Ordi problématique
Résolu
Canas
Messages postés
19
Statut
Membre
-
Canas Messages postés 19 Statut Membre -
Canas Messages postés 19 Statut Membre -
Bonjour,
Mon ordinateur a de nombreux problèmes et je ne sais pas trop par ou commencer
il est lent, a un problème de pub intempestive ( pub d'antivirus, de site de vidéos, jeux d,argent virtuel etc. )
de fichier insupprimable ( après un scan de ad-Aware je suis incapable de supprimer même au redémarrage ) et un anti-virus qui m'a laissé tombé après que j,ais refusé de payer par mois et que je suis incapable de désinstallé ( ce qui bloque l'installation d'un nouveau)
Sinon j'aimerais bien savoir comment formater car je n'ai pas réessayer après mon passagege de 98 a xp ^^"
sinon voici mon log Hijackthis après avoir passé ad-aware et spybot :
Logfile of HijackThis v1.99.1
Scan saved at 12:48:14 AM, on 6/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\anvhafvb.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\BitLord\BitLord.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1401978B-4765-4004-B40F-1EFE4F606E51} - C:\WINDOWS\java\abslpay.dll
O2 - BHO: (no name) - {3780F8DB-F519-438F-BEDC-47239E298588} - C:\WINDOWS\system32\sovgcgyo.dll (file missing)
O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:\WINDOWS\system32\kuadaggb.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\fgafvapi.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Protection Bar - {0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [j2261237] rundll32 C:\WINDOWS\system32\j2261237.dll sook
O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\cswjicdr.dll",realset
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKLM\..\RunOnce: [AAW] "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" "+b1"
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm103YYUS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?24f39690d6244a42ab8aaca62a189bd7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?24f39690d6244a42ab8aaca62a189bd7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: abslpay - C:\WINDOWS\java\abslpay.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrnt32 - winrnt32.dll (file missing)
O21 - SSODL: carbinyl - {8d8c2387-7f80-4022-9be6-43630a969558} - C:\WINDOWS\system32\gwquvw.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: DomainService - - C:\WINDOWS\system32\anvhafvb.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
merci de m'aider
Mon ordinateur a de nombreux problèmes et je ne sais pas trop par ou commencer
il est lent, a un problème de pub intempestive ( pub d'antivirus, de site de vidéos, jeux d,argent virtuel etc. )
de fichier insupprimable ( après un scan de ad-Aware je suis incapable de supprimer même au redémarrage ) et un anti-virus qui m'a laissé tombé après que j,ais refusé de payer par mois et que je suis incapable de désinstallé ( ce qui bloque l'installation d'un nouveau)
Sinon j'aimerais bien savoir comment formater car je n'ai pas réessayer après mon passagege de 98 a xp ^^"
sinon voici mon log Hijackthis après avoir passé ad-aware et spybot :
Logfile of HijackThis v1.99.1
Scan saved at 12:48:14 AM, on 6/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\anvhafvb.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows NT\Accessories\WORDPAD.EXE
C:\Program Files\BitLord\BitLord.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/fr-fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.bing.com/spresults.aspx
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: (no name) - {A8BD6820-6ED7-423E-9558-2D1486B0FEEA} - C:\Program Files\DeluxeCommunications\DxcBho.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1401978B-4765-4004-B40F-1EFE4F606E51} - C:\WINDOWS\java\abslpay.dll
O2 - BHO: (no name) - {3780F8DB-F519-438F-BEDC-47239E298588} - C:\WINDOWS\system32\sovgcgyo.dll (file missing)
O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:\WINDOWS\system32\kuadaggb.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {D651AFF4-9590-424d-BD1E-8E33E090DFB3} - C:\WINDOWS\system32\fgafvapi.dll (file missing)
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Protection Bar - {0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [j2261237] rundll32 C:\WINDOWS\system32\j2261237.dll sook
O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\cswjicdr.dll",realset
O4 - HKLM\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKLM\..\RunOnce: [AAW] "C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe" "+b1"
O4 - HKCU\..\Run: [DeluxeCommunications] C:\Program Files\DeluxeCommunications\Dxc.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm103YYUS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?24f39690d6244a42ab8aaca62a189bd7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?24f39690d6244a42ab8aaca62a189bd7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: dxclib303562752.dll
O20 - Winlogon Notify: abslpay - C:\WINDOWS\java\abslpay.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrnt32 - winrnt32.dll (file missing)
O21 - SSODL: carbinyl - {8d8c2387-7f80-4022-9be6-43630a969558} - C:\WINDOWS\system32\gwquvw.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: DomainService - - C:\WINDOWS\system32\anvhafvb.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
merci de m'aider
A voir également:
- Ordi problématique
- Ordi qui rame - Guide
- Comment reinitialiser un ordi - Guide
- Ordi scrabble - Télécharger - Jeux vidéo
- Mon ordi ne reconnait pas ma clé usb - Guide
- Ecran ordi a l'envers - Guide
20 réponses
Merci beaucoup de m'aider
rapport 1 :
"Aiya" - 2007-06-26 6:27:30 - ComboFix 07-06-26.8 - Service Pack 2 NTFS
(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\asmtbtvk.dll
C:\WINDOWS\system32\aspwluqu.dll
C:\WINDOWS\system32\bbxqdcoq.dll
C:\WINDOWS\system32\bcludawn.dll
C:\WINDOWS\system32\bpxkkeof.dll
C:\WINDOWS\system32\cnlttxwn.dll
C:\WINDOWS\system32\cswjicdr.dll
C:\WINDOWS\system32\cxnmkvlr.dll
C:\WINDOWS\system32\dbcapiin.dll
C:\WINDOWS\system32\deacmihg.dll
C:\WINDOWS\system32\dipvreru.dll
C:\WINDOWS\system32\djqutvma.dll
C:\WINDOWS\system32\dkdjjyoa.dll
C:\WINDOWS\system32\dlrafgxg.dll
C:\WINDOWS\system32\dtxmnthi.dll
C:\WINDOWS\system32\dukgymwx.dll
C:\WINDOWS\system32\dvsatxdg.dll
C:\WINDOWS\system32\dvweqxfm.dll
C:\WINDOWS\system32\ealbvfcr.dll
C:\WINDOWS\system32\ebcdtxwo.dll
C:\WINDOWS\system32\ebehikug.dll
C:\WINDOWS\system32\ehcxmbye.dll
C:\WINDOWS\system32\emaoubiq.dll
C:\WINDOWS\system32\fascxfpu.dll
C:\WINDOWS\system32\fbkfycpe.dll
C:\WINDOWS\system32\ftgsrsxr.dll
C:\WINDOWS\system32\ggkqqobn.dll
C:\WINDOWS\system32\ggnimxyd.dll
C:\WINDOWS\system32\ggyyfkmk.dll
C:\WINDOWS\system32\gmasqcrm.dll
C:\WINDOWS\system32\idnyneqg.dll
C:\WINDOWS\system32\jbdqyeqs.dll
C:\WINDOWS\system32\jbrlfhhp.dll
C:\WINDOWS\system32\kfoeiend.dll
C:\WINDOWS\system32\kpdygctf.dll
C:\WINDOWS\system32\kuadaggb.dll
C:\WINDOWS\system32\kxihcpee.dll
C:\WINDOWS\system32\lckjglng.dll
C:\WINDOWS\system32\lmthljdi.dll
C:\WINDOWS\system32\lmvebunt.dll
C:\WINDOWS\system32\lnhitxyb.dll
C:\WINDOWS\system32\mdplghic.dll
C:\WINDOWS\system32\mglvtefy.dll
C:\WINDOWS\system32\mhdhaucv.dll
C:\WINDOWS\system32\mjwqlnun.dll
C:\WINDOWS\system32\mqfsfhsd.dll
C:\WINDOWS\system32\myevhvqe.dll
C:\WINDOWS\system32\nsgcenoc.dll
C:\WINDOWS\system32\nvsessga.dll
C:\WINDOWS\system32\oqbhtywo.dll
C:\WINDOWS\system32\osnduvca.dll
C:\WINDOWS\system32\outrhfed.dll
C:\WINDOWS\system32\papwsdjj.dll
C:\WINDOWS\system32\qfdfdwot.dll
C:\WINDOWS\system32\qgnbigmd.dll
C:\WINDOWS\system32\qkxcmkus.dll
C:\WINDOWS\system32\qwfkbqhd.dll
C:\WINDOWS\system32\rcqrgcwj.dll
C:\WINDOWS\system32\rovofvwu.dll
C:\WINDOWS\system32\rplbpldr.dll
C:\WINDOWS\system32\sapgqdys.dll
C:\WINDOWS\system32\shfefoud.dll
C:\WINDOWS\system32\sixvtfxl.dll
C:\WINDOWS\system32\sjqnvirt.dll
C:\WINDOWS\system32\srngekjx.dll
C:\WINDOWS\system32\ssmlqxqn.dll
C:\WINDOWS\system32\sveoflmk.dll
C:\WINDOWS\system32\tatcgxus.dll
C:\WINDOWS\system32\tcwawncy.dll
C:\WINDOWS\system32\tjihdbso.dll
C:\WINDOWS\system32\tknwraij.dll
C:\WINDOWS\system32\toraxwxy.dll
C:\WINDOWS\system32\trsckcuk.dll
C:\WINDOWS\system32\trsijjxu.dll
C:\WINDOWS\system32\ttpfqogq.dll
C:\WINDOWS\system32\udqdegea.dll
C:\WINDOWS\system32\ukmbpnmd.dll
C:\WINDOWS\system32\ukubwvdi.dll
C:\WINDOWS\system32\unsrkuil.dll
C:\WINDOWS\system32\uvfijfii.dll
C:\WINDOWS\system32\wiaamoae.dll
C:\WINDOWS\system32\wsgcgvtb.dll
C:\WINDOWS\system32\wyntabkw.dll
C:\WINDOWS\system32\xksoqaih.dll
C:\WINDOWS\system32\xlpqbhty.dll
C:\WINDOWS\system32\xqtlokst.dll
C:\WINDOWS\system32\xssjsehx.dll
C:\WINDOWS\system32\xtjiumcs.dll
C:\WINDOWS\system32\yafqxxcf.dll
C:\WINDOWS\system32\ybrkifgk.dll
C:\WINDOWS\system32\ythpcoea.dll
C:\WINDOWS\SYSTEM32\rdcijwsc.ini
C:\WINDOWS\SYSTEM32\ihtnmxtd.ini
C:\WINDOWS\SYSTEM32\nboqqkgg.ini
C:\WINDOWS\SYSTEM32\cihglpdm.ini
C:\WINDOWS\SYSTEM32\rdlpblpr.ini
C:\WINDOWS\SYSTEM32\ycnwawct.ini
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\AIMC~1.BER\APPLIC~1\Dxcknwrd.dll
C:\DOCUME~1\Aiya\APPLIC~1.\macromedia\Flash Player\#SharedObjects\CN6L9V3S\www.broadcaster.com
C:\DOCUME~1\Aiya\APPLIC~1.\macromedia\Flash Player\#SharedObjects\CN6L9V3S\www.broadcaster.com\bc_video_vars.sol
C:\DOCUME~1\Aiya\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\DOCUME~1\Aiya\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\DOCUME~1\Aiya\APPLIC~1\Dxcknwrd.dll
C:\DOCUME~1\AMLIE~1\APPLIC~1\Dxcknwrd.dll
C:\Program Files\Common Files\cloader
C:\Program Files\Common Files\cloader\32vegas\logos\32vegas_Logo.ico
C:\Program Files\Common Files\cloader\32vegas\logos\cloader_idrpr.exe
C:\Program Files\Common Files\cloader\32vegas\logos\Interop.IWshRuntimeLibrary.dll
C:\Program Files\Common Files\misc002
C:\Program Files\deluxecommunications
C:\Program Files\deluxecommunications\Dxc.exe
C:\Program Files\deluxecommunications\DxcBho.dll
C:\Program Files\deluxecommunications\DxcCore.dll
C:\WINDOWS\system32\ankhpmaj.exe
C:\WINDOWS\system32\anvhafvb.exe
C:\WINDOWS\system32\arkwrcwg.exe
C:\WINDOWS\system32\assumafy.exe
C:\WINDOWS\system32\aynjqcia.exe
C:\WINDOWS\system32\crunner
C:\WINDOWS\system32\crunner\cloader_installer.exe
C:\WINDOWS\system32\crunner\cproc.exe
C:\WINDOWS\system32\crunner\cproc.exe.config
C:\WINDOWS\system32\crunner\crunner.exe
C:\WINDOWS\system32\crunner\cupdater.exe
C:\WINDOWS\system32\crunner\cupdater.exe.config
C:\WINDOWS\system32\crunner\ICSharpCode.SharpZipLib.dll
C:\WINDOWS\system32\crunner\Version.txt
C:\WINDOWS\system32\dvcceyre.exe
C:\WINDOWS\system32\dxclib~1.dll
C:\WINDOWS\system32\gwquvw.dll
C:\WINDOWS\system32\j2261237.dll
C:\WINDOWS\system32\jgsbmdaw.exe
C:\WINDOWS\system32\jwcexxns.exe
C:\WINDOWS\system32\ntsystem.exe
C:\WINDOWS\system32\ynsbnmjo.exe
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_DOMAINSERVICE
-------\DomainService
((((((((((((((((((((((((( Files Created from 2007-05-26 to 2007-06-26 )))))))))))))))))))))))))))))))
2007-06-26 06:25 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-26 00:09 <DIR> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2007-06-22 23:54 4,628 --a------ C:\WINDOWS\SYSTEM32\cggpxtef.exe
2007-06-22 17:56 <DIR> d-------- C:\Program Files\Common Files\i4j_jres
2007-06-22 17:54 <DIR> d-------- C:\Program Files\DofusArena2
2007-06-22 12:29 81,636 --a------ C:\WINDOWS\War3Unin.dat
2007-06-22 12:29 2,829 --a------ C:\WINDOWS\War3Unin.pif
2007-06-22 12:29 139,264 --a------ C:\WINDOWS\War3Unin.exe
2007-06-06 17:11 55,316 --a------ C:\WINDOWS\SYSTEM32\qhkvbwmr.dll
2007-06-05 14:44 2,580 --a------ C:\WINDOWS\SYSTEM32\vxtxfegy.exe
2007-06-05 14:43 14,868 --a------ C:\WINDOWS\SYSTEM32\qswknery.exe
2007-05-28 21:31 <DIR> d-------- C:\WINDOWS\SYSTEM32\DRIVERS\UMDF
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-26 04:47:16 -------- d-----w C:\Program Files\Hijackthis Version Française
2007-06-25 17:34:31 -------- d-----w C:\Program Files\Warcraft III
2007-06-22 21:00:08 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-06-19 09:29:12 -------- d-----w C:\Program Files\Dofus
2007-06-13 02:05:38 17,092 ----a-w C:\DOCUME~1\Aiya\APPLIC~1\wklnhst.dat
2007-06-11 21:45:14 -------- d-----w C:\DOCUME~1\Aiya\APPLIC~1\Help
2007-06-02 03:33:15 -------- d-----w C:\Program Files\Windows Live Toolbar
2007-05-20 06:20:03 -------- d-----w C:\Program Files\DivX
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-12 14:16:40 -------- d-----w C:\Program Files\BitLord
2007-05-05 00:52:21 -------- d-----w C:\DOCUME~1\Aiya\APPLIC~1\Petroglyph
2007-05-05 00:42:21 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-05-05 00:42:01 -------- d-----w C:\Program Files\LucasArts
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-19 08:26:21 848 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-17 02:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-17 02:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-17 02:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-17 02:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-17 02:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-17 02:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-17 02:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-17 02:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-17 02:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-04-17 02:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{02478D38-C3F9-4EFB-9B51-7695ECA05670}=C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll []
{1B64FC2D-7DFE-4310-BCB4-CAD4B83AF9BF}=C:\WINDOWS\java\abslpay.dll [2007-04-14 14:06]
{3780F8DB-F519-438F-BEDC-47239E298588}=C:\WINDOWS\system32\sovgcgyo.dll []
{5CA3D70E-1895-11CF-8E15-001234567890}=C:\WINDOWS\system32\dla\tfswshx.dll [2004-08-13 03:05]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}=C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 15:56]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\McUpdate.exe" []
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\McAgent.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-02-18 14:05]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"combofix"=C:\WINDOWS\system32\cmd.exe /c C:\ComboFix\Combobatch.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"none"=C:\Program Files\Video ActiveX Object\pmsngr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{8d8c2387-7f80-4022-9be6-43630a969558}"="C:\WINDOWS\system32\gwquvw.dll" []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{54D9498B-CF93-414F-8984-8CE7FDE0D391}"="C:\Program Files\ewido\security suite\shellhook.dll" [2004-09-30 08:21]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"{8d8c2387-7f80-4022-9be6-43630a969558}"="C:\WINDOWS\system32\gwquvw.dll" []
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\abslpay]
C:\WINDOWS\java\abslpay.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winrnt32]
winrnt32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Aiya^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
path=C:\Documents and Settings\Aiya\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk
backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk
backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cprocsvc]
C:\WINDOWS\system32\crunner\cproc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol]
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\Dell Support\DSAgnt.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeluxeCommunications]
C:\Program Files\DeluxeCommunications\Dxc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\tfswctrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gwiz]
C:\WINDOWS\system32\ntsystem.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Access]
C:\Program Files\Media Access\MediaAccK.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
"C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]
Rundll32 P17.dll,P17Helper
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
"C:\Program Files\Dell\Media Experience\PCMService.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StandardInstall]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
"C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\UpdReg.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
"c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
"c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WormsArmageddon.exe]
C:\DOCUME~1\Aiya\MYDOCU~1\WORMSA~1.EXE /r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NVSvc"=2 (0x2)
"NetSvc"=3 (0x3)
"Creative Service for CDROM Access"=2 (0x2)
"ewido security suite guard"=2 (0x2)
"ewido security suite control"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Usnsvc usnsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b10d649d-86cf-11d9-9360-806d6172696f}]
AutoRun\command- D:\Autorun.exe
Contents of the 'Scheduled Tasks' folder
2007-06-26 10:04:00 C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
2007-06-22 22:30:10 C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (D1KB2V61-Aiya).job
2007-06-26 10:55:00 C:\WINDOWS\tasks\McAfee.com Update Check (D1KB2V61-Aiya).job
2007-06-26 10:54:00 C:\WINDOWS\tasks\McAfee.com Update Check (D1KB2V61-Amélie).job
2007-06-26 10:54:00 C:\WINDOWS\tasks\McAfee.com Update Check (D1KB2V61-Olivier).job
2007-06-26 10:54:01 C:\WINDOWS\tasks\McAfee.com Update Check (D1KB2V61-Owner).job
**************************************************************************
catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-26 06:54:13
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-06-26 6:57:58 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-06-26 06:57
--- E O F ---
Rapport Hijack :
Logfile of HijackThis v1.99.1
Scan saved at 7:14:27 AM, on 6/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nkhjijbl.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1B64FC2D-7DFE-4310-BCB4-CAD4B83AF9BF} - C:\WINDOWS\java\abslpay.dll
O2 - BHO: (no name) - {3780F8DB-F519-438F-BEDC-47239E298588} - C:\WINDOWS\system32\sovgcgyo.dll (file missing)
O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:\WINDOWS\system32\lvrgvnow.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Protection Bar - {0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\opuyflai.dll",realset
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm103YYUS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?24f39690d6244a42ab8aaca62a189bd7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?24f39690d6244a42ab8aaca62a189bd7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: abslpay - C:\WINDOWS\java\abslpay.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrnt32 - winrnt32.dll (file missing)
O21 - SSODL: carbinyl - {8d8c2387-7f80-4022-9be6-43630a969558} - C:\WINDOWS\system32\gwquvw.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: DomainService - - C:\WINDOWS\system32\nkhjijbl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
et pour l'anti virus c plus compliqué que ajout/supression les fichiers ne se suppriment pas et bloqué l'installation d'un autre antivirus
rapport 1 :
"Aiya" - 2007-06-26 6:27:30 - ComboFix 07-06-26.8 - Service Pack 2 NTFS
(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\asmtbtvk.dll
C:\WINDOWS\system32\aspwluqu.dll
C:\WINDOWS\system32\bbxqdcoq.dll
C:\WINDOWS\system32\bcludawn.dll
C:\WINDOWS\system32\bpxkkeof.dll
C:\WINDOWS\system32\cnlttxwn.dll
C:\WINDOWS\system32\cswjicdr.dll
C:\WINDOWS\system32\cxnmkvlr.dll
C:\WINDOWS\system32\dbcapiin.dll
C:\WINDOWS\system32\deacmihg.dll
C:\WINDOWS\system32\dipvreru.dll
C:\WINDOWS\system32\djqutvma.dll
C:\WINDOWS\system32\dkdjjyoa.dll
C:\WINDOWS\system32\dlrafgxg.dll
C:\WINDOWS\system32\dtxmnthi.dll
C:\WINDOWS\system32\dukgymwx.dll
C:\WINDOWS\system32\dvsatxdg.dll
C:\WINDOWS\system32\dvweqxfm.dll
C:\WINDOWS\system32\ealbvfcr.dll
C:\WINDOWS\system32\ebcdtxwo.dll
C:\WINDOWS\system32\ebehikug.dll
C:\WINDOWS\system32\ehcxmbye.dll
C:\WINDOWS\system32\emaoubiq.dll
C:\WINDOWS\system32\fascxfpu.dll
C:\WINDOWS\system32\fbkfycpe.dll
C:\WINDOWS\system32\ftgsrsxr.dll
C:\WINDOWS\system32\ggkqqobn.dll
C:\WINDOWS\system32\ggnimxyd.dll
C:\WINDOWS\system32\ggyyfkmk.dll
C:\WINDOWS\system32\gmasqcrm.dll
C:\WINDOWS\system32\idnyneqg.dll
C:\WINDOWS\system32\jbdqyeqs.dll
C:\WINDOWS\system32\jbrlfhhp.dll
C:\WINDOWS\system32\kfoeiend.dll
C:\WINDOWS\system32\kpdygctf.dll
C:\WINDOWS\system32\kuadaggb.dll
C:\WINDOWS\system32\kxihcpee.dll
C:\WINDOWS\system32\lckjglng.dll
C:\WINDOWS\system32\lmthljdi.dll
C:\WINDOWS\system32\lmvebunt.dll
C:\WINDOWS\system32\lnhitxyb.dll
C:\WINDOWS\system32\mdplghic.dll
C:\WINDOWS\system32\mglvtefy.dll
C:\WINDOWS\system32\mhdhaucv.dll
C:\WINDOWS\system32\mjwqlnun.dll
C:\WINDOWS\system32\mqfsfhsd.dll
C:\WINDOWS\system32\myevhvqe.dll
C:\WINDOWS\system32\nsgcenoc.dll
C:\WINDOWS\system32\nvsessga.dll
C:\WINDOWS\system32\oqbhtywo.dll
C:\WINDOWS\system32\osnduvca.dll
C:\WINDOWS\system32\outrhfed.dll
C:\WINDOWS\system32\papwsdjj.dll
C:\WINDOWS\system32\qfdfdwot.dll
C:\WINDOWS\system32\qgnbigmd.dll
C:\WINDOWS\system32\qkxcmkus.dll
C:\WINDOWS\system32\qwfkbqhd.dll
C:\WINDOWS\system32\rcqrgcwj.dll
C:\WINDOWS\system32\rovofvwu.dll
C:\WINDOWS\system32\rplbpldr.dll
C:\WINDOWS\system32\sapgqdys.dll
C:\WINDOWS\system32\shfefoud.dll
C:\WINDOWS\system32\sixvtfxl.dll
C:\WINDOWS\system32\sjqnvirt.dll
C:\WINDOWS\system32\srngekjx.dll
C:\WINDOWS\system32\ssmlqxqn.dll
C:\WINDOWS\system32\sveoflmk.dll
C:\WINDOWS\system32\tatcgxus.dll
C:\WINDOWS\system32\tcwawncy.dll
C:\WINDOWS\system32\tjihdbso.dll
C:\WINDOWS\system32\tknwraij.dll
C:\WINDOWS\system32\toraxwxy.dll
C:\WINDOWS\system32\trsckcuk.dll
C:\WINDOWS\system32\trsijjxu.dll
C:\WINDOWS\system32\ttpfqogq.dll
C:\WINDOWS\system32\udqdegea.dll
C:\WINDOWS\system32\ukmbpnmd.dll
C:\WINDOWS\system32\ukubwvdi.dll
C:\WINDOWS\system32\unsrkuil.dll
C:\WINDOWS\system32\uvfijfii.dll
C:\WINDOWS\system32\wiaamoae.dll
C:\WINDOWS\system32\wsgcgvtb.dll
C:\WINDOWS\system32\wyntabkw.dll
C:\WINDOWS\system32\xksoqaih.dll
C:\WINDOWS\system32\xlpqbhty.dll
C:\WINDOWS\system32\xqtlokst.dll
C:\WINDOWS\system32\xssjsehx.dll
C:\WINDOWS\system32\xtjiumcs.dll
C:\WINDOWS\system32\yafqxxcf.dll
C:\WINDOWS\system32\ybrkifgk.dll
C:\WINDOWS\system32\ythpcoea.dll
C:\WINDOWS\SYSTEM32\rdcijwsc.ini
C:\WINDOWS\SYSTEM32\ihtnmxtd.ini
C:\WINDOWS\SYSTEM32\nboqqkgg.ini
C:\WINDOWS\SYSTEM32\cihglpdm.ini
C:\WINDOWS\SYSTEM32\rdlpblpr.ini
C:\WINDOWS\SYSTEM32\ycnwawct.ini
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\AIMC~1.BER\APPLIC~1\Dxcknwrd.dll
C:\DOCUME~1\Aiya\APPLIC~1.\macromedia\Flash Player\#SharedObjects\CN6L9V3S\www.broadcaster.com
C:\DOCUME~1\Aiya\APPLIC~1.\macromedia\Flash Player\#SharedObjects\CN6L9V3S\www.broadcaster.com\bc_video_vars.sol
C:\DOCUME~1\Aiya\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\DOCUME~1\Aiya\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\DOCUME~1\Aiya\APPLIC~1\Dxcknwrd.dll
C:\DOCUME~1\AMLIE~1\APPLIC~1\Dxcknwrd.dll
C:\Program Files\Common Files\cloader
C:\Program Files\Common Files\cloader\32vegas\logos\32vegas_Logo.ico
C:\Program Files\Common Files\cloader\32vegas\logos\cloader_idrpr.exe
C:\Program Files\Common Files\cloader\32vegas\logos\Interop.IWshRuntimeLibrary.dll
C:\Program Files\Common Files\misc002
C:\Program Files\deluxecommunications
C:\Program Files\deluxecommunications\Dxc.exe
C:\Program Files\deluxecommunications\DxcBho.dll
C:\Program Files\deluxecommunications\DxcCore.dll
C:\WINDOWS\system32\ankhpmaj.exe
C:\WINDOWS\system32\anvhafvb.exe
C:\WINDOWS\system32\arkwrcwg.exe
C:\WINDOWS\system32\assumafy.exe
C:\WINDOWS\system32\aynjqcia.exe
C:\WINDOWS\system32\crunner
C:\WINDOWS\system32\crunner\cloader_installer.exe
C:\WINDOWS\system32\crunner\cproc.exe
C:\WINDOWS\system32\crunner\cproc.exe.config
C:\WINDOWS\system32\crunner\crunner.exe
C:\WINDOWS\system32\crunner\cupdater.exe
C:\WINDOWS\system32\crunner\cupdater.exe.config
C:\WINDOWS\system32\crunner\ICSharpCode.SharpZipLib.dll
C:\WINDOWS\system32\crunner\Version.txt
C:\WINDOWS\system32\dvcceyre.exe
C:\WINDOWS\system32\dxclib~1.dll
C:\WINDOWS\system32\gwquvw.dll
C:\WINDOWS\system32\j2261237.dll
C:\WINDOWS\system32\jgsbmdaw.exe
C:\WINDOWS\system32\jwcexxns.exe
C:\WINDOWS\system32\ntsystem.exe
C:\WINDOWS\system32\ynsbnmjo.exe
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_DOMAINSERVICE
-------\DomainService
((((((((((((((((((((((((( Files Created from 2007-05-26 to 2007-06-26 )))))))))))))))))))))))))))))))
2007-06-26 06:25 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-26 00:09 <DIR> d-------- C:\Program Files\Hijackthis Version Fran‡aise
2007-06-22 23:54 4,628 --a------ C:\WINDOWS\SYSTEM32\cggpxtef.exe
2007-06-22 17:56 <DIR> d-------- C:\Program Files\Common Files\i4j_jres
2007-06-22 17:54 <DIR> d-------- C:\Program Files\DofusArena2
2007-06-22 12:29 81,636 --a------ C:\WINDOWS\War3Unin.dat
2007-06-22 12:29 2,829 --a------ C:\WINDOWS\War3Unin.pif
2007-06-22 12:29 139,264 --a------ C:\WINDOWS\War3Unin.exe
2007-06-06 17:11 55,316 --a------ C:\WINDOWS\SYSTEM32\qhkvbwmr.dll
2007-06-05 14:44 2,580 --a------ C:\WINDOWS\SYSTEM32\vxtxfegy.exe
2007-06-05 14:43 14,868 --a------ C:\WINDOWS\SYSTEM32\qswknery.exe
2007-05-28 21:31 <DIR> d-------- C:\WINDOWS\SYSTEM32\DRIVERS\UMDF
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-26 04:47:16 -------- d-----w C:\Program Files\Hijackthis Version Française
2007-06-25 17:34:31 -------- d-----w C:\Program Files\Warcraft III
2007-06-22 21:00:08 98,304 ----a-w C:\WINDOWS\system32\CmdLineExt.dll
2007-06-19 09:29:12 -------- d-----w C:\Program Files\Dofus
2007-06-13 02:05:38 17,092 ----a-w C:\DOCUME~1\Aiya\APPLIC~1\wklnhst.dat
2007-06-11 21:45:14 -------- d-----w C:\DOCUME~1\Aiya\APPLIC~1\Help
2007-06-02 03:33:15 -------- d-----w C:\Program Files\Windows Live Toolbar
2007-05-20 06:20:03 -------- d-----w C:\Program Files\DivX
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-05-12 14:16:40 -------- d-----w C:\Program Files\BitLord
2007-05-05 00:52:21 -------- d-----w C:\DOCUME~1\Aiya\APPLIC~1\Petroglyph
2007-05-05 00:42:21 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-05-05 00:42:01 -------- d-----w C:\Program Files\LucasArts
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-19 08:26:21 848 --sha-w C:\WINDOWS\system32\KGyGaAvL.sys
2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-17 02:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-17 02:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-17 02:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-17 02:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-17 02:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-17 02:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-17 02:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-17 02:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-04-17 02:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll
2007-04-17 02:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{02478D38-C3F9-4EFB-9B51-7695ECA05670}=C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll []
{1B64FC2D-7DFE-4310-BCB4-CAD4B83AF9BF}=C:\WINDOWS\java\abslpay.dll [2007-04-14 14:06]
{3780F8DB-F519-438F-BEDC-47239E298588}=C:\WINDOWS\system32\sovgcgyo.dll []
{5CA3D70E-1895-11CF-8E15-001234567890}=C:\WINDOWS\system32\dla\tfswshx.dll [2004-08-13 03:05]
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}=C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 15:56]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MCUpdateExe"="C:\PROGRA~1\mcafee.com\agent\McUpdate.exe" []
"MCAgentExe"="c:\PROGRA~1\mcafee.com\agent\McAgent.exe" []
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2005-02-18 14:05]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 07:00]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"combofix"=C:\WINDOWS\system32\cmd.exe /c C:\ComboFix\Combobatch.bat
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]
"none"=C:\Program Files\Video ActiveX Object\pmsngr.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{8d8c2387-7f80-4022-9be6-43630a969558}"="C:\WINDOWS\system32\gwquvw.dll" []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{54D9498B-CF93-414F-8984-8CE7FDE0D391}"="C:\Program Files\ewido\security suite\shellhook.dll" [2004-09-30 08:21]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"{8d8c2387-7f80-4022-9be6-43630a969558}"="C:\WINDOWS\system32\gwquvw.dll" []
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\abslpay]
C:\WINDOWS\java\abslpay.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\winrnt32]
winrnt32.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Aiya^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
path=C:\Documents and Settings\Aiya\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk
backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk
backup=C:\WINDOWS\pss\MyWebSearch Email Plugin.lnkCommon Startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cprocsvc]
C:\WINDOWS\system32\crunner\cproc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTSysVol]
C:\Program Files\Creative\Sound Blaster Live! 24-bit\Surround Mixer\CTSysVol.exe /r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
"C:\Program Files\Dell Support\DSAgnt.exe" /startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DeluxeCommunications]
C:\Program Files\DeluxeCommunications\Dxc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
C:\WINDOWS\system32\dla\tfswctrl.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
"C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\gwiz]
C:\WINDOWS\system32\ntsystem.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb05.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
C:\WINDOWS\system32\hkcmd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
C:\WINDOWS\system32\igfxpers.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray]
C:\WINDOWS\system32\igfxtray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelMeM]
C:\Program Files\Intel\Modem Event Monitor\IntelMEM.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Media Access]
C:\Program Files\Media Access\MediaAccK.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mmtask]
"C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Motive SmartBridge]
C:\PROGRA~1\NETASS~1\SMARTB~1\MotiveSB.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MPFExe]
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MyWebSearch Email Plugin]
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\P17Helper]
Rundll32 P17.dll,P17Helper
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMService]
"C:\Program Files\Dell\Media Experience\PCMService.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMAXPnP]
C:\Program Files\Analog Devices\Core\smax4pnp.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StandardInstall]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateManager]
"C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\UpdReg.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VirusScan Online]
"c:\PROGRA~1\mcafee.com\vso\mcvsshld.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VSOCheckTask]
"c:\PROGRA~1\mcafee.com\vso\mcmnhdlr.exe" /checktask
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WormsArmageddon.exe]
C:\DOCUME~1\Aiya\MYDOCU~1\WORMSA~1.EXE /r
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"NVSvc"=2 (0x2)
"NetSvc"=3 (0x3)
"Creative Service for CDROM Access"=2 (0x2)
"ewido security suite guard"=2 (0x2)
"ewido security suite control"=2 (0x2)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
Usnsvc usnsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b10d649d-86cf-11d9-9360-806d6172696f}]
AutoRun\command- D:\Autorun.exe
Contents of the 'Scheduled Tasks' folder
2007-06-26 10:04:00 C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
2007-06-22 22:30:10 C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (D1KB2V61-Aiya).job
2007-06-26 10:55:00 C:\WINDOWS\tasks\McAfee.com Update Check (D1KB2V61-Aiya).job
2007-06-26 10:54:00 C:\WINDOWS\tasks\McAfee.com Update Check (D1KB2V61-Amélie).job
2007-06-26 10:54:00 C:\WINDOWS\tasks\McAfee.com Update Check (D1KB2V61-Olivier).job
2007-06-26 10:54:01 C:\WINDOWS\tasks\McAfee.com Update Check (D1KB2V61-Owner).job
**************************************************************************
catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-26 06:54:13
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-06-26 6:57:58 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-06-26 06:57
--- E O F ---
Rapport Hijack :
Logfile of HijackThis v1.99.1
Scan saved at 7:14:27 AM, on 6/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nkhjijbl.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1B64FC2D-7DFE-4310-BCB4-CAD4B83AF9BF} - C:\WINDOWS\java\abslpay.dll
O2 - BHO: (no name) - {3780F8DB-F519-438F-BEDC-47239E298588} - C:\WINDOWS\system32\sovgcgyo.dll (file missing)
O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:\WINDOWS\system32\lvrgvnow.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Protection Bar - {0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GPLv3] rundll32.exe "C:\WINDOWS\system32\opuyflai.dll",realset
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm103YYUS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?24f39690d6244a42ab8aaca62a189bd7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?24f39690d6244a42ab8aaca62a189bd7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: abslpay - C:\WINDOWS\java\abslpay.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrnt32 - winrnt32.dll (file missing)
O21 - SSODL: carbinyl - {8d8c2387-7f80-4022-9be6-43630a969558} - C:\WINDOWS\system32\gwquvw.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: DomainService - - C:\WINDOWS\system32\nkhjijbl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
et pour l'anti virus c plus compliqué que ajout/supression les fichiers ne se suppriment pas et bloqué l'installation d'un autre antivirus
bonjour!le log je ne suis pas compétente par contre pour ton antivirus,vas ds panneau de configuration,ajout et suppression de programme et après tu télécharge avast antivirus gratuit et télécharges aussi un antispyware.
Bonjour,
* Télécharge combofix.exe (par sUBs) sur ton Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Double clique combofix.exe et suis les invites.
* Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse avec un nouveau rapport Hijackthis.
FillPCA
* Télécharge combofix.exe (par sUBs) sur ton Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Double clique combofix.exe et suis les invites.
* Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse avec un nouveau rapport Hijackthis.
FillPCA
Re,
Pour l'antivirus, nous verrons plus tard.
# Télécharge Vundofix (par Atribune) sur ton Bureau : http://www.atribune.org/ccount/click.php?id=4
# Double-clique VundoFix.exe afin de le lancer.
# Clique sur le bouton Scan for Vundo.
# Lorsque le scan est complété, clique sur le bouton Remove Vundo (uniquement si des fichiers infectieux sont trouvés).
# Une invite te demandera si tu veux supprimer les fichiers, clique YES.
# Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
# Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK.
# Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.
FillPCA
Pour l'antivirus, nous verrons plus tard.
# Télécharge Vundofix (par Atribune) sur ton Bureau : http://www.atribune.org/ccount/click.php?id=4
# Double-clique VundoFix.exe afin de le lancer.
# Clique sur le bouton Scan for Vundo.
# Lorsque le scan est complété, clique sur le bouton Remove Vundo (uniquement si des fichiers infectieux sont trouvés).
# Une invite te demandera si tu veux supprimer les fichiers, clique YES.
# Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
# Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK.
# Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis! dans ta prochaine réponse.
FillPCA
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 7:56:59 AM 6/26/2007
Listing files found while scanning....
C:\WINDOWS\java\abslpay.dll
C:\WINDOWS\java\yaplsba.bak1
C:\WINDOWS\java\yaplsba.bak2
C:\WINDOWS\java\yaplsba.ini
C:\WINDOWS\java\yaplsba.ini2
C:\WINDOWS\java\yaplsba.tmp
C:\WINDOWS\system32\bjtlwgsi.dll
C:\windows\system32\gainsjfk.exe
C:\windows\system32\ialfyupo.ini
C:\windows\system32\knojklhw.dll
C:\WINDOWS\system32\lvrgvnow.dll
C:\WINDOWS\system32\opuyflai.dll
C:\windows\system32\qswknery.exe
C:\windows\system32\uqhkqary.exe
C:\windows\system32\vxtxfegy.exe
Beginning removal...
Attempting to delete C:\WINDOWS\java\abslpay.dll
C:\WINDOWS\java\abslpay.dll Has been deleted!
Attempting to delete C:\WINDOWS\java\yaplsba.bak1
C:\WINDOWS\java\yaplsba.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\java\yaplsba.bak2
C:\WINDOWS\java\yaplsba.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\java\yaplsba.ini
C:\WINDOWS\java\yaplsba.ini Has been deleted!
Attempting to delete C:\WINDOWS\java\yaplsba.ini2
C:\WINDOWS\java\yaplsba.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\java\yaplsba.tmp
C:\WINDOWS\java\yaplsba.tmp Has been deleted!
Attempting to delete C:\WINDOWS\system32\bjtlwgsi.dll
C:\WINDOWS\system32\bjtlwgsi.dll Has been deleted!
Attempting to delete C:\windows\system32\gainsjfk.exe
C:\windows\system32\gainsjfk.exe Has been deleted!
Attempting to delete C:\windows\system32\ialfyupo.ini
C:\windows\system32\ialfyupo.ini Has been deleted!
Attempting to delete C:\windows\system32\knojklhw.dll
C:\windows\system32\knojklhw.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\lvrgvnow.dll
C:\WINDOWS\system32\lvrgvnow.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\opuyflai.dll
C:\WINDOWS\system32\opuyflai.dll Could not be deleted.
Attempting to delete C:\windows\system32\qswknery.exe
C:\windows\system32\qswknery.exe Has been deleted!
Attempting to delete C:\windows\system32\uqhkqary.exe
C:\windows\system32\uqhkqary.exe Has been deleted!
Attempting to delete C:\windows\system32\vxtxfegy.exe
C:\windows\system32\vxtxfegy.exe Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 8:31:24 AM 6/26/2007
Listing files found while scanning....
C:\windows\system32\opuyflai.dll
Beginning removal...
Attempting to delete C:\windows\system32\opuyflai.dll
C:\windows\system32\opuyflai.dll Has been deleted!
Performing Repairs to the registry.
Done!
____________________
Logfile of HijackThis v1.99.1
Scan saved at 9:30:31 AM, on 6/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nkhjijbl.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1B64FC2D-7DFE-4310-BCB4-CAD4B83AF9BF} - C:\WINDOWS\java\abslpay.dll (file missing)
O2 - BHO: (no name) - {3780F8DB-F519-438F-BEDC-47239E298588} - C:\WINDOWS\system32\sovgcgyo.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Protection Bar - {0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm103YYUS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?24f39690d6244a42ab8aaca62a189bd7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?24f39690d6244a42ab8aaca62a189bd7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrnt32 - winrnt32.dll (file missing)
O21 - SSODL: carbinyl - {8d8c2387-7f80-4022-9be6-43630a969558} - C:\WINDOWS\system32\gwquvw.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: DomainService - - C:\WINDOWS\system32\nkhjijbl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 7:56:59 AM 6/26/2007
Listing files found while scanning....
C:\WINDOWS\java\abslpay.dll
C:\WINDOWS\java\yaplsba.bak1
C:\WINDOWS\java\yaplsba.bak2
C:\WINDOWS\java\yaplsba.ini
C:\WINDOWS\java\yaplsba.ini2
C:\WINDOWS\java\yaplsba.tmp
C:\WINDOWS\system32\bjtlwgsi.dll
C:\windows\system32\gainsjfk.exe
C:\windows\system32\ialfyupo.ini
C:\windows\system32\knojklhw.dll
C:\WINDOWS\system32\lvrgvnow.dll
C:\WINDOWS\system32\opuyflai.dll
C:\windows\system32\qswknery.exe
C:\windows\system32\uqhkqary.exe
C:\windows\system32\vxtxfegy.exe
Beginning removal...
Attempting to delete C:\WINDOWS\java\abslpay.dll
C:\WINDOWS\java\abslpay.dll Has been deleted!
Attempting to delete C:\WINDOWS\java\yaplsba.bak1
C:\WINDOWS\java\yaplsba.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\java\yaplsba.bak2
C:\WINDOWS\java\yaplsba.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\java\yaplsba.ini
C:\WINDOWS\java\yaplsba.ini Has been deleted!
Attempting to delete C:\WINDOWS\java\yaplsba.ini2
C:\WINDOWS\java\yaplsba.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\java\yaplsba.tmp
C:\WINDOWS\java\yaplsba.tmp Has been deleted!
Attempting to delete C:\WINDOWS\system32\bjtlwgsi.dll
C:\WINDOWS\system32\bjtlwgsi.dll Has been deleted!
Attempting to delete C:\windows\system32\gainsjfk.exe
C:\windows\system32\gainsjfk.exe Has been deleted!
Attempting to delete C:\windows\system32\ialfyupo.ini
C:\windows\system32\ialfyupo.ini Has been deleted!
Attempting to delete C:\windows\system32\knojklhw.dll
C:\windows\system32\knojklhw.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\lvrgvnow.dll
C:\WINDOWS\system32\lvrgvnow.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\opuyflai.dll
C:\WINDOWS\system32\opuyflai.dll Could not be deleted.
Attempting to delete C:\windows\system32\qswknery.exe
C:\windows\system32\qswknery.exe Has been deleted!
Attempting to delete C:\windows\system32\uqhkqary.exe
C:\windows\system32\uqhkqary.exe Has been deleted!
Attempting to delete C:\windows\system32\vxtxfegy.exe
C:\windows\system32\vxtxfegy.exe Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.5.1
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Scan started at 8:31:24 AM 6/26/2007
Listing files found while scanning....
C:\windows\system32\opuyflai.dll
Beginning removal...
Attempting to delete C:\windows\system32\opuyflai.dll
C:\windows\system32\opuyflai.dll Has been deleted!
Performing Repairs to the registry.
Done!
____________________
Logfile of HijackThis v1.99.1
Scan saved at 9:30:31 AM, on 6/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nkhjijbl.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1B64FC2D-7DFE-4310-BCB4-CAD4B83AF9BF} - C:\WINDOWS\java\abslpay.dll (file missing)
O2 - BHO: (no name) - {3780F8DB-F519-438F-BEDC-47239E298588} - C:\WINDOWS\system32\sovgcgyo.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O3 - Toolbar: Protection Bar - {0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} - C:\Program Files\Video ActiveX Object\iesplugin.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm103YYUS
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?24f39690d6244a42ab8aaca62a189bd7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?24f39690d6244a42ab8aaca62a189bd7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winrnt32 - winrnt32.dll (file missing)
O21 - SSODL: carbinyl - {8d8c2387-7f80-4022-9be6-43630a969558} - C:\WINDOWS\system32\gwquvw.dll (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: DomainService - - C:\WINDOWS\system32\nkhjijbl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
Re,
* Télécharger smitfraudfix (de S!Ri) sur le bureau : http://siri.urz.free.fr/Fix/SmitfraudFix.exe
* Clique sur smitfraudfix.exe
* Choisis l'option 1 et colle dans ta réponse le rapport généré par smitfraudfix. Ce rapport se trouve dans la fenêtre du bloc-note qui s’ouvre.
* Ferme l'application en tapant sur la touche Q.
* Télécharger smitfraudfix (de S!Ri) sur le bureau : http://siri.urz.free.fr/Fix/SmitfraudFix.exe
* Clique sur smitfraudfix.exe
* Choisis l'option 1 et colle dans ta réponse le rapport généré par smitfraudfix. Ce rapport se trouve dans la fenêtre du bloc-note qui s’ouvre.
* Ferme l'application en tapant sur la touche Q.
SmitFraudFix v2.196
Scan done at 16:03:38.04, Tue 06/26/2007
Run from C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nkhjijbl.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\CSCRIPT.EXE
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Aiya
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Aiya\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Aiya\FAVORI~1
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{8d8c2387-7f80-4022-9be6-43630a969558}"="carbinyl"
[HKEY_CLASSES_ROOT\CLSID\{8d8c2387-7f80-4022-9be6-43630a969558}\InProcServer32]
@="C:\WINDOWS\system32\gwquvw.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8d8c2387-7f80-4022-9be6-43630a969558}\InProcServer32]
@="C:\WINDOWS\system32\gwquvw.dll"
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Intel(R) PRO/100 VE Network Connection - Packet Scheduler Miniport
DNS Server Search Order: 192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{C7435EDF-F7E7-486B-873C-EEF2B0DC6221}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{C7435EDF-F7E7-486B-873C-EEF2B0DC6221}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{C7435EDF-F7E7-486B-873C-EEF2B0DC6221}: DhcpNameServer=192.168.2.1 192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1 192.168.2.1
»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
Scan done at 16:03:38.04, Tue 06/26/2007
Run from C:\Program Files\Mozilla Firefox\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\nkhjijbl.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\CSCRIPT.EXE
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Aiya
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Aiya\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Aiya\FAVORI~1
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{8d8c2387-7f80-4022-9be6-43630a969558}"="carbinyl"
[HKEY_CLASSES_ROOT\CLSID\{8d8c2387-7f80-4022-9be6-43630a969558}\InProcServer32]
@="C:\WINDOWS\system32\gwquvw.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{8d8c2387-7f80-4022-9be6-43630a969558}\InProcServer32]
@="C:\WINDOWS\system32\gwquvw.dll"
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Intel(R) PRO/100 VE Network Connection - Packet Scheduler Miniport
DNS Server Search Order: 192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{C7435EDF-F7E7-486B-873C-EEF2B0DC6221}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{C7435EDF-F7E7-486B-873C-EEF2B0DC6221}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{C7435EDF-F7E7-486B-873C-EEF2B0DC6221}: DhcpNameServer=192.168.2.1 192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=192.168.2.1 192.168.2.1
»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
Re,
OK. On attaque !
1) Pour désinstaller Mac Afee, il y a ce lien : http://grandpublic.kaspersky.fr/forum/viewtopic.php?p=32962&sid=e3a2188c090065127dcd771a3ef7bb38
2) Ouvre Hijackthis>"Faire une analyse seulement" et coche ceci :
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: (no name) - {1B64FC2D-7DFE-4310-BCB4-CAD4B83AF9BF} - C:\WINDOWS\java\abslpay.dll (file missing)
O2 - BHO: (no name) - {3780F8DB-F519-438F-BEDC-47239E298588} - C:\WINDOWS\system32\sovgcgyo.dll (file missing)
O20 - Winlogon Notify: winrnt32 - winrnt32.dll (file missing)
O21 - SSODL: carbinyl - {8d8c2387-7f80-4022-9be6-43630a969558} - C:\WINDOWS\system32\gwquvw.dll (file missing)
3) * Prière d'imprimer ces instructions, ou de les coller dans un fichier texte pour lecture en mode Sans Échec.
* Télécharge Brute Force Uninstaller (de Merijn) : http://www.merijn.org/files/bfu.zip
* Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU).
* Fais un clic droit ici : http://perso.orange.fr/Chercheur-perso/scripts/toolbar.bfu
et choisis "Enregistrer la cible sous..." afin de télécharger toolbar.bfu (de Chercheur). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : toolbar.bfu et BFU.exe (très important).
* Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 ou F5 ; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
* Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU).
o Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur : toolbar.bfu
o Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\toolbar.bfu
o Clique sur Execute et laisse-le faire son travail.
o Attendre que Complete script execution apparaîsse et clique sur OK.
o Clique Exit pour fermer le programme BFU.
4) * Télécharge OTMoveIt (de Old_Timer) sur ton bureau : http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe
* Double-clique sur OTMoveIt.exe pour lancer le programme,
* Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste List Of Files/Folders to be moved" :
C:\WINDOWS\SYSTEM32\cggpxtef.exe
C:\WINDOWS\SYSTEM32\qhkvbwmr.dll
C:\WINDOWS\system32\nkhjijbl.exe
* Clique sur MoveIt! pour lancer la suppression,
* Le résultat appraraîtra dans le cadre Results.
* Clique sur Exit pour fermer le programme.
* Poste le rapport qui est situé ici : C:\\\_OTMoveIt\MovedFiles
* Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.
5) Télécharge Ccleaner : http://www.filehippo.com/download/9838386a743262a2d7aaedfb3b432ae2/download/
Installe-le en décochant la toolbar Yahoo !
Ouvre Ccleaner, clique sur "analyse" puis "lancer le nettoyage".
6) Télécharge AVGantispyware : https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente.
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas. Ensuite.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
8) Edite ces rapports :
OTMoveIt, AVGantispyware et Hijackthis.
FillPCA
OK. On attaque !
1) Pour désinstaller Mac Afee, il y a ce lien : http://grandpublic.kaspersky.fr/forum/viewtopic.php?p=32962&sid=e3a2188c090065127dcd771a3ef7bb38
2) Ouvre Hijackthis>"Faire une analyse seulement" et coche ceci :
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: (no name) - {1B64FC2D-7DFE-4310-BCB4-CAD4B83AF9BF} - C:\WINDOWS\java\abslpay.dll (file missing)
O2 - BHO: (no name) - {3780F8DB-F519-438F-BEDC-47239E298588} - C:\WINDOWS\system32\sovgcgyo.dll (file missing)
O20 - Winlogon Notify: winrnt32 - winrnt32.dll (file missing)
O21 - SSODL: carbinyl - {8d8c2387-7f80-4022-9be6-43630a969558} - C:\WINDOWS\system32\gwquvw.dll (file missing)
3) * Prière d'imprimer ces instructions, ou de les coller dans un fichier texte pour lecture en mode Sans Échec.
* Télécharge Brute Force Uninstaller (de Merijn) : http://www.merijn.org/files/bfu.zip
* Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU).
* Fais un clic droit ici : http://perso.orange.fr/Chercheur-perso/scripts/toolbar.bfu
et choisis "Enregistrer la cible sous..." afin de télécharger toolbar.bfu (de Chercheur). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : toolbar.bfu et BFU.exe (très important).
* Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 ou F5 ; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
* Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU).
o Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur : toolbar.bfu
o Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\toolbar.bfu
o Clique sur Execute et laisse-le faire son travail.
o Attendre que Complete script execution apparaîsse et clique sur OK.
o Clique Exit pour fermer le programme BFU.
4) * Télécharge OTMoveIt (de Old_Timer) sur ton bureau : http://download.bleepingcomputer.com/oldtimer/OTMoveIt.exe
* Double-clique sur OTMoveIt.exe pour lancer le programme,
* Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste List Of Files/Folders to be moved" :
C:\WINDOWS\SYSTEM32\cggpxtef.exe
C:\WINDOWS\SYSTEM32\qhkvbwmr.dll
C:\WINDOWS\system32\nkhjijbl.exe
* Clique sur MoveIt! pour lancer la suppression,
* Le résultat appraraîtra dans le cadre Results.
* Clique sur Exit pour fermer le programme.
* Poste le rapport qui est situé ici : C:\\\_OTMoveIt\MovedFiles
* Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.
5) Télécharge Ccleaner : http://www.filehippo.com/download/9838386a743262a2d7aaedfb3b432ae2/download/
Installe-le en décochant la toolbar Yahoo !
Ouvre Ccleaner, clique sur "analyse" puis "lancer le nettoyage".
6) Télécharge AVGantispyware : https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente.
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas. Ensuite.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
8) Edite ces rapports :
OTMoveIt, AVGantispyware et Hijackthis.
FillPCA
C:\WINDOWS\SYSTEM32\cggpxtef.exe moved successfully.
DllUnregisterServer procedure not found in C:\WINDOWS\SYSTEM32\qhkvbwmr.dll
C:\WINDOWS\SYSTEM32\qhkvbwmr.dll NOT unregistered.
C:\WINDOWS\SYSTEM32\qhkvbwmr.dll moved successfully.
C:\WINDOWS\system32\nkhjijbl.exe moved successfully.
Created on 06/26/2007 16:53:12
_____________________________________________________________
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 6:24:55 PM 6/26/2007
+ Résultat de l'analyse:
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\aspwluqu.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dkdjjyoa.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fbkfycpe.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ftgsrsxr.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\idnyneqg.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lmthljdi.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mqfsfhsd.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267046.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267060.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267076.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267077.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267082.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267090.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267097.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crunner\cproc.exe.config.vir -> Adware.Clickspring : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267036.config -> Adware.Clickspring : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Classes\CLSID\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3521760843-2678375757-3137182385-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3521760843-2678375757-3137182385-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3521760843-2678375757-3137182385-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03 -> Adware.IntCodec : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Amélie\Local Settings\Temp\avdmytns.exe -> Adware.Searchcolor : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Amélie\Local Settings\Temp\ncramqej.exe -> Adware.Searchcolor : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269840.exe -> Adware.Searchcolor : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\uqhkqary.exe.bad -> Adware.Searchcolor : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\SYSTEM32\cntwxaow.exe -> Adware.Searchcolor : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\catchme2007-06-26_ 65408.21.zip/Dxc.exe -> Adware.SurfSide : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\catchme2007-06-26_ 65408.21.zip/DxcBho.dll -> Adware.SurfSide : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\catchme2007-06-26_ 65408.21.zip/DxcCore.dll -> Adware.SurfSide : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\catchme2007-06-26_ 65408.21.zip/dxclib~1.dll -> Adware.SurfSide : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Amélie\Local Settings\Temp\tsxlqihv.dll -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nvsessga.dll.vir -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rovofvwu.dll.vir -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xlpqbhty.dll.vir -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267100.dll -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267112.dll -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267141.dll -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gwquvw.dll.vir -> Adware.WorldSecurityOnline : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267042.dll -> Adware.WorldSecurityOnline : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\Program Files\Common Files\cloader\32vegas\logos\cloader_idrpr.exe.vir -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crunner\cproc.exe.vir -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crunner\crunner.exe.vir -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crunner\cupdater.exe.vir -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267031.exe -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267035.exe -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267037.exe -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267038.exe -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ntsystem.exe.vir -> Downloader.Oleloa : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267043.exe -> Downloader.Oleloa : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\j2261237.dll.vir -> Hijacker.Small.mw : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267018.dll -> Hijacker.Small.mw : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269839.exe -> Hijacker.Small.mw : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\qswknery.exe.bad -> Hijacker.Small.mw : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Amélie\Local Settings\Temp\tktvqmaf.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.71:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.84:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.85:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.101:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.10:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.215:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.216:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.257:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.320:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.377:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.378:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.418:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.59:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.60:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.61:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.62:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.78:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.81:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Aimé C.Bernatchez\Cookies\aimé_c.bernatchez@msnportal.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.348:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.7search : Nettoyé.
:mozilla.349:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.7search : Nettoyé.
:mozilla.138:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.139:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.140:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.267:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.268:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.269:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.270:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.271:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.313:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.51:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.53:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.56:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.6:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.7:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.91:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.92:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.93:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.202:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.203:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.209:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.210:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.211:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.389:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.82:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.83:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.275:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.276:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.109:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.110:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.111:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.132:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.136:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.137:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.138:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.139:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.14:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.16:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.46:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Aimé C.Bernatchez\Cookies\aimé_c.bernatchez@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.14:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.65:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.77:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.278:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.200:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.201:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.202:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.203:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.204:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.204:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.205:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.205:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.206:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.206:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.207:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.207:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.208:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.208:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.209:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.211:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.212:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.212:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.338:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.339:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.340:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.341:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.342:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.343:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.344:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.345:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.346:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.121:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.122:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.123:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.124:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.77:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.78:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.79:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.322:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.323:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.324:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.325:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.42:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.43:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.44:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.47:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.47:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.48:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.49:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.50:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.25:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.32:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.38:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.103:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.169:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.281:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.10:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.11:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.12:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.13:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.15:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.16:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.20:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.73:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.74:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.163:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.266:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.114:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.115:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.116:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.196:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.197:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.198:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.21:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.22:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.23:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.261:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.262:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.263:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.264:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.265:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.380:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.14:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.18:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.308:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Information : Nettoyé.
:mozilla.328:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
:mozilla.329:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
:mozilla.330:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
:mozilla.233:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Linkbuddies : Nettoyé.
:mozilla.142:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Linksynergy : Nettoyé.
:mozilla.143:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Linksynergy : Nettoyé.
:mozilla.144:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Linksynergy : Nettoyé.
:mozilla.15:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.369:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.58:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Nettoyé.
:mozilla.7:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.323:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.222:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.327:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.328:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.329:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.330:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.66:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.67:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.68:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.69:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.127:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.128:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.233:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.234:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.421:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.422:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.413:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
:mozilla.414:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
:mozilla.415:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
:mozilla.416:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
:mozilla.417:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@realguide.real[2].txt -> TrackingCookie.Real : Nettoyé.
:mozilla.125:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.126:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.127:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.128:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.129:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.130:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.131:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.132:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.307:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.331:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.387:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.390:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.391:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.392:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.100:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.107:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.332:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.333:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.334:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.335:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.336:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.337:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.47:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.60:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.61:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.62:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.63:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.64:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.96:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.97:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.98:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.99:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.84:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Sexlist : Nettoyé.
:mozilla.31:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.32:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.72:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.249:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.250:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.251:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.274:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.275:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.276:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.277:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.106:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.107:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.225:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.129:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.131:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.122:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Targetnet : Nettoyé.
:mozilla.110:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.113:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.247:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.130:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.88:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.95:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.27:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.29:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.30:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.31:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.32:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.33:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.105:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.106:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.183:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.184:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.253:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.254:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.255:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.294:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.399:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.28:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.34:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.35:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.36:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.37:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.38:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.39:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.40:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.41:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.42:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.280:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.281:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.282:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.283:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.284:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.285:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.36:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.37:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.39:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.40:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.41:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269836.dll -> Trojan.Adclicker.am : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\bjtlwgsi.dll.bad -> Trojan.Adclicker.am : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269841.exe -> Trojan.Agent.anr : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\vxtxfegy.exe.bad -> Trojan.Agent.anr : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ankhpmaj.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\anvhafvb.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\arkwrcwg.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\assumafy.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\aynjqcia.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dvcceyre.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jgsbmdaw.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jwcexxns.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ynsbnmjo.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267019.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267022.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267023.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267024.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267025.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267026.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267028.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267029.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\_OTMoveIt\MovedFiles\WINDOWS\SYSTEM32\nkhjijbl.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xssjsehx.dll.vir -> Trojan.BHO.g : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267144.dll -> Trojan.BHO.g : Nettoyé et sauvegardé (mise en quarantaine).
Fin du rapport
___________________________________________
Logfile of HijackThis v1.99.1
Scan saved at 6:30:49 PM, on 6/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\Media Experience\PCM2.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?24f39690d6244a42ab8aaca62a189bd7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?24f39690d6244a42ab8aaca62a189bd7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
DllUnregisterServer procedure not found in C:\WINDOWS\SYSTEM32\qhkvbwmr.dll
C:\WINDOWS\SYSTEM32\qhkvbwmr.dll NOT unregistered.
C:\WINDOWS\SYSTEM32\qhkvbwmr.dll moved successfully.
C:\WINDOWS\system32\nkhjijbl.exe moved successfully.
Created on 06/26/2007 16:53:12
_____________________________________________________________
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 6:24:55 PM 6/26/2007
+ Résultat de l'analyse:
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\aspwluqu.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dkdjjyoa.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fbkfycpe.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ftgsrsxr.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\idnyneqg.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lmthljdi.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mqfsfhsd.dll.vir -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267046.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267060.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267076.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267077.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267082.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267090.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267097.dll -> Adware.BHO : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crunner\cproc.exe.config.vir -> Adware.Clickspring : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267036.config -> Adware.Clickspring : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Classes\CLSID\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3521760843-2678375757-3137182385-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3521760843-2678375757-3137182385-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKU\S-1-5-21-3521760843-2678375757-3137182385-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Public Messenger ver 2.03 -> Adware.IntCodec : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Amélie\Local Settings\Temp\avdmytns.exe -> Adware.Searchcolor : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Amélie\Local Settings\Temp\ncramqej.exe -> Adware.Searchcolor : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269840.exe -> Adware.Searchcolor : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\uqhkqary.exe.bad -> Adware.Searchcolor : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\SYSTEM32\cntwxaow.exe -> Adware.Searchcolor : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\catchme2007-06-26_ 65408.21.zip/Dxc.exe -> Adware.SurfSide : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\catchme2007-06-26_ 65408.21.zip/DxcBho.dll -> Adware.SurfSide : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\catchme2007-06-26_ 65408.21.zip/DxcCore.dll -> Adware.SurfSide : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\catchme2007-06-26_ 65408.21.zip/dxclib~1.dll -> Adware.SurfSide : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Amélie\Local Settings\Temp\tsxlqihv.dll -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nvsessga.dll.vir -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rovofvwu.dll.vir -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xlpqbhty.dll.vir -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267100.dll -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267112.dll -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267141.dll -> Adware.Winfixer : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gwquvw.dll.vir -> Adware.WorldSecurityOnline : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267042.dll -> Adware.WorldSecurityOnline : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\Program Files\Common Files\cloader\32vegas\logos\cloader_idrpr.exe.vir -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crunner\cproc.exe.vir -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crunner\crunner.exe.vir -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crunner\cupdater.exe.vir -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267031.exe -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267035.exe -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267037.exe -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267038.exe -> Downloader.Agent.c : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ntsystem.exe.vir -> Downloader.Oleloa : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267043.exe -> Downloader.Oleloa : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\j2261237.dll.vir -> Hijacker.Small.mw : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267018.dll -> Hijacker.Small.mw : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269839.exe -> Hijacker.Small.mw : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\qswknery.exe.bad -> Hijacker.Small.mw : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\Amélie\Local Settings\Temp\tktvqmaf.dll -> Logger.VBStat.e : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.71:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.84:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.85:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.101:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.10:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.215:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.216:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.257:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.320:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.377:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.378:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.418:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.59:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.60:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.61:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.62:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.78:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.81:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Aimé C.Bernatchez\Cookies\aimé_c.bernatchez@msnportal.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.348:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.7search : Nettoyé.
:mozilla.349:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.7search : Nettoyé.
:mozilla.138:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.139:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.140:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.267:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.268:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.269:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.270:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.271:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.313:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.51:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.53:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.56:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.6:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.7:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.91:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.92:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.93:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.202:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.203:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.209:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.210:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.211:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.389:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.82:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.83:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.275:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.276:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.109:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.110:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.111:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.132:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.136:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.137:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.138:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.139:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.14:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.16:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.46:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Aimé C.Bernatchez\Cookies\aimé_c.bernatchez@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.14:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.65:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.77:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.278:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.200:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.201:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.202:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.203:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.204:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.204:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.205:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.205:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.206:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.206:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.207:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.207:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.208:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.208:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.209:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.211:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.212:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.212:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.338:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.339:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.340:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.341:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.342:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.343:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.344:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.345:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.346:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Casinodelrio : Nettoyé.
:mozilla.121:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.122:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.123:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.124:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.77:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.78:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.79:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.322:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.323:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.324:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.325:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.42:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.43:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.44:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.47:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.47:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.48:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.49:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.50:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.25:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.32:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.38:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.103:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.169:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.281:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.10:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.11:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.12:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.13:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.15:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.16:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.20:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.73:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.74:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.163:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.266:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.114:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.115:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.116:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.196:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.197:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.198:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.21:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.22:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.23:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.261:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.262:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.263:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.264:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.265:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.380:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.14:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.18:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.308:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Information : Nettoyé.
:mozilla.328:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
:mozilla.329:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
:mozilla.330:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
:mozilla.233:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Linkbuddies : Nettoyé.
:mozilla.142:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Linksynergy : Nettoyé.
:mozilla.143:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Linksynergy : Nettoyé.
:mozilla.144:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Linksynergy : Nettoyé.
:mozilla.15:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.369:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.58:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Nettoyé.
:mozilla.7:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.323:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.222:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.327:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.328:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.329:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.330:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.66:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.67:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.68:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.69:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.127:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.128:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.233:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.234:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.421:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.422:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.413:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
:mozilla.414:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
:mozilla.415:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
:mozilla.416:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
:mozilla.417:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@realguide.real[2].txt -> TrackingCookie.Real : Nettoyé.
:mozilla.125:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.126:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.127:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.128:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.129:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.130:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.131:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.132:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.307:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.331:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.387:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.390:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.391:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.392:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.100:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.107:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.332:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.333:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.334:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.335:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.336:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.337:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.47:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.60:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.61:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.62:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.63:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.64:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.96:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.97:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.98:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.99:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.84:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Sexlist : Nettoyé.
:mozilla.31:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.32:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.72:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.249:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.250:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.251:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.274:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.275:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.276:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.277:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.106:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.107:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.225:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.129:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.131:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.122:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Targetnet : Nettoyé.
:mozilla.110:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.113:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.247:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.130:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.88:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.95:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.27:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.29:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.30:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.31:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.32:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.33:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.105:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.106:C:\Documents and Settings\Amélie\Application Data\Mozilla\Firefox\Profiles\g2bpg8m3.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.183:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.184:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.253:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.254:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.255:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.294:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.399:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Amélie\Cookies\amélie@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.28:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.34:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.35:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.36:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.37:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.38:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.39:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.40:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.41:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.42:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.280:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.281:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.282:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.283:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.284:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.285:C:\Documents and Settings\Aimé C.Bernatchez\Application Data\Mozilla\Firefox\Profiles\7eq2cdil.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.36:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.37:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.39:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.40:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.41:C:\Documents and Settings\Aiya\Application Data\Mozilla\Firefox\Profiles\kn6hypkd.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269836.dll -> Trojan.Adclicker.am : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\bjtlwgsi.dll.bad -> Trojan.Adclicker.am : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269841.exe -> Trojan.Agent.anr : Nettoyé et sauvegardé (mise en quarantaine).
C:\VundoFix Backups\vxtxfegy.exe.bad -> Trojan.Agent.anr : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ankhpmaj.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\anvhafvb.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\arkwrcwg.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\assumafy.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\aynjqcia.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dvcceyre.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jgsbmdaw.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jwcexxns.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ynsbnmjo.exe.vir -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267019.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267022.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267023.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267024.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267025.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267026.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267028.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267029.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\_OTMoveIt\MovedFiles\WINDOWS\SYSTEM32\nkhjijbl.exe -> Trojan.Agent.aoy : Nettoyé et sauvegardé (mise en quarantaine).
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xssjsehx.dll.vir -> Trojan.BHO.g : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267144.dll -> Trojan.BHO.g : Nettoyé et sauvegardé (mise en quarantaine).
Fin du rapport
___________________________________________
Logfile of HijackThis v1.99.1
Scan saved at 6:30:49 PM, on 6/26/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\Media Experience\PCM2.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?24f39690d6244a42ab8aaca62a189bd7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?24f39690d6244a42ab8aaca62a189bd7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
Bonjour,
1) Tu as tenté la désinstallation de Mac Afee ? Cela semble avoir échoué.
2) Edite un nouveau log Hijackthis car celui-ci est incomplet.
FillPCA
1) Tu as tenté la désinstallation de Mac Afee ? Cela semble avoir échoué.
2) Edite un nouveau log Hijackthis car celui-ci est incomplet.
FillPCA
Logfile of HijackThis v1.99.1
Scan saved at 6:33:49 PM, on 6/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\Program Files\Dofus\Dofus.exe
C:\Program Files\Dofus\Dofus.exe
C:\Program Files\Dofus\dofus.dll
C:\Program Files\Dofus\dofus.dll
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?24f39690d6244a42ab8aaca62a189bd7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?24f39690d6244a42ab8aaca62a189bd7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\nkhjijbl.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
Et pour Mc caffee mon ordi a bogué et quand je réessais après avoir redémarer mon ordi il dit que le programme roule déja ...
Scan saved at 6:33:49 PM, on 6/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
C:\WINDOWS\system32\MsPMSPSv.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\Program Files\Dofus\Dofus.exe
C:\Program Files\Dofus\Dofus.exe
C:\Program Files\Dofus\dofus.dll
C:\Program Files\Dofus\dofus.dll
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [MCUpdateExe] C:\PROGRA~1\mcafee.com\agent\McUpdate.exe
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\McAgent.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?24f39690d6244a42ab8aaca62a189bd7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?24f39690d6244a42ab8aaca62a189bd7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\nkhjijbl.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee.com McShield (McShield) - Unknown owner - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Unknown owner - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe (file missing)
O23 - Service: McAfee.com VirusScan Online Realtime Engine (MCVSRte) - McAfee, Inc - c:\PROGRA~1\mcafee.com\vso\mcvsrte.exe
Et pour Mc caffee mon ordi a bogué et quand je réessais après avoir redémarer mon ordi il dit que le programme roule déja ...
Bonjour,
Evite tout surf car tu es sans antivirus.
1) * Ouvre le bloc-note de windows.
* Copie-colle ces lignes dans la fenêtre du bloc-note :
OptionUnloadShell
DllUnregister %PROGRAMFILES%\McAfee.com\mcvsshl.dll|1
Processkill \McUpdate.exe|1
Processkill \McAgent.exe|1
ServiceStop DomainService
ServiceDisable DomainService
ServiceDelete DomainService
ServiceStop McShield
ServiceDisable McShield
ServiceDelete McShield
ServiceStop mcupdmgr.exe
ServiceDisable mcupdmgr.exe
ServiceDelete mcupdmgr.exe
ServiceStop MCVSRte
ServiceDisable MCVSRte
ServiceDelete MCVSRte
RegDeleteKey HKCR\CLSID\{BA52B914-B692-46c4-B683-905236F6F655}
RegDelValue HKCU\software\microsoft\internet explorer\toolbar\WebBrowser|{BA52B914-B692-46c4-B683-905236F6F655}
RegDelValue HKLM\software\microsoft\internet explorer\toolbar|{BA52B914-B692-46c4-B683-905236F6F655}
RegDelValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MCUpdateExe
RegDelValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MCAgentExe
FolderDelete %PROGRAMFILES%\mcafee.com
SystemEmptyTempFolder
SystemEmptyInternetCache
SystemEmptyRecycleBin
* Enregistre le fichier sur le bureau en fix.txt
* Fais un clic droit sur ce fichier, choisis Renommer et dans la case, indique le nom fix.BFU.
* Déplace-le dans le même dossier que Brute Force Uninstaller soit dans c:\BFU
* Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : fix.bfu et BFU.exe (très important).
* Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 (ou F5); tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
* Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU).
* Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur : fix.bfu.
* Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\fix.bfu
* Clique sur Execute et laisse-le faire son travail.
* Attendre que Complete script execution apparaîsse et clique sur OK.
* Clique Exit pour fermer le programme BFU.
* Redémarre normalement ton PC.
2) * Fais un scan en ligne en cliquant ici : http://assiste.com.free.fr/...
* Choisis Kaspersky.
* Tu dois réaliser le scan en utilisant Internet explorer. Une information apparait en haut, près de la barre d'état. Tu dois accepter et installer l'activeX proposé. La mise à jour de l'antivirus se lance.
* Réalise un scan complet du système (Poste de travail).
* Sauvegarde le rapport en mode texte à l'issue du scan.
3) Edite le rapport Kaspersky avec un nouveau rapport Hijackthis.
4) Comment le PC se porte-t-il ? Je te donnerai ensuite les derniers conseils, pour ré-installer notamment un antivirus et un firewall.
FillPCA
Evite tout surf car tu es sans antivirus.
1) * Ouvre le bloc-note de windows.
* Copie-colle ces lignes dans la fenêtre du bloc-note :
OptionUnloadShell
DllUnregister %PROGRAMFILES%\McAfee.com\mcvsshl.dll|1
Processkill \McUpdate.exe|1
Processkill \McAgent.exe|1
ServiceStop DomainService
ServiceDisable DomainService
ServiceDelete DomainService
ServiceStop McShield
ServiceDisable McShield
ServiceDelete McShield
ServiceStop mcupdmgr.exe
ServiceDisable mcupdmgr.exe
ServiceDelete mcupdmgr.exe
ServiceStop MCVSRte
ServiceDisable MCVSRte
ServiceDelete MCVSRte
RegDeleteKey HKCR\CLSID\{BA52B914-B692-46c4-B683-905236F6F655}
RegDelValue HKCU\software\microsoft\internet explorer\toolbar\WebBrowser|{BA52B914-B692-46c4-B683-905236F6F655}
RegDelValue HKLM\software\microsoft\internet explorer\toolbar|{BA52B914-B692-46c4-B683-905236F6F655}
RegDelValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MCUpdateExe
RegDelValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|MCAgentExe
FolderDelete %PROGRAMFILES%\mcafee.com
SystemEmptyTempFolder
SystemEmptyInternetCache
SystemEmptyRecycleBin
* Enregistre le fichier sur le bureau en fix.txt
* Fais un clic droit sur ce fichier, choisis Renommer et dans la case, indique le nom fix.BFU.
* Déplace-le dans le même dossier que Brute Force Uninstaller soit dans c:\BFU
* Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : fix.bfu et BFU.exe (très important).
* Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 (ou F5); tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
* Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU).
* Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur : fix.bfu.
* Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\fix.bfu
* Clique sur Execute et laisse-le faire son travail.
* Attendre que Complete script execution apparaîsse et clique sur OK.
* Clique Exit pour fermer le programme BFU.
* Redémarre normalement ton PC.
2) * Fais un scan en ligne en cliquant ici : http://assiste.com.free.fr/...
* Choisis Kaspersky.
* Tu dois réaliser le scan en utilisant Internet explorer. Une information apparait en haut, près de la barre d'état. Tu dois accepter et installer l'activeX proposé. La mise à jour de l'antivirus se lance.
* Réalise un scan complet du système (Poste de travail).
* Sauvegarde le rapport en mode texte à l'issue du scan.
3) Edite le rapport Kaspersky avec un nouveau rapport Hijackthis.
4) Comment le PC se porte-t-il ? Je te donnerai ensuite les derniers conseils, pour ré-installer notamment un antivirus et un firewall.
FillPCA
Merci beaucoup mon ordi va déja beaucoup mieux je trouve sa super que tu m'aide ainsi et t'en suis très très reconnaissant,
de plus dans les fichier Hijackthis je vois des toolbar dans le style Yahoo, je peut supprimer sans crainte ? car je n'en veux pas et n'ai pas dld sa volontairement.
bon je vais me coucher dèja 5h du matin, ^^" bonne journée
P.S. je post les résultats du scan bientot
de plus dans les fichier Hijackthis je vois des toolbar dans le style Yahoo, je peut supprimer sans crainte ? car je n'en veux pas et n'ai pas dld sa volontairement.
bon je vais me coucher dèja 5h du matin, ^^" bonne journée
P.S. je post les résultats du scan bientot
Bonjour,
La toolbar Yahoo s'est sans doute installée avec Ccleaner. Regarde mon post 9, 5e point. On s'en occupera au dernier moment.
FillPCA
La toolbar Yahoo s'est sans doute installée avec Ccleaner. Regarde mon post 9, 5e point. On s'en occupera au dernier moment.
FillPCA
KASPERSKY ONLINE SCANNER REPORT
Thursday, June 28, 2007 12:33:39 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 28/06/2007
Kaspersky Anti-Virus database records: 354849
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 130812
Number of viruses found 20
Number of infected objects 191
Number of suspicious objects 5
Duration of the scan process 01:50:51
Infected Object Name Virus Name Last Action
C:\Documents and Settings\Aiya\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Aiya\Desktop\setup.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.bqu skipped
C:\Documents and Settings\Aiya\Desktop\setup.exe/stream Infected: Trojan-Downloader.Win32.Zlob.bqu skipped
C:\Documents and Settings\Aiya\Desktop\setup.exe NSIS: infected - 2 skipped
C:\Documents and Settings\Aiya\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Aiya\Desktop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Aiya\Desktop\SmitfraudFix.exe RarSFX: infected - 2 skipped
C:\Documents and Settings\Aiya\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_219.wmdb Object is locked skipped
C:\Documents and Settings\Aiya\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Aiya\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Aiya\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNSD.XML Object is locked skipped
C:\Documents and Settings\Aiya\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Aiya\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Aiya\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Aiya\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Aiya\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobVideoActiveXObject8.zip/uninst.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobVideoActiveXObject8.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\Amélie\Local Settings\Temp\AntiPhishing\FDE76B9D-4657-4B28-AE87-04EFD23D4EB6.dat Object is locked skipped
C:\Documents and Settings\Amélie\Local Settings\Temp\yovypcdq.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Mozilla Firefox\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Program Files\NetAssistant\log\mpbtn.log Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\asmtbtvk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bbxqdcoq.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bcludawn.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bpxkkeof.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\cnlttxwn.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crunner\cloader_installer.exe.vir/data0002 Infected: Trojan-Downloader.MSIL.Agent.c skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crunner\cloader_installer.exe.vir NSIS: infected - 1 skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\cswjicdr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\cxnmkvlr.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dbcapiin.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\deacmihg.dll.vir Infected: Trojan.Win32.BHO.o skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dipvreru.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\djqutvma.dll.vir Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dlrafgxg.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dtxmnthi.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dukgymwx.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dvsatxdg.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dvweqxfm.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ealbvfcr.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ebcdtxwo.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ebehikug.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ehcxmbye.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\emaoubiq.dll.vir Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fascxfpu.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ggkqqobn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ggnimxyd.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ggyyfkmk.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gmasqcrm.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jbdqyeqs.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jbrlfhhp.dll.vir Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kfoeiend.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kpdygctf.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kuadaggb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kxihcpee.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lckjglng.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lmvebunt.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lnhitxyb.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mdplghic.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mglvtefy.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mhdhaucv.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mjwqlnun.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\myevhvqe.dll.vir Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nsgcenoc.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oqbhtywo.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\osnduvca.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\outrhfed.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\papwsdjj.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qfdfdwot.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qgnbigmd.dll.vir Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qkxcmkus.dll.vir Suspicious: Packed.Win32.Morphine.a skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qwfkbqhd.dll.vir Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rcqrgcwj.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rplbpldr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sapgqdys.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\shfefoud.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sixvtfxl.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sjqnvirt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\srngekjx.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ssmlqxqn.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sveoflmk.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tatcgxus.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tcwawncy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tjihdbso.dll.vir Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tknwraij.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\toraxwxy.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\trsckcuk.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\trsijjxu.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ttpfqogq.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\udqdegea.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ukmbpnmd.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ukubwvdi.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\unsrkuil.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\uvfijfii.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wiaamoae.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wsgcgvtb.dll.vir Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wyntabkw.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xksoqaih.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xqtlokst.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xtjiumcs.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yafqxxcf.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ybrkifgk.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ythpcoea.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP383\A2249998.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP383\A2249999.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP383\A2250000.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP383\A2250001.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP383\A2250002.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2261609.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2264181.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ir skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2264195.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ir skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2264196.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ir skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2264197.dll Suspicious: Packed.Win32.Morphine.a skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2264198.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ir skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267034.exe/data0002 Infected: Trojan-Downloader.MSIL.Agent.c skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267034.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267045.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267047.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267048.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267049.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267052.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267053.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267054.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267055.dll Infected: Trojan.Win32.BHO.o skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267056.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267057.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267064.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267066.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267067.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267068.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267069.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267070.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267071.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267072.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267073.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267074.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267075.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267078.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267079.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267080.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267081.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267083.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267084.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267085.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267086.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267087.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267088.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267089.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267091.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267092.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267093.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267094.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267095.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267096.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267098.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267099.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267101.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267102.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267103.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267104.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267106.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267107.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267108.dll Suspicious: Packed.Win32.Morphine.a skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267109.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267110.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267113.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267114.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267115.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267116.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267118.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267119.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267120.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267121.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267122.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267124.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267125.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267126.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267127.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267128.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267130.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267131.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267132.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267133.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267134.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267135.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267137.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267138.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267139.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267140.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267143.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267145.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267146.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267148.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267149.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269834.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dq skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269837.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269838.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2271550.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2276275.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2276276.exe Infected: not-a-virus:AdWare.Win32.Searchcolor.a skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP387\change.log Object is locked skipped
C:\VundoFix Backups\abslpay.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.dq skipped
C:\VundoFix Backups\gainsjfk.exe.bad Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\VundoFix Backups\knojklhw.dll.bad Infected: Trojan.Win32.BHO.g skipped
C:\VundoFix Backups\lvrgvnow.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\VundoFix Backups\opuyflai.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\rbftbnqm.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\_OTMoveIt\MovedFiles\WINDOWS\SYSTEM32\qhkvbwmr.dll Infected: Trojan.Win32.BHO.o skipped
Scan process completed.
__________________________________________________________________
Logfile of HijackThis v1.99.1
Scan saved at 12:37:06 PM, on 6/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?24f39690d6244a42ab8aaca62a189bd7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?24f39690d6244a42ab8aaca62a189bd7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
me semblais l'avoir décocher mais on dirais bien que non, j'ai du faire une erreur
Thursday, June 28, 2007 12:33:39 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.93.0
Kaspersky Anti-Virus database last update: 28/06/2007
Kaspersky Anti-Virus database records: 354849
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
Scan Statistics
Total number of scanned objects 130812
Number of viruses found 20
Number of infected objects 191
Number of suspicious objects 5
Duration of the scan process 01:50:51
Infected Object Name Virus Name Last Action
C:\Documents and Settings\Aiya\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Aiya\Desktop\setup.exe/stream/data0006 Infected: Trojan-Downloader.Win32.Zlob.bqu skipped
C:\Documents and Settings\Aiya\Desktop\setup.exe/stream Infected: Trojan-Downloader.Win32.Zlob.bqu skipped
C:\Documents and Settings\Aiya\Desktop\setup.exe NSIS: infected - 2 skipped
C:\Documents and Settings\Aiya\Desktop\SmitfraudFix.exe/data.rar/SmitfraudFix/Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Aiya\Desktop\SmitfraudFix.exe/data.rar Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Documents and Settings\Aiya\Desktop\SmitfraudFix.exe RarSFX: infected - 2 skipped
C:\Documents and Settings\Aiya\Local Settings\Application Data\Microsoft\Media Player\CurrentDatabase_219.wmdb Object is locked skipped
C:\Documents and Settings\Aiya\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Aiya\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Aiya\Local Settings\Application Data\Microsoft\Windows Media\11.0\WMSDKNSD.XML Object is locked skipped
C:\Documents and Settings\Aiya\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Aiya\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Aiya\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Aiya\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Aiya\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobVideoActiveXObject8.zip/uninst.exe Suspicious: Password-protected-EXE skipped
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\ZlobVideoActiveXObject8.zip ZIP: suspicious - 1 skipped
C:\Documents and Settings\Amélie\Local Settings\Temp\AntiPhishing\FDE76B9D-4657-4B28-AE87-04EFD23D4EB6.dat Object is locked skipped
C:\Documents and Settings\Amélie\Local Settings\Temp\yovypcdq.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\Documents and Settings\LocalService\Cookies\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\History\History.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\INDEX.DAT Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Mozilla Firefox\SmitfraudFix\Reboot.exe Infected: not-a-virus:RiskTool.Win32.Reboot.f skipped
C:\Program Files\NetAssistant\log\mpbtn.log Object is locked skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\asmtbtvk.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bbxqdcoq.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bcludawn.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\bpxkkeof.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\cnlttxwn.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crunner\cloader_installer.exe.vir/data0002 Infected: Trojan-Downloader.MSIL.Agent.c skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\crunner\cloader_installer.exe.vir NSIS: infected - 1 skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\cswjicdr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\cxnmkvlr.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dbcapiin.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\deacmihg.dll.vir Infected: Trojan.Win32.BHO.o skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dipvreru.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\djqutvma.dll.vir Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dlrafgxg.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dtxmnthi.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dukgymwx.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dvsatxdg.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\dvweqxfm.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ealbvfcr.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ebcdtxwo.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ebehikug.dll.vir Infected: Trojan.Win32.BHO.bd skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ehcxmbye.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\emaoubiq.dll.vir Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\fascxfpu.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ggkqqobn.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ggnimxyd.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ggyyfkmk.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\gmasqcrm.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jbdqyeqs.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\jbrlfhhp.dll.vir Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kfoeiend.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kpdygctf.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kuadaggb.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\kxihcpee.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lckjglng.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lmvebunt.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\lnhitxyb.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mdplghic.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mglvtefy.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mhdhaucv.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\mjwqlnun.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\myevhvqe.dll.vir Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\nsgcenoc.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\oqbhtywo.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\osnduvca.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\outrhfed.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\papwsdjj.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qfdfdwot.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qgnbigmd.dll.vir Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qkxcmkus.dll.vir Suspicious: Packed.Win32.Morphine.a skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\qwfkbqhd.dll.vir Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rcqrgcwj.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\rplbpldr.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sapgqdys.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\shfefoud.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sixvtfxl.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sjqnvirt.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\srngekjx.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ssmlqxqn.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\sveoflmk.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tatcgxus.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tcwawncy.dll.vir Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tjihdbso.dll.vir Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\tknwraij.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\toraxwxy.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\trsckcuk.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\trsijjxu.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ttpfqogq.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\udqdegea.dll.vir Infected: Packed.Win32.Klone.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ukmbpnmd.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ukubwvdi.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\unsrkuil.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\uvfijfii.dll.vir Infected: Trojan.Win32.BHO.g skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wiaamoae.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wsgcgvtb.dll.vir Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\wyntabkw.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xksoqaih.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xqtlokst.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\xtjiumcs.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\yafqxxcf.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ybrkifgk.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\QooBox\Quarantine\C\WINDOWS\SYSTEM32\ythpcoea.dll.vir Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP383\A2249998.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP383\A2249999.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP383\A2250000.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP383\A2250001.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP383\A2250002.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2261609.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2264181.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ir skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2264195.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ir skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2264196.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ir skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2264197.dll Suspicious: Packed.Win32.Morphine.a skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2264198.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ir skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267034.exe/data0002 Infected: Trojan-Downloader.MSIL.Agent.c skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267034.exe NSIS: infected - 1 skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267045.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.hb skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267047.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267048.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267049.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267052.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267053.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267054.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267055.dll Infected: Trojan.Win32.BHO.o skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267056.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267057.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267064.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267066.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267067.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267068.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267069.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267070.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267071.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267072.dll Infected: Trojan.Win32.BHO.bd skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267073.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267074.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267075.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267078.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267079.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267080.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267081.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267083.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267084.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267085.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267086.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267087.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267088.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267089.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267091.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267092.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267093.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267094.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267095.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267096.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267098.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267099.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267101.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267102.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267103.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267104.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267106.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267107.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267108.dll Suspicious: Packed.Win32.Morphine.a skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267109.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267110.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267113.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267114.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267115.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267116.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267118.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267119.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267120.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267121.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267122.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267124.dll Infected: not-a-virus:AdWare.Win32.BHO.v skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267125.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267126.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267127.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267128.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267130.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267131.dll Infected: Packed.Win32.Klone.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267132.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267133.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267134.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267135.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267137.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267138.dll Infected: Trojan-Spy.Win32.VBStat.j skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267139.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267140.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267143.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267145.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267146.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267148.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP385\A2267149.dll Infected: Trojan-Spy.Win32.VBStat.h skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269834.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.dq skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269837.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2269838.dll Infected: Trojan.Win32.BHO.g skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2271550.dll Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2276275.exe Infected: Trojan.Win32.Agent.aoy skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP386\A2276276.exe Infected: not-a-virus:AdWare.Win32.Searchcolor.a skipped
C:\System Volume Information\_restore{202550A8-7A33-4BCA-9586-051D24DDBF8F}\RP387\change.log Object is locked skipped
C:\VundoFix Backups\abslpay.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.dq skipped
C:\VundoFix Backups\gainsjfk.exe.bad Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\VundoFix Backups\knojklhw.dll.bad Infected: Trojan.Win32.BHO.g skipped
C:\VundoFix Backups\lvrgvnow.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.kj skipped
C:\VundoFix Backups\opuyflai.dll.bad Infected: not-a-virus:AdWare.Win32.Virtumonde.ki skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\SYSTEM32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\AppEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\Internet.evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SecEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SysEvent.Evt Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM Object is locked skipped
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG Object is locked skipped
C:\WINDOWS\SYSTEM32\H323LOG.TXT Object is locked skipped
C:\WINDOWS\SYSTEM32\rbftbnqm.exe Infected: not-a-virus:AdWare.Win32.Agent.at skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\SYSTEM32\WBEM\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\_OTMoveIt\MovedFiles\WINDOWS\SYSTEM32\qhkvbwmr.dll Infected: Trojan.Win32.BHO.o skipped
Scan process completed.
__________________________________________________________________
Logfile of HijackThis v1.99.1
Scan saved at 12:37:06 PM, on 6/28/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\NetAssistant\bin\mpbtn.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\hijackthis vf.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.ca/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.bing.com/spresults.aspx
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Assistant Internet.lnk = C:\Program Files\NetAssistant\bin\matcli.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Open in new background tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/229?24f39690d6244a42ab8aaca62a189bd7
O8 - Extra context menu item: Open in new foreground tab - res://C:\Program Files\Windows Live Toolbar\Components\en-us\msntabres.dll.mui/230?24f39690d6244a42ab8aaca62a189bd7
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: MUSICMATCH MX Web Player - {d81ca86b-ef63-42af-bee3-4502d9a03c2d} - http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,90/mcinsctl.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) - http://download.mcafee.com/molbin/shared/mcgdmgr/en-us/1,0,0,23/mcgdmgr.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
me semblais l'avoir décocher mais on dirais bien que non, j'ai du faire une erreur
Bonsoir,
1)
* Double-clique sur OTMoveIt.exe pour lancer le programme,
* Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste List Of Files/Folders to be moved" :
C:\Documents and Settings\Aiya\Desktop\setup.exe
C:\Documents and Settings\Amélie\Local Settings\Temp\yovypcdq.exe
C:\WINDOWS\SYSTEM32\rbftbnqm.exe
* Clique sur MoveIt! pour lancer la suppression,
* Le résultat appraraîtra dans le cadre Results.
* Clique sur Exit pour fermer le programme.
* Poste le rapport qui est situé ici : C:\\\_OTMoveIt\MovedFiles
* Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.
2)
* Lance OTmoveIT.
* Clique sur CleanUp! (le programme va télécharger un fichier texte qui servira a nettoyer les programmes que l'on a téléchargés).
NOTE : Normalement, ton firewall (parefeu) devrait te demander si OTmoveIT peut accéder à internet, Autorise le.
* Une liste apparaît dans la partie gauche d'OTmoveIT.
* Un message apparaît pour confirmer le nettoyage. Confirme.
* Les fichiers infectés qui se trouvent dans les quarantaines seront supprimés aussi..
3) Tu dois désactiver la restauration système. Pour cela, fais un clic droit sur « poste de travail ». Dans l’onglet « restauration du système », coche la case « désactiver la restauration système ». Clique sur appliquer>OK.
Décoche cette case, clique sur appliquer>OK et redémarre le PC.
4) Télécharge un antivirus et installe-le. En gratuit, Antivir est excellent :
Téléchargement : https://www.avira.com/en/prime
Avast est aussi un bon produit : https://www.avast.com/free-antivirus-download
Clé d'activation : https://www.avast.com/registration-free-antivirus?lang=ENG
As-tu des soucis ?
FillPCA
1)
* Double-clique sur OTMoveIt.exe pour lancer le programme,
* Copie la liste de fichiers ou de dossiers ci-dessous et colle-la dans la fenêtre du programme "Paste List Of Files/Folders to be moved" :
C:\Documents and Settings\Aiya\Desktop\setup.exe
C:\Documents and Settings\Amélie\Local Settings\Temp\yovypcdq.exe
C:\WINDOWS\SYSTEM32\rbftbnqm.exe
* Clique sur MoveIt! pour lancer la suppression,
* Le résultat appraraîtra dans le cadre Results.
* Clique sur Exit pour fermer le programme.
* Poste le rapport qui est situé ici : C:\\\_OTMoveIt\MovedFiles
* Il te sera peut-être demandé de redémarrer ton PC. Dans ce cas, clique sur Yes.
2)
* Lance OTmoveIT.
* Clique sur CleanUp! (le programme va télécharger un fichier texte qui servira a nettoyer les programmes que l'on a téléchargés).
NOTE : Normalement, ton firewall (parefeu) devrait te demander si OTmoveIT peut accéder à internet, Autorise le.
* Une liste apparaît dans la partie gauche d'OTmoveIT.
* Un message apparaît pour confirmer le nettoyage. Confirme.
* Les fichiers infectés qui se trouvent dans les quarantaines seront supprimés aussi..
3) Tu dois désactiver la restauration système. Pour cela, fais un clic droit sur « poste de travail ». Dans l’onglet « restauration du système », coche la case « désactiver la restauration système ». Clique sur appliquer>OK.
Décoche cette case, clique sur appliquer>OK et redémarre le PC.
4) Télécharge un antivirus et installe-le. En gratuit, Antivir est excellent :
Téléchargement : https://www.avira.com/en/prime
Avast est aussi un bon produit : https://www.avast.com/free-antivirus-download
Clé d'activation : https://www.avast.com/registration-free-antivirus?lang=ENG
As-tu des soucis ?
FillPCA
C:\Documents and Settings\Aiya\Desktop\setup.exe moved successfully.
C:\Documents and Settings\Amélie\Local Settings\Temp\yovypcdq.exe moved successfully.
C:\WINDOWS\SYSTEM32\rbftbnqm.exe moved successfully.
Created on 06/28/2007 23:37:02
c normal que OTmoveIT se soit supprimé lui même ??? et dans la liste avant que mon ordi redémarre j'ai vu un fichier au moins qu'il n'a pas réussi a suprimer
sinn je n'ai pas d'autres question merci beaucoup, je t'en suis très reconnaissant et merci du temps que tu m,as offert, bonne journée et encore merci
C:\Documents and Settings\Amélie\Local Settings\Temp\yovypcdq.exe moved successfully.
C:\WINDOWS\SYSTEM32\rbftbnqm.exe moved successfully.
Created on 06/28/2007 23:37:02
c normal que OTmoveIT se soit supprimé lui même ??? et dans la liste avant que mon ordi redémarre j'ai vu un fichier au moins qu'il n'a pas réussi a suprimer
sinn je n'ai pas d'autres question merci beaucoup, je t'en suis très reconnaissant et merci du temps que tu m,as offert, bonne journée et encore merci
Bonjour,
Sa suppression est normale. Si un fichier n'a pu être supprimé, cela se fait au redémarrage.
Soit prudent dans tes surfs car le PC était très infecté.
Il te faut également un pare-feu. En produits gratuits, il y a Kerio, Zone alarm free, Out post free.
Bon surf, et n'oublie pas de cliquer sur "résolu" pour fermer le sujet.
FillPCA
Sa suppression est normale. Si un fichier n'a pu être supprimé, cela se fait au redémarrage.
Soit prudent dans tes surfs car le PC était très infecté.
Il te faut également un pare-feu. En produits gratuits, il y a Kerio, Zone alarm free, Out post free.
Bon surf, et n'oublie pas de cliquer sur "résolu" pour fermer le sujet.
FillPCA
