath : \SystemRoot\System32\
    ProcessID : 488
    ThreadCreationTime : 28/04/2007 07:39:01
    BasePriority : Normal

    #:2 [csrss.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 540
    ThreadCreationTime : 28/04/2007 07:39:04
    BasePriority : Normal

    #:3 [winlogon.exe]
    FilePath : \??\C:\WINDOWS\system32\
    ProcessID : 568
    ThreadCreationTime : 28/04/2007 07:39:06
    BasePriority : High

    #:4 [services.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 612
    ThreadCreationTime : 28/04/2007 07:39:06
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Applications Services et Contrôleur
    InternalName : services.exe
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : services.exe

    #:5 [lsass.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 624
    ThreadCreationTime : 28/04/2007 07:39:06
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : LSA Shell (Export Version)
    InternalName : lsass.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : lsass.exe

    #:6 [ati2evxx.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 772
    ThreadCreationTime : 28/04/2007 07:39:06
    BasePriority : Normal
    FileVersion : 6.14.10.4119
    ProductVersion : 6.14.10.4119
    ProductName : ATI External Event Utility for WindowsNT and Windows9X
    CompanyName : ATI Technologies Inc.
    FileDescription : ATI External Event Utility EXE Module
    InternalName : ATI2EVXX.EXE
    LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
    OriginalFilename : ATI2EVXX.EXE

    #:7 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 784
    ThreadCreationTime : 28/04/2007 07:39:06
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:8 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 856
    ThreadCreationTime : 28/04/2007 07:39:06
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:9 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 932
    ThreadCreationTime : 28/04/2007 07:39:06
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:10 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 984
    ThreadCreationTime : 28/04/2007 07:39:07
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:11 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1092
    ThreadCreationTime : 28/04/2007 07:39:07
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:12 [aswupdsv.exe]
    FilePath : C:\Program Files\Alwil Software\Avast4\
    ProcessID : 1240
    ThreadCreationTime : 28/04/2007 07:39:08
    BasePriority : Normal
    FileVersion : 4, 7, 985, 0
    ProductVersion : 4, 7, 0, 0
    ProductName : avast! Antivirus
    CompanyName : ALWIL Software
    FileDescription : avast! Antivirus updating service
    InternalName : aswUpdSv.exe
    LegalCopyright : Copyright (c) 2007 ALWIL Software
    OriginalFilename : aswUpdSv.exe

    #:13 [ashserv.exe]
    FilePath : C:\Program Files\Alwil Software\Avast4\
    ProcessID : 1288
    ThreadCreationTime : 28/04/2007 07:39:08
    BasePriority : High
    FileVersion : 4, 7, 985, 0
    ProductVersion : 4, 7, 0, 0
    ProductName : avast! Antivirus
    CompanyName : ALWIL Software
    FileDescription : avast! antivirus service
    InternalName : aswServ
    LegalCopyright : Copyright (c) 2007 ALWIL Software
    OriginalFilename : aswServ.exe

    #:14 [spoolsv.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1500
    ThreadCreationTime : 28/04/2007 07:39:11
    BasePriority : Normal
    FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519)
    ProductVersion : 5.1.2600.2696
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Spooler SubSystem App
    InternalName : spoolsv.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : spoolsv.exe

    #:15 [lvprcsrv.exe]
    FilePath : c:\program files\fichiers communs\logitech\lvmvfm\
    ProcessID : 1576
    ThreadCreationTime : 28/04/2007 07:39:11
    BasePriority : Normal
    FileVersion : 9.5.0.1098
    ProductVersion : 9.5.0.1098
    ProductName : Logitech QuickCam
    CompanyName : Logitech Inc.
    FileDescription : Logitech LVPrcSrv Module.
    InternalName : LVPrcSrv.exe
    LegalCopyright : (c) 1996-2006 Logitech. All rights reserved.
    OriginalFilename : LVPrcSrv.exe

    #:16 [ati2evxx.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 1732
    ThreadCreationTime : 28/04/2007 07:39:17
    BasePriority : Normal
    FileVersion : 6.14.10.4119
    ProductVersion : 6.14.10.4119
    ProductName : ATI External Event Utility for WindowsNT and Windows9X
    CompanyName : ATI Technologies Inc.
    FileDescription : ATI External Event Utility EXE Module
    InternalName : ATI2EVXX.EXE
    LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc.
    OriginalFilename : ATI2EVXX.EXE

    #:17 [explorer.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 1840
    ThreadCreationTime : 28/04/2007 07:39:17
    BasePriority : Normal
    FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 6.00.2900.2180
    ProductName : Système d'exploitation Microsoft® Windows®
    CompanyName : Microsoft Corporation
    FileDescription : Explorateur Windows
    InternalName : explorer
    LegalCopyright : © Microsoft Corporation. Tous droits réservés.
    OriginalFilename : EXPLORER.EXE

    #:18 [mdm.exe]
    FilePath : C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\
    ProcessID : 2032
    ThreadCreationTime : 28/04/2007 07:39:18
    BasePriority : Normal
    FileVersion : 7.00.9466
    ProductVersion : 7.00.9466
    ProductName : Microsoft® Visual Studio .NET
    CompanyName : Microsoft Corporation
    FileDescription : Machine Debug Manager
    InternalName : mdm.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : mdm.exe

    #:19 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 212
    ThreadCreationTime : 28/04/2007 07:39:18
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:20 [vsmon.exe]
    FilePath : C:\WINDOWS\system32\ZoneLabs\
    ProcessID : 360
    ThreadCreationTime : 28/04/2007 07:39:18
    BasePriority : Normal
    FileVersion : 7.0.337.000
    ProductVersion : 7.0.337.000
    ProductName : TrueVector Service
    CompanyName : Zone Labs, LLC
    FileDescription : TrueVector Service
    InternalName : vsmon
    LegalCopyright : Copyright © 1998-2006, Zone Labs, LLC
    OriginalFilename : vsmon.exe

    #:21 [zlclient.exe]
    FilePath : C:\Program Files\Zone Labs\ZoneAlarm\
    ProcessID : 1744
    ThreadCreationTime : 28/04/2007 07:39:22
    BasePriority : Normal
    FileVersion : 7.0.337.000
    ProductVersion : 7.0.337.000
    ProductName : ZoneAlarm Client
    CompanyName : Zone Labs, LLC
    FileDescription : ZoneAlarm Client
    InternalName : zlclient
    LegalCopyright : Copyright © 1998-2006, Zone Labs, LLC
    OriginalFilename : zlclient.exe

    #:22 [ashdisp.exe]
    FilePath : C:\PROGRA~1\ALWILS~1\Avast4\
    ProcessID : 1780
    ThreadCreationTime : 28/04/2007 07:39:22
    BasePriority : Normal
    FileVersion : 4, 7, 985, 0
    ProductVersion : 4, 7, 0, 0
    ProductName : avast! Antivirus
    CompanyName : ALWIL Software
    FileDescription : avast! service GUI component
    InternalName : aswDisp
    LegalCopyright : Copyright (c) 2007 ALWIL Software
    OriginalFilename : aswDisp.exe

    #:23 [soundman.exe]
    FilePath : C:\WINDOWS\
    ProcessID : 1784
    ThreadCreationTime : 28/04/2007 07:39:23
    BasePriority : Normal
    FileVersion : 5, 1, 0, 58
    ProductVersion : 5, 1, 0, 58
    ProductName : Realtek Sound Manager
    CompanyName : Realtek Semiconductor Corp.
    FileDescription : Realtek Sound Manager
    InternalName : ALSMTray
    LegalCopyright : Copyright (c) 2001-2004 Realtek Semiconductor Corp.
    OriginalFilename : ALSMTray.exe
    Comments : Realtek AC97 Audio Sound Manager

    #:24 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 308
    ThreadCreationTime : 28/04/2007 07:39:23
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:25 [adsl autoconnect.exe]
    FilePath : C:\Program Files\ADSL Autoconnect\
    ProcessID : 440
    ThreadCreationTime : 28/04/2007 07:39:26
    BasePriority : Normal
    FileVersion : 2, 0, 6, 7
    ProductVersion : 2, 0, 6, 7
    ProductName : ADSLAutoconnect
    FileDescription : ADSLAutoconnect
    InternalName : Autoconnect
    LegalCopyright : Copyright (c) 2001-2006
    OriginalFilename : ADSLAutoconnect.exe

    #:26 [ctfmon.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 516
    ThreadCreationTime : 28/04/2007 07:39:27
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : CTF Loader
    InternalName : CTFMON
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : CTFMON.EXE

    #:27 [hpqtra08.exe]
    FilePath : C:\Program Files\HP\Digital Imaging\bin\
    ProcessID : 928
    ThreadCreationTime : 28/04/2007 07:39:30
    BasePriority : Normal
    FileVersion : 53.0.13.000
    ProductVersion : 053.000.013.000
    ProductName : hp digital imaging - hp all-in-one series
    CompanyName : Hewlett-Packard Co.
    FileDescription : HP Digital Imaging Monitor
    InternalName : HPQTRA00
    LegalCopyright : Copyright (C) Hewlett-Packard Co. 1995-2004
    OriginalFilename : HPQTRA00.EXE
    Comments : HP Digital Imaging Monitor

    #:28 [ashmaisv.exe]
    FilePath : C:\Program Files\Alwil Software\Avast4\
    ProcessID : 2620
    ThreadCreationTime : 28/04/2007 07:39:48
    BasePriority : Normal

    #:29 [ashwebsv.exe]
    FilePath : C:\Program Files\Alwil Software\Avast4\
    ProcessID : 2724
    ThreadCreationTime : 28/04/2007 07:39:51
    BasePriority : Normal

    #:30 [svchost.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 3880
    ThreadCreationTime : 28/04/2007 07:40:09
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:31 [svchost.exe]
    FilePath : C:\WINDOWS\system32\
    ProcessID : 2412
    ThreadCreationTime : 28/04/2007 07:49:53
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Generic Host Process for Win32 Services
    InternalName : svchost.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : svchost.exe

    #:32 [alg.exe]
    FilePath : C:\WINDOWS\System32\
    ProcessID : 3744
    ThreadCreationTime : 28/04/2007 07:50:44
    BasePriority : Normal
    FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
    ProductVersion : 5.1.2600.2180
    ProductName : Microsoft® Windows® Operating System
    CompanyName : Microsoft Corporation
    FileDescription : Application Layer Gateway Service
    InternalName : ALG.exe
    LegalCopyright : © Microsoft Corporation. All rights reserved.
    OriginalFilename : ALG.exe

    #:33 [firefox.exe]
    FilePath : C:\Program Files\Mozilla Firefox\
    ProcessID : 7680
    ThreadCreationTime : 28/04/2007 08:27:34
    BasePriority : Normal

    #:34 [ad-aware.exe]
    FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\
    ProcessID : 7176
    ThreadCreationTime : 28/04/2007 08:38:20
    BasePriority : Normal
    FileVersion : 6.2.0.236
    ProductVersion : SE 106
    ProductName : Lavasoft Ad-Aware SE
    CompanyName : Lavasoft Sweden
    FileDescription : Ad-Aware SE Core application
    InternalName : Ad-Aware.exe
    LegalCopyright : Copyright © Lavasoft AB Sweden
    OriginalFilename : Ad-Aware.exe
    Comments : All Rights Reserved

    Résultat de l’analyse de la mémoire :
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Nouv. obj. critiques : 0
    Objets détectés jusqu'à présent : 16

    Analyse du registre démarrée
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Résultat de l’analyse du registre :
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Nouv. obj. critiques : 0
    Objets détectés jusqu'à présent : 16

    Analyse approfondie du registre démarrée
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Résultat de l’analyse approfondie du registre :
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Nouv. obj. critiques : 0
    Objets détectés jusqu'à présent : 16

    Analyse des cookies de suivi lancée
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : luis@weborama[2].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire : Hits:15
    Valeur : Cookie:luis@weborama.fr/
    Expires : 14/04/2012 18:12:46
    LastSync : Hits:15
    UseCount : 0
    Hits : 15

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : luis@www.smartadserver[1].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire : Hits:3
    Valeur : Cookie:luis@www.smartadserver.com/
    Expires : 15/04/2027 18:24:38
    LastSync : Hits:3
    UseCount : 0
    Hits : 3

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : luis@2o7[2].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire : Hits:8
    Valeur : Cookie:luis@2o7.net/
    Expires : 25/04/2012 20:48:38
    LastSync : Hits:8
    UseCount : 0
    Hits : 8

    Résultat de l’analyse des cookies de suivi :
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Nouv. obj. critiques : 3
    Objets détectés jusqu'à présent : 19

    Analyse et examen approfondis des fichiers (C:)
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : hp_propriétaire@247realmedia[1].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire :
    Valeur : C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@247realmedia[1].txt

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : hp_propriétaire@adtech[2].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire :
    Valeur : C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@adtech[2].txt

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : hp_propriétaire@fl01.ct2.comclick[1].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire :
    Valeur : C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@fl01.ct2.comclick[1].txt

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : hp_propriétaire@weborama[2].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire :
    Valeur : C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@weborama[2].txt

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : hp_propriétaire@www.smartadserver[1].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire :
    Valeur : C:\Documents and Settings\HP_Propriétaire\Cookies\hp_propriétaire@www.smartadserver[1].txt

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : marina_et_anna@2o7[2].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire :
    Valeur : C:\Documents and Settings\Marina et Anna\Cookies\marina_et_anna@2o7[2].txt

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : marina_et_anna@atdmt[2].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire :
    Valeur : C:\Documents and Settings\Marina et Anna\Cookies\marina_et_anna@atdmt[2].txt

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : marina_et_anna@msnportal.112.2o7[1].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire :
    Valeur : C:\Documents and Settings\Marina et Anna\Cookies\marina_et_anna@msnportal.112.2o7[1].txt

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : marina_et_anna@statse.webtrendslive[2].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire :
    Valeur : C:\Documents and Settings\Marina et Anna\Cookies\marina_et_anna@statse.webtrendslive[2].txt

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : marina_et_anna@weborama[2].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire :
    Valeur : C:\Documents and Settings\Marina et Anna\Cookies\marina_et_anna@weborama[2].txt

    Tracking Cookie Objet reconnu !
    Type : IECache Entry
    Données : marina_et_anna@www.smartadserver[1].txt
    Notation TAC : 3
    Catégorie : Data Miner
    Commentaire :
    Valeur : C:\Documents and Settings\Marina et Anna\Cookies\marina_et_anna@www.smartadserver[1].txt

    Résultat de l’analyse du disque pour C:\
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Nouv. obj. critiques : 0
    Objets détectés jusqu'à présent : 30

    Analyse et examen approfondis des fichiers (D:)
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Résultat de l’analyse du disque pour D:\
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Nouv. obj. critiques : 0
    Objets détectés jusqu'à présent : 30

    Analyse du fichier Hosts…...
    Emplacement du fichier Hosts :"C:\WINDOWS\system32\drivers\etc\hosts".
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Résultat d’analyse du fichier Hosts :
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    71 entrées analysées.
    Nouv. obj. critiques :0
    Objets détectés jusqu'à présent : 30

    Analyses conditionnelles en cours...
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

    Résultat d’analyse conditionnelle :
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Nouv. obj. critiques : 0
    Objets détectés jusqu'à présent : 30

    11:10:49 Analyse terminée

    Récap. de cette anal.
    »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
    Durée tot. analyse :00:19:28.422
    Objets analysés :226364
    Objets identifiés :14
    Objets ignorés :0
    Nouv. obj. critiques :14
    0
  11. luis170395 Messages postés 334 Statut Membre 51
     
    le scan en ligne ne fonctionne pas, avast me signale que le control activeX est un virus !!
    0
  12. luis170395 Messages postés 334 Statut Membre 51
     
    voila g tout fait sauf le scan en ligne
    0
  13. luis170395 Messages postés 334 Statut Membre 51
     
    aucune amélioration.
    HELP plz
    0