[virus] infecté par trojan downloader conhook

karynee -
jlpjlp Messages postés 52399 Statut Contributeur sécurité - 26 juil. 2007 à 11:02

infection trojan dowloader conhook

Bonjour, ce virus me pourri la vie j'ai regardé les autres post en ce qui concerne ce virus donc je me suis permis de faire une analyse avec hijackthis :

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 13:00:25, on 10/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\WINDOWS\system32\qwerty12.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton Save and Restore\Agent\NSRTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Bureau\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {98eb195d-a975-497d-9ff2-c79abc01f090} - C:\WINDOWS\system32\ieudpwd.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Keepsixthdebugmemo] D:\Documents and Settings\All Users\Application Data\ModeEggsKeepSixth\GLUE LIVE.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Norton Save and Restore] "C:\Program Files\Norton Save and Restore\Agent\NSRTray.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: c:\windows\system32\vtsqrpo.dll
O20 - Winlogon Notify: ieudpwd - C:\WINDOWS\SYSTEM32\ieudpwd.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\qwerty12.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Norton Save and Restore - Symantec Corporation - C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

Afficher la suite

A voir également:

[virus] infecté par trojan downloader conhook
Downloader for pc - Télécharger - Téléchargement & Transfert
Freemake video downloader - Télécharger - Téléchargement & Transfert
Virus mcafee - Accueil - Piratage
Flash video downloader - Télécharger - Téléchargement & Transfert
Telecharger youtube downloader - Télécharger - Conversion & Codecs

52 réponses

Réponse 21 / 52

karynee

g eu un écran bleu e en redémarrant yavai ce rapport là ensuite une boite de dialogue s'est ouverte disant que le systeme a trouver une erreur grave e je n'ai pu le faire qu'en mode normal

[07/12/2007, 21:41:58] - VirtumundoBeGone v1.5 ( "D:\Documents and Settings\Carine ALLAYEH.OYEDE\Local Settings\Temporary Internet Files\Content.IE5\09TSXXJ6\VirtumundoBeGone[1].exe" )
[07/12/2007, 21:42:05] - Detected System Information:
[07/12/2007, 21:42:05] - Windows Version: 5.1.2600, Service Pack 2
[07/12/2007, 21:42:05] - Current Username: Carine ALLAYEH (Admin)
[07/12/2007, 21:42:05] - Windows is in NORMAL mode.
[07/12/2007, 21:42:05] - Searching for Browser Helper Objects:
[07/12/2007, 21:42:05] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[07/12/2007, 21:42:05] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/12/2007, 21:42:05] - BHO 3: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} ()
[07/12/2007, 21:42:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/12/2007, 21:42:05] - Checking for HKLM\...\Winlogon\Notify\NppBho
[07/12/2007, 21:42:05] - Key not found: HKLM\...\Winlogon\Notify\NppBho, continuing.
[07/12/2007, 21:42:05] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/12/2007, 21:42:05] - BHO 5: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[07/12/2007, 21:42:05] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/12/2007, 21:42:06] - No filename found. Continuing.
[07/12/2007, 21:42:06] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[07/12/2007, 21:42:06] - BHO 7: {938A8A03-A938-4019-B764-03FF8D167D79} ()
[07/12/2007, 21:42:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/12/2007, 21:42:06] - Checking for HKLM\...\Winlogon\Notify\tmp1B0.tmp
[07/12/2007, 21:42:06] - Key not found: HKLM\...\Winlogon\Notify\tmp1B0.tmp, continuing.
[07/12/2007, 21:42:06] - BHO 8: {98eb195d-a975-497d-9ff2-c79abc01f090} ()
[07/12/2007, 21:42:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/12/2007, 21:42:06] - Checking for HKLM\...\Winlogon\Notify\ieudpwd
[07/12/2007, 21:42:06] - Found: HKLM\...\Winlogon\Notify\ieudpwd - This is probably Virtumundo.
[07/12/2007, 21:42:06] - Assigning {98eb195d-a975-497d-9ff2-c79abc01f090} MSEvents Object
[07/12/2007, 21:42:06] - BHO list has been changed! Starting over...
[07/12/2007, 21:42:06] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[07/12/2007, 21:42:06] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/12/2007, 21:42:06] - BHO 3: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} ()
[07/12/2007, 21:42:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/12/2007, 21:42:06] - Checking for HKLM\...\Winlogon\Notify\NppBho
[07/12/2007, 21:42:06] - Key not found: HKLM\...\Winlogon\Notify\NppBho, continuing.
[07/12/2007, 21:42:06] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/12/2007, 21:42:06] - BHO 5: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[07/12/2007, 21:42:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/12/2007, 21:42:06] - No filename found. Continuing.
[07/12/2007, 21:42:06] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[07/12/2007, 21:42:06] - BHO 7: {938A8A03-A938-4019-B764-03FF8D167D79} ()
[07/12/2007, 21:42:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/12/2007, 21:42:06] - Checking for HKLM\...\Winlogon\Notify\tmp1B0.tmp
[07/12/2007, 21:42:06] - Key not found: HKLM\...\Winlogon\Notify\tmp1B0.tmp, continuing.
[07/12/2007, 21:42:06] - BHO 8: {98eb195d-a975-497d-9ff2-c79abc01f090} (MSEvents Object)
[07/12/2007, 21:42:06] - ALERT: Found MSEvents Object!
[07/12/2007, 21:42:06] - BHO 9: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[07/12/2007, 21:42:06] - BHO 10: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[07/12/2007, 21:42:06] - BHO 11: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Barre d'outils MSN Search Helper)
[07/12/2007, 21:42:06] - Finished Searching Browser Helper Objects
[07/12/2007, 21:42:06] - *** Detected MSEvents Object
[07/12/2007, 21:42:06] - Trying to remove MSEvents Object...
[07/12/2007, 21:42:07] - Terminating Process: IEXPLORE.EXE
[07/12/2007, 21:42:08] - Terminating Process: RUNDLL32.EXE
[07/12/2007, 21:42:09] - Disabling Automatic Shell Restart
[07/12/2007, 21:42:09] - Terminating Process: EXPLORER.EXE
[07/12/2007, 21:42:09] - Suspending the NT Session Manager System Service
[07/12/2007, 21:42:09] - Terminating Windows NT Logon/Logoff Manager
[07/12/2007, 21:42:10] - Re-enabling Automatic Shell Restart
[07/12/2007, 21:42:10] - File to disable: C:\WINDOWS\system32\ieudpwd.dll
[07/12/2007, 21:42:10] - Renaming C:\WINDOWS\system32\ieudpwd.dll -> C:\WINDOWS\system32\ieudpwd.dll.vir
[07/12/2007, 21:42:10] - File successfully renamed!
[07/12/2007, 21:42:10] - Removing HKLM\...\Browser Helper Objects\{98eb195d-a975-497d-9ff2-c79abc01f090}
[07/12/2007, 21:42:10] - Removing HKCR\CLSID\{98eb195d-a975-497d-9ff2-c79abc01f090}
[07/12/2007, 21:42:11] - Adding Kill Bit for ActiveX for GUID: {98eb195d-a975-497d-9ff2-c79abc01f090}
[07/12/2007, 21:42:11] - Deleting ATLEvents/MSEvents Registry entries
[07/12/2007, 21:42:11] - Removing HKLM\...\Winlogon\Notify\ieudpwd
[07/12/2007, 21:42:11] - Searching for Browser Helper Objects:
[07/12/2007, 21:42:11] - BHO 1: {02478D38-C3F9-4EFB-9B51-7695ECA05670} (Yahoo! Toolbar Helper)
[07/12/2007, 21:42:11] - BHO 2: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/12/2007, 21:42:11] - BHO 3: {1E8A6170-7264-4D0F-BEAE-D42A53123C75} ()
[07/12/2007, 21:42:11] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/12/2007, 21:42:11] - Checking for HKLM\...\Winlogon\Notify\NppBho
[07/12/2007, 21:42:11] - Key not found: HKLM\...\Winlogon\Notify\NppBho, continuing.
[07/12/2007, 21:42:11] - BHO 4: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/12/2007, 21:42:11] - BHO 5: {7E853D72-626A-48EC-A868-BA8D5E23E045} ()
[07/12/2007, 21:42:11] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/12/2007, 21:42:11] - No filename found. Continuing.
[07/12/2007, 21:42:11] - BHO 6: {9030D464-4C02-4ABF-8ECC-5164760863C6} (Windows Live Sign-in Helper)
[07/12/2007, 21:42:11] - BHO 7: {938A8A03-A938-4019-B764-03FF8D167D79} ()
[07/12/2007, 21:42:11] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/12/2007, 21:42:11] - Checking for HKLM\...\Winlogon\Notify\tmp1B0.tmp
[07/12/2007, 21:42:11] - Key not found: HKLM\...\Winlogon\Notify\tmp1B0.tmp, continuing.
[07/12/2007, 21:42:11] - BHO 8: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[07/12/2007, 21:42:11] - BHO 9: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} (Google Toolbar Notifier BHO)
[07/12/2007, 21:42:11] - BHO 10: {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} (Barre d'outils MSN Search Helper)
[07/12/2007, 21:42:11] - Finished Searching Browser Helper Objects
[07/12/2007, 21:42:11] - Finishing up...
[07/12/2007, 21:42:11] - A restart is needed.
[07/12/2007, 21:42:11] - Automatic Reboot on STOP Error is not set. User will have to manually restart.
[07/12/2007, 21:42:50] - Attempting to Restart via STOP error (Blue Screen!)

Réponse 22 / 52

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

O2 - BHO: (no name) - {938A8A03-A938-4019-B764-03FF8D167D79} - C:\WINDOWS\system32\tmp1B0.tmp.dll
O2 - BHO: (no name) - {98eb195d-a975-497d-9ff2-c79abc01f090} - C:\WINDOWS\system32\ieudpwd.dll

O20 - AppInit_DLLs: c:\windows\system32\vtsqrpo.dll ?
O20 - Winlogon Notify: ieudpwd - C:\WINDOWS\SYSTEM32\ieudpwd.dll

y encore vundo essaye ca

------------
lance blacklight

https://www.f-secure.com/en

pour bien l'utiliser et coller le rapport
https://www.malekal.com/tutorial-f-secure-blacklight/

----------
lance sophos antirootkit

http://www.sophos.fr/products/free-tools/sophos-anti-rootkit.html

----------------
rogue remover
https://www.01net.com/telecharger/

---------------

smit fraud fix

http://telechargement.zebulon.fr/smitfraudfix.html

2/ double clique sur smitfraudfix. puis sélectionne 1 et appuyer sur entrée afin de créer le rapport des infection présentes. une fois le rapport effectué redémarre en mode sans échec (en appuyant sur F8 ou suppr, ou F5 au démarrage en général)

3/ puis refaire comme en 2/ mais selectionne l'option 2 et appuyer sur entrée pour commencer la desinfection. lorsque le programme demande si tu veut nettoyer le registre metsoui en tapant 0 et entrée

----------------------------
utilise combofix

http://mickael.barroux.free.fr/securite/combofix.php

---------------
fait un scan en ligne et colle le rapport

------------

recolle hijackthis

Réponse 23 / 52

karynee

je voulais savoir à un moment tu m'as demandé de désactiver la restauration du systeme dc ca a effacé ts les points antérieurs qui ont été crées est il possible de les retrouver ? Miz a par ca jcontinue ske tu me demandes de fair

Réponse 24 / 52

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

oui ca les a virés pour supprimer les virus qui se mettent dedans, non tu ne peux les retrouver

Vous n’avez pas trouvé la réponse que vous recherchez ?

Posez votre question

Réponse 25 / 52

karynee

dsl gt pa là ce week end :p je reprend les scans

Réponse 26 / 52

karynee

07/16/07 11:04:27 [Info]: BlackLight Engine 1.0.64 initialized
07/16/07 11:04:27 [Info]: OS: 5.1 build 2600 (Service Pack 2)
07/16/07 11:04:27 [Note]: 7019 4
07/16/07 11:04:27 [Note]: 7005 0
07/16/07 11:04:30 [Note]: 7006 0
07/16/07 11:04:30 [Note]: 7011 1864
07/16/07 11:04:31 [Note]: 7026 0
07/16/07 11:04:31 [Note]: 7026 0
07/16/07 11:04:33 [Note]: FSRAW library version 1.7.1022
07/16/07 11:13:43 [Note]: 7007 0

Réponse 27 / 52

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

ok fait la suite

Réponse 28 / 52

karynee

smit fraud fix ne fonctionne pas mais jcontinue

Réponse 29 / 52

karynee

"Carine ALLAYEH" - 2007-07-16 12:02:06 - ComboFix 07-07-14.6 - Service Pack 2 NTFS

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

C:\WINDOWS\system32\tmp1096.tmp.dll
C:\WINDOWS\system32\tmp12D.tmp.dll
C:\WINDOWS\system32\tmp173.tmp.dll
C:\WINDOWS\system32\tmp1B0.tmp.dll
D:\DOCUME~1\CYNTHI~1\APPLIC~1\WinAntiVirus Pro 2006
D:\DOCUME~1\TMPACC~1\APPLIC~1\WinAntiVirus Pro 2006

((((((((((((((((((((((((( Files Created from 2007-06-16 to 2007-07-16 )))))))))))))))))))))))))))))))

2007-07-16 12:01 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-16 11:47 <REP> d-------- C:\Program Files\RogueRemover
2007-07-16 11:20 <REP> d-------- C:\Program Files\Sophos
2007-07-15 18:00 <REP> d-------- C:\WINDOWS\MTemp
2007-07-15 14:14 230,432 --a------ C:\PA7311.DAT
2007-07-15 13:37 <REP> d-------- C:\PC VGA Camera
2007-07-15 11:45 <REP> dr------- D:\DOCUME~1\LOCALS~1.004\Mes documents
2007-07-15 11:44 53,248 --a------ C:\WINDOWS\system32\PAStiSvc.exe
2007-07-15 11:36 <REP> d-------- C:\VP-EYE
2007-07-15 11:32 <REP> d-------- C:\WINDOWS\Pixart
2007-07-15 11:32 <REP> d-------- C:\Program Files\PC VGA Camera
2007-07-15 11:32 <REP> d-------- C:\Program Files\Fichiers communs\PCCamera
2007-07-15 01:06 53,248 --a------ C:\WINDOWS\ap561.exe
2007-07-15 01:06 119,798 --a------ C:\WINDOWS\system32\drivers\spca561.sys
2007-07-15 01:06 118,784 --a------ C:\WINDOWS\ShowBmp.exe
2007-07-15 01:06 <REP> d-------- C:\WINDOWS\Setup2K
2007-07-14 18:09 <REP> d-------- C:\Program Files\Citron
2007-07-14 09:53 <REP> d-------- D:\DOCUME~1\PAULIN~2\APPLIC~1\Help
2007-07-14 09:46 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2007-07-13 17:33 <REP> d-------- C:\Program Files\iTunes
2007-07-13 17:31 <REP> d-------- C:\Program Files\QuickTime
2007-07-12 17:32 <REP> d-------- D:\DOCUME~1\CYNTHI~2\Shared
2007-07-12 17:32 <REP> d-------- D:\DOCUME~1\CYNTHI~2\Incomplete
2007-07-12 17:32 <REP> d-------- D:\DOCUME~1\CYNTHI~2\APPLIC~1\LimeWire
2007-07-12 12:20 8,576 --a------ C:\WINDOWS\system32\drivers\bnhevvxsdlpt.sys
2007-07-11 19:13 <REP> d-------- C:\WINDOWS\system32\ActiveScan
2007-07-11 16:51 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-07-11 16:34 <REP> d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-07-11 15:06 <REP> d-------- C:\VundoFix Backups
2007-07-11 14:29 <REP> d-------- C:\Program Files\Navilog1
2007-07-10 00:03 443,752 --a------ C:\WINDOWS\system32\d3dx10_34.dll
2007-07-10 00:03 443,752 --a------ C:\WINDOWS\system32\d3dx10_33.dll
2007-07-10 00:03 3,497,832 --a------ C:\WINDOWS\system32\d3dx9_34.dll
2007-07-10 00:03 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-07-10 00:03 266,088 --a------ C:\WINDOWS\system32\xactengine2_8.dll
2007-07-10 00:03 261,480 --a------ C:\WINDOWS\system32\xactengine2_7.dll
2007-07-10 00:03 18,280 --a------ C:\WINDOWS\system32\x3daudio1_2.dll
2007-07-10 00:03 1,124,720 --a------ C:\WINDOWS\system32\D3DCompiler_34.dll
2007-07-10 00:03 1,123,696 --a------ C:\WINDOWS\system32\D3DCompiler_33.dll
2007-07-09 11:54 83,024 --a------ C:\WINDOWS\system32\drivers\iksyssec.sys
2007-07-09 11:54 57,424 --a------ C:\WINDOWS\system32\drivers\iksysflt.sys
2007-07-09 11:54 53,840 --a------ C:\WINDOWS\system32\drivers\ikfilesec.sys
2007-07-09 11:54 39,376 --a------ C:\WINDOWS\system32\drivers\ikfileflt.sys
2007-07-09 11:54 29,264 --a------ C:\WINDOWS\system32\drivers\kcom.sys
2007-07-09 11:53 626,688 --a------ C:\WINDOWS\system32\msvcr80.dll
2007-07-09 11:53 <REP> d-------- D:\DOCUME~1\CARINE~1.OYE\APPLIC~1\PC Tools
2007-07-08 18:12 <REP> d-------- D:\DOCUME~1\PAULIN~2\APPLIC~1\Ulead Systems
2007-07-04 21:44 28,672 --a------ C:\WINDOWS\system32\drivers\CO_Mon.sys
2007-07-04 21:43 <REP> d-------- D:\DOCUME~1\CARINE~1.OYE\APPLIC~1\WholeSecurity
2007-07-04 10:44 <REP> d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\FLEXnet
2007-07-04 10:37 <REP> d-------- C:\Program Files\Bonjour
2007-07-04 10:22 92,160 --a------ C:\WINDOWS\system32\drivers\mcdbus.sys
2007-07-04 10:22 <REP> d-------- C:\Program Files\MagicDisc
2007-07-04 10:16 <REP> d-------- C:\Program Files\MagicISO
2007-07-03 23:40 <REP> d-------- C:\WINDOWS\AU_Temp
2007-07-03 17:19 <REP> d-------- C:\Program Files\Sagasoft
2007-07-03 03:09 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2007-07-03 02:59 <REP> d-------- C:\Program Files\PowerISO
2007-07-02 22:04 <REP> d-------- C:\Program Files\Fichiers communs\Apple
2007-07-02 22:03 <REP> d-------- D:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
2007-06-30 22:26 <REP> d-------- C:\Program Files\MegaSpoof
2007-06-29 10:50 49,252 --a------ C:\WINDOWS\system32\geebx.exe
2007-06-29 10:50 38,232 --a------ C:\WINDOWS\system32\ieudpwd.dll.vir
2007-06-29 10:46 <REP> d-------- C:\Program Files\LimeWire Turbo Accelerator
2007-06-28 11:21 <REP> d-------- D:\DOCUME~1\PAULIN~2\APPLIC~1\Talkback
2007-06-27 02:46 <REP> d-------- D:\DOCUME~1\ERICAL~1.OYE\APPLIC~1\VadeRetro
2007-06-26 23:12 <REP> d-------- D:\DOCUME~1\CARINE~1.OYE\APPLIC~1\Sonic
2007-06-23 12:53 <REP> d-------- D:\DOCUME~1\CARINE~1.OYE\APPLIC~1\DivX
2007-06-22 22:29 <REP> d-------- D:\DOCUME~1\CARINE~1.OYE\APPLIC~1\Talkback
2007-06-22 20:41 <REP> d-------- D:\DOCUME~1\CYNTHI~2\APPLIC~1\TransRender
2007-06-22 20:41 <REP> d-------- D:\DOCUME~1\CYNTHI~2\APPLIC~1\Temporary
2007-06-22 20:41 <REP> d-------- D:\DOCUME~1\CYNTHI~2\APPLIC~1\ConvertTemp
2007-06-22 20:40 <REP> d-------- D:\DOCUME~1\CYNTHI~2\APPLIC~1\Samsung
2007-06-21 19:55 <REP> d-------- D:\DOCUME~1\SANDRI~1\APPLIC~1\Talkback
2007-06-20 18:14 <REP> d-------- D:\DOCUME~1\PAULIN~2\APPLIC~1\DivX
2007-06-18 07:05 <REP> d-------- D:\DOCUME~1\ERICAL~1.OYE\APPLIC~1\Talkback
2007-06-18 07:03 <REP> d-------- D:\DOCUME~1\ERICAL~1.OYE\APPLIC~1\DivX
2007-06-18 07:02 116,472 --------- C:\WINDOWS\system32\pxcpyi64.exe
2007-06-18 07:01 <REP> d-------- C:\Program Files\DivX

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

2007-07-16 09:11:42 -------- d-----w C:\Program Files\Fichiers communs\Symantec Shared
2007-07-15 09:33:47 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-07-14 00:58:52 -------- d-----w C:\Program Files\mIRC
2007-07-13 15:33:35 -------- d-----w C:\Program Files\iPod
2007-07-13 15:28:59 -------- d-----w C:\Program Files\Apple Software Update
2007-07-12 10:46:44 -------- d-----w C:\Program Files\Norton Save and Restore
2007-07-12 10:46:40 -------- d-----w C:\Program Files\Norton Internet Security
2007-07-12 10:46:26 -------- d-----w C:\Program Files\MSN Messenger
2007-07-12 10:44:55 -------- d-----w C:\Program Files\Messenger Plus! Live
2007-07-12 10:40:48 -------- d-----w C:\Program Files\Google
2007-07-10 10:57:36 -------- d-----w D:\DOCUME~1\CARINE~1.OYE\APPLIC~1\Lavasoft
2007-07-10 10:57:20 -------- d-----w C:\Program Files\uTorrent
2007-07-10 10:54:37 -------- d-----w C:\Program Files\Spyware Doctor
2007-06-29 08:47:13 -------- d-----w C:\Program Files\LimeWire
2007-06-09 21:48:29 -------- d-----w C:\Program Files\Windows Live
2007-06-01 13:55:53 -------- d-----w D:\DOCUME~1\CARINE~1.OYE\APPLIC~1\LimeWire
2007-05-31 06:45:07 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-05-31 06:44:55 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-05-31 06:44:54 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-05-31 06:44:54 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-05-31 06:44:54 740,442 ----a-w C:\WINDOWS\system32\DivX.dll
2007-05-30 22:27:28 -------- d-----w C:\Program Files\Seagrand
2007-05-24 12:40:52 -------- d-----w D:\DOCUME~1\CARINE~1.OYE\APPLIC~1\Apple Computer
2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-27 12:10:19 90,425 ----a-w C:\WINDOWS\hpoins06.dat
2007-04-25 14:22:35 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-23 00:15:29 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-04-23 00:15:24 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-04-23 00:15:24 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-04-23 00:15:18 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-04-23 00:15:18 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-04-23 00:02:34 73,728 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-04-23 00:02:34 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-04-23 00:02:33 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-04-23 00:02:31 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-04-23 00:02:31 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-04-23 00:02:31 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-04-23 00:02:31 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-04-23 00:01:47 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-04-23 00:01:46 124,472 ----a-w C:\WINDOWS\system32\DivXCodecUpdateChecker.exe
2007-04-21 08:04:42 63,854 ----a-w C:\WINDOWS\system32\perfc00C.dat
2007-04-21 08:04:42 445,434 ----a-w C:\WINDOWS\system32\perfh00C.dat
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
2006-07-07 12:52 439872 --a------ C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
2006-09-05 23:18 93400 -ra------ C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\NppBho.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2007-03-14 03:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
2006-08-31 21:33 322368 --a------ C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2007-01-19 23:56 2436160 -ra------ c:\program files\google\googletoolbar2.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
2007-06-24 12:49 325048 --a------ C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
2005-07-07 17:21 577232 --a------ C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMan"="SOUNDMAN.EXE" [2005-10-24 15:45 C:\WINDOWS\soundman.exe]
"ATIPTA"="C:\ATI Technologies\ATI Control Panel\atiptaxx.exe" [2005-08-05 22:05]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"Vade Retro Outlook Express"="C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe" [2004-10-04 14:03]
"Ulead AutoDetector v2"="C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe" [2004-11-26 12:43]
"PCMService"="c:\Apps\Powercinema\PCMService.exe" [2005-05-11 14:48]
"ACTIVBOARD"="c:\apps\ABoard\ABoard.exe" [2003-05-02 11:31]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-11-30 19:44]
"Keepsixthdebugmemo"="D:\Documents and Settings\All Users\Application Data\ModeEggsKeepSixth\GLUE LIVE.exe" []
"ccApp"="C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe" [2007-01-09 22:59]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2006-09-05 19:22]
"Norton Save and Restore"="C:\Program Files\Norton Save and Restore\Agent\NSRTray.exe" [2006-03-03 20:36]
"Symantec PIF AlertEng"="C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2007-03-12 10:22]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2005-05-11 23:12]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2007-06-29 06:24]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-07-10 09:18]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 15:00]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-04-20 01:00]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=c:\windows\system32\vtsqrpo.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\sdcoreservice]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{bb681d57-7d31-11db-844b-806d6172696f}]
AutoRun\command- Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f72c315c-c74a-11db-861e-00038a000015}]
Auto\command- K:\AdobeR.exe e
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL AdobeR.exe e

*Newly Created Service* - COMHOST
*Newly Created Service* - MEMSWEEP2

Contents of the 'Scheduled Tasks' folder
2007-07-16 10:00:00 C:\WINDOWS\tasks\AA6CBBDE911F3872.job
2007-07-13 15:29:11 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
2007-07-16 10:00:00 C:\WINDOWS\tasks\HPpromotions journeysoftware.job
2007-07-06 18:00:00 C:\WINDOWS\tasks\Norton Internet Security - Analyse système complète - Sandrine ALLAYEH.job
2007-07-13 13:00:01 C:\WINDOWS\tasks\Norton Security Scan.job

**************************************************************************

catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-16 12:08:46
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\system\ControlSet001\Services\MysqlInventime]
"ImagePath"="C:\Apps\INVENT~1\mysql\bin\mysqld-nt --defaults-file=C:\Apps\Inventime\mysql\my.ini MysqlInventime"

Completion time: 2007-07-16 12:09:45
C:\ComboFix-quarantined-files.txt ... 2007-07-16 12:09

--- E O F ---

Réponse 30 / 52

karynee

je n'arrive pas à lancer hijackthis

Réponse 31 / 52

karynee

je dirais plutot que je n'arrive pas a sortir de rapport

Réponse 32 / 52

karynee

si c bon :

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 13:11:06, on 16/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Apps\Powercinema\PCMService.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
C:\Program Files\Norton Save and Restore\Agent\NSRTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Keepsixthdebugmemo] D:\Documents and Settings\All Users\Application Data\ModeEggsKeepSixth\GLUE LIVE.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Norton Save and Restore] "C:\Program Files\Norton Save and Restore\Agent\NSRTray.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-3873159059-2552226065-2390232822-1007\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Sandrine ALLAYEH')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-3873159059-2552226065-2390232822-1007 Startup: OFFICE One 6.5.lnk = C:\Program Files\OFFICE One6.5\program\quickstart.exe (User 'Sandrine ALLAYEH')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Icatch(VI) SnapDetect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: c:\windows\system32\vtsqrpo.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Norton Save and Restore - Symantec Corporation - C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

Réponse 33 / 52

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

lance e scan et colle le rapport:

http://www.malekal.com/tutorial_eScan_antivirus_toolkit.php

_________________
colle le rapport de SDFIX

______________

essaye de faire ensuite smitfraudfix

___________________

CCLEANER: (lance un netoyage et repare les clés)
_____________

AVG antispyxare

https://www.01net.com/

Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html

->Relance AVG AS -> "Analyse" ->"Paramètres"

Sous la question "Comment réagir ?" :

-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"

Si un fichier est infecté en fin d'analyse

->Clique sur "Appliquer toutes les actions "

->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".

->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici
________________________
DESACTVE PUIS REACTIVE LA RESTAURAtION SYSTEME
________________________

recolle un rapport de scan en ligne

et hijackthis

Réponse 34 / 52

karynee

mwavscan ne ve pa se lancer j'ai tout d'abord essayer en mode sans échec ( et oui j'ai réussi à mettre le mode ss échec lol ) et après en mode normal ca ne réagit pas car ca stipule que la version est vieille de 30 jrs dc rien ne se lance !! bn tjs le mm refrain lol je continue...

Réponse 35 / 52

karynee

coucou, voici le rapport avg
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 17:07:54 16/07/2007

+ Résultat de l'analyse:

C:\WINDOWS\system32\geebx.exe -> Adware.Virtumonde : Ignoré.
:mozilla.289:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.515:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.549:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.570:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.584:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.682:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.686:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.6:D:\Documents and Settings\Carine ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\muot5pkg.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.708:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.755:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.81:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.82:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@heavycom.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@mistergooddeal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.100:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.102:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.103:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.117:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.98:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.99:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@3.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@4.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH\Cookies\carine allayeh@www.adobe[1].txt -> TrackingCookie.Adobe : Nettoyé.
D:\Documents and Settings\TMPACCOUNT\Cookies\paulin allayeh@www.adobe[1].txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.245:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.246:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.247:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.248:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.130:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.131:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.287:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.288:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.134:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.135:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.136:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.137:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.272:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.273:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.274:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.467:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.238:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.275:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.10:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.263:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.925:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.941:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH\Cookies\carine allayeh@burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.518:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.471:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Clickhype : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine allayeh@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Nettoyé.
:mozilla.950:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.951:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH\Cookies\carine allayeh@techrepublic.com[1].txt -> TrackingCookie.Com : Nettoyé.
:mozilla.182:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.185:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.186:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.256:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.257:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
D:\Documents and Settings\Sidicatou ALLAYEH\Cookies\sidicatou allayeh@connextra[1].txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.227:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.228:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.229:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.230:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.914:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH\Cookies\carine allayeh@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH\Local Settings\Temp\Cookies\carine allayeh@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyé.
D:\Documents and Settings\Cynthia ALLAYEH\Cookies\cynthia allayeh@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH\Local Settings\Temp\Cookies\eric allayeh@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
D:\Documents and Settings\Sidicatou ALLAYEH\Cookies\sidicatou allayeh@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyé.
D:\Documents and Settings\TMPACCOUNT\Cookies\paulin allayeh@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.407:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.949:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Dealtime : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.11:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.48:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@enhance[1].txt -> TrackingCookie.Enhance : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@enhance[2].txt -> TrackingCookie.Enhance : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@enhance[2].txt -> TrackingCookie.Enhance : Nettoyé.
:mozilla.852:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Esomniture : Nettoyé.
:mozilla.193:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.310:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.311:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.6:D:\Documents and Settings\Paulin OYEDE allayeh\Application Data\Mozilla\Firefox\Profiles\tjivd9va.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.815:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.8:D:\Documents and Settings\Carine ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\muot5pkg.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@estat[2].txt -> TrackingCookie.Estat : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@estat[2].txt -> TrackingCookie.Estat : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.225:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.226:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.227:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.228:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.972:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.973:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.977:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.995:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.996:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.147:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.148:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.149:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.150:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.151:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.152:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.153:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.215:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.216:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.217:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.218:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.865:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.866:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.867:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@findwhat[1].txt -> TrackingCookie.Findwhat : Nettoyé.
:mozilla.225:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Fortunecity : Nettoyé.
:mozilla.226:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Fortunecity : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH\Cookies\carine allayeh@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyé.
D:\Documents and Settings\Cynthia ALLAYEH\Cookies\cynthia allayeh@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyé.
:mozilla.277:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.724:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.725:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.790:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.800:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.804:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.806:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.858:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Cynthia ALLAYEH\Cookies\cynthia allayeh@ehg-adidas.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@ehg-danieljouvance.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@ehg-yvesrocher.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.759:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Hotlog : Nettoyé.
:mozilla.261:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.262:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.276:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.277:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.917:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.927:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.534:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH\Cookies\carine allayeh@ilead.itrack[2].txt -> TrackingCookie.Itrack : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@ilead.itrack[2].txt -> TrackingCookie.Itrack : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyé.
D:\Documents and Settings\TMPACCOUNT\Cookies\paulin allayeh@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@search.live[2].txt -> TrackingCookie.Live : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
D:\Documents and Settings\Sidicatou ALLAYEH\Cookies\sidicatou allayeh@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
D:\Documents and Settings\Cynthia ALLAYEH\Cookies\cynthia allayeh@images.lop[2].txt -> TrackingCookie.Lop : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@lop[1].txt -> TrackingCookie.Lop : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@lop[1].txt -> TrackingCookie.Lop : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@lop[2].txt -> TrackingCookie.Lop : Nettoyé.
:mozilla.324:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Masterstats : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric allayeh@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
:mozilla.170:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.630:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.557:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH\Cookies\carine allayeh@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
D:\Documents and Settings\Cynthia ALLAYEH\Cookies\cynthia allayeh@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey allay@search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric allayeh@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine allayeh@search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.372:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Ne : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
D:\Documents and Settings\Cynthia ALLAYEH\Cookies\cynthia allayeh@banner.newyorkcasino[1].txt -> TrackingCookie.Newyorkcasino : Nettoyé.
D:\Documents and Settings\TMPACCOUNT\Cookies\paulin allayeh@banner.newyorkcasino[1].txt -> TrackingCookie.Newyorkcasino : Nettoyé.
:mozilla.129:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.132:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.133:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.581:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH\Cookies\carine allayeh@data1.perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@data3.perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
D:\Documents and Settings\Sidicatou ALLAYEH\Cookies\sidicatou allayeh@data1.perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
D:\Documents and Settings\Sidicatou ALLAYEH\Cookies\sidicatou allayeh@data2.perf.overture[2].txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.35:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paycounter : Nettoyé.
:mozilla.416:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Paycounter : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@paycounter[1].txt -> TrackingCookie.Paycounter : Nettoyé.
:mozilla.153:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.398:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH\Cookies\carine allayeh@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.59:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.60:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.61:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.62:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.63:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.64:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.65:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.66:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.67:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.68:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.69:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.6:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.70:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.71:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.72:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.73:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.74:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.75:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.76:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.77:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Paypopup : Nettoyé.
:mozilla.248:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Planetactive : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.15:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.16:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.17:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.18:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.19:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.20:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.21:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@realguide.real[1].txt -> TrackingCookie.Real : Nettoyé.
:mozilla.249:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.360:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.361:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.362:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.363:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.364:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.365:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.366:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.367:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.368:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.86:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.87:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.88:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.89:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.90:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.40:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.474:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
D:\Documents and Settings\Sidicatou ALLAYEH\Cookies\sidicatou allayeh@ads1.revenue[1].txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.477:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.484:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.498:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.499:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.147:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Saxobank : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH\Cookies\carine allayeh@www.saxobank[2].txt -> TrackingCookie.Saxobank : Nettoyé.
D:\Documents and Settings\Cynthia ALLAYEH\Cookies\cynthia allayeh@www.saxobank[1].txt -> TrackingCookie.Saxobank : Nettoyé.
D:\Documents and Settings\Sidicatou ALLAYEH\Cookies\sidicatou allayeh@www.saxobank[1].txt -> TrackingCookie.Saxobank : Nettoyé.
:mozilla.207:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.208:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.209:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.210:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.211:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.212:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.146:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.147:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.531:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.532:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.265:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Sexlist : Nettoyé.
:mozilla.133:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.134:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.135:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.136:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.179:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.206:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.39:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.54:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@counter7.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.541:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.580:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.683:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.684:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.801:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.802:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.921:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.932:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.987:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@site.skype[1].txt -> TrackingCookie.Skype : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@skype[2].txt -> TrackingCookie.Skype : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@skype[1].txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.136:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.138:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.139:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.140:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.171:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.172:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.173:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.174:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.29:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.30:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.31:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.32:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.74:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.76:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.77:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.78:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@adopt.specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@h.starware[1].txt -> TrackingCookie.Starware : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@try.starware[2].txt -> TrackingCookie.Starware : Nettoyé.
:mozilla.105:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.71:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.72:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.73:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.75:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.440:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.441:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@login.tracking101[1].txt -> TrackingCookie.Tracking101 : Nettoyé.
:mozilla.212:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.213:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.434:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.435:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.436:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.437:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.438:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.63:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.64:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.65:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.67:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Cookies\carine_allayeh@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
D:\Documents and Settings\Cynthia-Audrey ALLAY\Cookies\cynthia-audrey_allay@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
D:\Documents and Settings\Eric ALLAYEH.OYEDE\Cookies\eric_allayeh@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
D:\Documents and Settings\Paulin OYEDE allayeh\Cookies\paulin_oyede_allayeh@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
D:\Documents and Settings\Sandrine ALLAYEH\Cookies\sandrine_allayeh@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.377:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.378:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.379:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.380:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.381:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.382:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Trafficmp : Nettoyé.
:mozilla.79:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.84:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.85:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.27:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Vegasred : Nettoyé.
:mozilla.28:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Vegasred : Nettoyé.
:mozilla.29:D:\Documents and Settings\Eric ALLAYEH\Application Data\Mozilla\Firefox\Profiles\il7dlzqi.default\cookies.txt -> TrackingCookie.Vegasred : Nettoyé.
:mozilla.175:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.176:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.177:D:\Documents and Settings\Eric ALLAYEH.OYEDE\Application Data\Mozilla\Firefox\Profiles\mdcrde2u.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.257:D:\Documents and Settings\Carine ALLAYEH\Application Data\Mozilla\Firefox\Profiles\f7n0a0yt.default\cookies.txt -> TrackingCookie.

Réponse 36 / 52

karynee

adwarevitumonde là apparemmen il ve pa viré de mon pc avec avg,

voici le rapport hijack this bonne lecteure c trop long je suis dsl !

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 17:12:52, on 16/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe
C:\Apps\Powercinema\PCMService.exe
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\apps\ABoard\ABoard.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe
c:\APPS\HIDSERVICE\HIDSERVICE.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Norton Save and Restore\Agent\NSRTray.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
C:\Program Files\QuickTime\QTTask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\Twain_32\CA561A\SnapDetect.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
D:\Documents and Settings\Carine ALLAYEH.OYEDE\Bureau\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.free.fr/freebox/index.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Afficher Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Fichiers communs\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] "C:\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Vade Retro Outlook Express] "C:\PROGRA~1\GOTOSO~1\VADERE~1\Vaderetro_oe.exe"
O4 - HKLM\..\Run: [Ulead AutoDetector v2] C:\Program Files\Fichiers communs\Ulead Systems\AutoDetector\monitor.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [ACTIVBOARD] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Keepsixthdebugmemo] D:\Documents and Settings\All Users\Application Data\ModeEggsKeepSixth\GLUE LIVE.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Norton Save and Restore] "C:\Program Files\Norton Save and Restore\Agent\NSRTray.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Démarrage rapide du logiciel HP Image Zone.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Icatch(VI) SnapDetect.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: OFFICE One Clock v6.5.lnk = C:\Program Files\OFFICE One6.5\OFFICE One Clock\ooneclockv65.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - https://www.trendmicro.com/en_us/forHome/products/housecall.html
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab53083.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O20 - AppInit_DLLs: c:\windows\system32\vtsqrpo.dll
O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\VAScanner\comHost.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Generic Service for HID Keyboard Input Collections (GenericHidService) - Unknown owner - c:\APPS\HIDSERVICE\HIDSERVICE.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Norton Save and Restore - Symantec Corporation - C:\Program Files\Norton Save and Restore\Agent\VProSvc.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe
O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe
O23 - Service: Service Partage réseau du Lecteur Windows Media (WMPNetworkSvc) - Unknown owner - C:\Program Files\Windows Media Player\WMPNetwk.exe

Réponse 37 / 52

karynee

en tout cas je tiens a te remercier pour les informations que tu m'as donné car déjà ça va mieux g plus de pop up :)

Réponse 38 / 52

jlpjlp Messages postés 52399 Statut Contributeur sécurité 5 040

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

fix cette ligne avec hijackthis

lance aboutbuster:
https://www.malwarebytes.com/

------------------
installe spywareblaster

----------------
virtumondebegone a refaire

http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
-------------
installe
SPYWAREBLASTER pour immuniser le systeme contre vundo notamment mais en anglais (mais facile d'utilisation : il suffit de faire "update" pour mettre à jour tous les mois et ensuite" enable all protection" pour immuniser)...
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/28872.html

------------------
lance blacklight et colle le rapport:

https://www.f-secure.com/en

# Sauvegardez-le sur le Bureau.
# Double-cliquez sur blbeta.exe et acceptez la licence
# Cliquez sur Scan puis Next
# Vous verrez une liste de fichiers détectés apparaître
# Vous verrez également un rapport, sur le Bureau , ouvrez-le :
# tuto : (Merci à Malekal pour cette réalisation)
https://www.malekal.com/tutorial-f-secure-blacklight/#mozTocId411175

Réponse 39 / 52

karynee

07/18/07 13:58:37 [Info]: BlackLight Engine 1.0.64 initialized
07/18/07 13:58:37 [Info]: OS: 5.1 build 2600 (Service Pack 2)
07/18/07 13:58:38 [Note]: 7019 4
07/18/07 13:58:38 [Note]: 7005 0
07/18/07 13:58:48 [Note]: 7006 0
07/18/07 13:58:48 [Note]: 7011 3304
07/18/07 13:58:49 [Note]: 7026 0
07/18/07 13:58:49 [Note]: 7026 0
07/18/07 13:58:56 [Note]: FSRAW library version 1.7.1022
07/18/07 14:07:43 [Note]: 7007 0

Réponse 40 / 52

karynee

c'est bizarre il n'a pas trouvé le virus ou koi ?

Discussions similaires

Softonic,est-ce un virus ?

Comment supprimer le virus Trojan

Trojan impossible à supprimer!

Aide pour un virus

Menace détectée TrojanSMS-PA sur Google Huawei/Android

[virus] infecté par trojan downloader conhook

52 réponses

Votre réponse

Discussions similaires

Newsletters