Affichage intempestif - Erro Safe et autres
Résolu/Fermé
gforce83
Messages postés
14
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
21 juillet 2007
-
17 juil. 2007 à 12:00
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 21 juil. 2007 à 16:52
green day Messages postés 26371 Date d'inscription vendredi 30 septembre 2005 Statut Modérateur, Contributeur sécurité Dernière intervention 27 décembre 2019 - 21 juil. 2007 à 16:52
A voir également:
- Affichage intempestif - Erro Safe et autres
- Affichage double ecran - Guide
- Windows 11 affichage classique - Guide
- Modifier affichage heure iphone - Guide
- Casio fx-92 affichage décimal ✓ - Forum calculatrices
- Impossible d'initialiser le dispositif d'affichage - Forum jeux en ligne
32 réponses
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
17 juil. 2007 à 16:17
17 juil. 2007 à 16:17
Salut
Telecharge ceci :
http://www.infos-du-net.com/telecharger/HijackThis.html = lien
http://pageperso.aol.fr/balltrap34/demohijack.htm = démo
Choisis l'option "do a scan and a logfile", il va te générer un rapport, copie et colle sur le forum.
++
Telecharge ceci :
http://www.infos-du-net.com/telecharger/HijackThis.html = lien
http://pageperso.aol.fr/balltrap34/demohijack.htm = démo
Choisis l'option "do a scan and a logfile", il va te générer un rapport, copie et colle sur le forum.
++
gforce83
Messages postés
14
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
21 juillet 2007
17 juil. 2007 à 17:10
17 juil. 2007 à 17:10
j'ai déjà utilisé mais je fais ce que tu me dis
Logfile of Trend Micro HijackThis v2.0.0 (BETA) Scan saved at 17:12:49, on 17/07/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe C:\Program Files\Dell\OpenManage\Client\Iap.exe C:\Program Files\Network Associates\Common Framework\FrameworkService.exe C:\Program Files\Network Associates\VirusScan\Mcshield.exe C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe C:\WINDOWS\system32\nladm\NLAgentSvc.exe C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe C:\WINDOWS\System32\snmp.exe c:\wamp\apache2\bin\httpd.exe c:\wamp\mysql\bin\mysqld-nt.exe C:\wamp\apache2\bin\httpd.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE C:\Program Files\Common Files\Stardock\TrayServer.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\FastSysTray\FastsysTray.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\Alt+Q Hotkey.exe C:\Program Files\UberIcon\UberIcon Manager.exe C:\Program Files\YzShadow\YzShadow.exe C:\Program Files\Cobian Backup 8\Cobian.exe C:\Program Files\Mozilla Thunderbird\thunderbird.exe C:\wamp\wampmanager.exe C:\Program Files\Cobian Backup 8\cbInterface.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe C:\Documents and Settings\derwa\Desktop\HiJackThis_v2.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/content/public/choosecountry.aspx?c=us&l=en&s=gen R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/content/public/choosecountry.aspx?c=us&l=en&s=gen R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: (no name) - {5694CEA1-DA6C-4D8C-9287-022002E86DFE} - C:\WINDOWS\system32\mljge.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: (no name) - {941508F8-CCD9-44E0-AC29-4F1E141373F7} - C:\WINDOWS\system32\gebbxvv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE O4 - HKLM\..\Run: [System Files Updater] C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe /S O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] C:\Program Files\Common Files\Stardock\TrayServer.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [Fast SysTray] C:\Program Files\FastSysTray\FastsysTray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Alt+Q Hotkey Tool] C:\WINDOWS\Alt+Q Hotkey.exe O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe" O4 - HKCU\..\Run: [Yz Shadow] C:\Program Files\YzShadow\YzShadow.exe O4 - HKCU\..\Run: [Cobian Backup 8] "C:\Program Files\Cobian Backup 8\Cobian.exe" O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local O17 - HKLM\Software\..\Telephony: DomainName = bruxelles.eurologos.local O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local O20 - Winlogon Notify: gebbxvv - C:\WINDOWS\SYSTEM32\gebbxvv.dll O20 - Winlogon Notify: mljge - C:\WINDOWS\system32\mljge.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe O23 - Service: Google Update Service (gupdate) - Google Inc. - C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe O23 - Service: Iap - Dell Inc - C:\Program Files\Dell\OpenManage\Client\Iap.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe O23 - Service: Network LookOut Agent (NetworkLookOutAgent) - Unknown owner - C:\WINDOWS\system32\nladm\NLAgentSvc.exe O23 - Service: Net Monitor for Employees Agent (NMEmployeesAgent) - Unknown owner - C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe -- End of file - 10876 bytes
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
17 juil. 2007 à 19:50
17 juil. 2007 à 19:50
ok, evite de mettre les rapport en bleu stp, ce n'est pas très lisible ...
o Prendre connaissance du contenu du lien suivant: http://www.f-secure.com/products/license-terms/eult_fra.pdf
o Vous avez donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que vous allez télécharger.
o Faire un clic droit sur ce lien : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
o Enregistrez la cible (du lien) sous... et enregistrez-le sur le bureau.
o Faire un clic droit sur navilog1.zip et choisir "tout extraire"
o Double-cliquez sur navilog1.bat
o Arriver au menu principal, choisir l'option 1 et valider.
o Patientez jusqu'au message : Analyse Termine le ...
o Le rapport sera en outre sauvegardé à la racine du disque (fixnavi.txt), poste le stp
++
o Prendre connaissance du contenu du lien suivant: http://www.f-secure.com/products/license-terms/eult_fra.pdf
o Vous avez donc pris connaissance et accepté les conditions d'utilisations du programme blacklight qui est inclus dans le dossier compressé navilog1.zip que vous allez télécharger.
o Faire un clic droit sur ce lien : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.zip
o Enregistrez la cible (du lien) sous... et enregistrez-le sur le bureau.
o Faire un clic droit sur navilog1.zip et choisir "tout extraire"
o Double-cliquez sur navilog1.bat
o Arriver au menu principal, choisir l'option 1 et valider.
o Patientez jusqu'au message : Analyse Termine le ...
o Le rapport sera en outre sauvegardé à la racine du disque (fixnavi.txt), poste le stp
++
gforce83
Messages postés
14
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
21 juillet 2007
19 juil. 2007 à 09:37
19 juil. 2007 à 09:37
voilà et désolé pour le retard
Search Navipromo version 2.0.5 commencé le jeu. 19/07/2007 à 9:21:31,00
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 01.07.2007 a 12h00 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\derwa\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en
F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================
Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of October, 2007.
Version information: 2.2.1064.
[+] Started on 07/19/07 at 09:21:36.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items ....................................................................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 07/19/07 at 09:35:26 (return code = 0).
*** Recherche fichiers ***
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
Recherche Clé Magic Control
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
C:\WINDOWS\system32\egjlm.ini2 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\egjlm.bak1 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\egjlm.bak2 trouvé ! infection Vundo possible non traité par cet outil !
2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********
C:\WINDOWS\system32\atuyjsoy.exe trouvé !
C:\WINDOWS\system32\fgnsskoo.exe trouvé !
C:\WINDOWS\system32\iosrwlei.exe trouvé !
C:\WINDOWS\system32\kdwmyavf.exe trouvé !
C:\WINDOWS\system32\qjkjkgrn.exe trouvé !
C:\WINDOWS\system32\wibcqdyl.exe trouvé !
3)Recherche Certificats :
*** Analyse Terminé le jeu. 19/07/2007 à 9:36:32,64 ***
Search Navipromo version 2.0.5 commencé le jeu. 19/07/2007 à 9:21:31,00
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 01.07.2007 a 12h00 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\derwa\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
https://www.f-secure.com/en
F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR
======================================
Copyright 2005-2006 F-Secure Corporation. All rights reserved.
This is a beta version. It will expire on 1st of October, 2007.
Version information: 2.2.1064.
[+] Started on 07/19/07 at 09:21:36.
[+] Initializing ...
[+] Starting scan, press Ctrl-C to abort.
[+] Scanning for hidden items ....................................................................................................
[+] Scan complete.
[+] Summary: 0 hidden item(s) found, 0 scheduled for renaming.
[+] Exited on 07/19/07 at 09:35:26 (return code = 0).
*** Recherche fichiers ***
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
Recherche Clé Magic Control
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
C:\WINDOWS\system32\egjlm.ini2 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\egjlm.bak1 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\egjlm.bak2 trouvé ! infection Vundo possible non traité par cet outil !
2)Recherche Heuristique :
*
**
***
****
*****
******
*******
********
C:\WINDOWS\system32\atuyjsoy.exe trouvé !
C:\WINDOWS\system32\fgnsskoo.exe trouvé !
C:\WINDOWS\system32\iosrwlei.exe trouvé !
C:\WINDOWS\system32\kdwmyavf.exe trouvé !
C:\WINDOWS\system32\qjkjkgrn.exe trouvé !
C:\WINDOWS\system32\wibcqdyl.exe trouvé !
3)Recherche Certificats :
*** Analyse Terminé le jeu. 19/07/2007 à 9:36:32,64 ***
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
19 juil. 2007 à 13:31
19 juil. 2007 à 13:31
Salut
pas de soucis pour le retard ! :)
# Double-cliquer sur navilog1.bat
# Arriver au menu principal, choisir l'option 2 et valider.
# Indiquer le mode de nettoyage "automatique"
# Répondre aux questions éventuelles, le bureau disparaîtra, c'est normal !
# Patienter jusqu'au message : Nettoyage Termine le ...
# Sauvegarder le rapport de manière à le retrouver, puis fermer le blocnote, le bureau réapparaîtra
# Le rapport sera en outre sauvegardé à la racine du disque (cleannavi.txt), poste le
ensuite :
Télécharger Vundofix.exe (par Atribune) sur votre Bureau :
http://www.atribune.org/ccount/click.php?id=4
# Double-cliquer sur VundoFix.exe afin de le lancer.
# Cliquer sur le bouton Scan for Vundo.
# Lorsque le scan est complété, cliquer sur le bouton Remove Vundo.
# Une invite de commande demandera si l’on souhaite supprimer les fichiers, cliquer sur YES
# Après avoir cliqué "YES", le Bureau disparaîtra un moment lors de la suppression des fichiers.
# Une nouvelle invite de commende annoncera que le PC devra s'éteindre ("shutdown"). Cliquer sur OK , puis laisser le redémarrer.
# Le contenu du rapport est situé dans C:\vundofix.txt, poste le stp avec un nouveau hijack
@+
pas de soucis pour le retard ! :)
# Double-cliquer sur navilog1.bat
# Arriver au menu principal, choisir l'option 2 et valider.
# Indiquer le mode de nettoyage "automatique"
# Répondre aux questions éventuelles, le bureau disparaîtra, c'est normal !
# Patienter jusqu'au message : Nettoyage Termine le ...
# Sauvegarder le rapport de manière à le retrouver, puis fermer le blocnote, le bureau réapparaîtra
# Le rapport sera en outre sauvegardé à la racine du disque (cleannavi.txt), poste le
ensuite :
Télécharger Vundofix.exe (par Atribune) sur votre Bureau :
http://www.atribune.org/ccount/click.php?id=4
# Double-cliquer sur VundoFix.exe afin de le lancer.
# Cliquer sur le bouton Scan for Vundo.
# Lorsque le scan est complété, cliquer sur le bouton Remove Vundo.
# Une invite de commande demandera si l’on souhaite supprimer les fichiers, cliquer sur YES
# Après avoir cliqué "YES", le Bureau disparaîtra un moment lors de la suppression des fichiers.
# Une nouvelle invite de commende annoncera que le PC devra s'éteindre ("shutdown"). Cliquer sur OK , puis laisser le redémarrer.
# Le contenu du rapport est situé dans C:\vundofix.txt, poste le stp avec un nouveau hijack
@+
gforce83
Messages postés
14
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
21 juillet 2007
19 juil. 2007 à 15:29
19 juil. 2007 à 15:29
voilà mais je sais pas si ça a nettoyé quelque chose parceque dès que le nettoyage a été terminer une fenêtre avec de la pub est apparue :-s
Clean Navipromo version 2.0.5 commencé le jeu. 19/07/2007 à 15:22:04,24
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 01.07.2007 a 12h00 by IL-MAFIOSO
Mode suppression automatique avec prise en charge résultats Blacklight
*** fsbl1.txt non trouvé ***
(Assurez-vous que Blacklight n'avait rien trouvé lors de la recherche)
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\derwa\Application Data ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\derwa\Local Settings\Temp effectué !
*** Sauvegarde du registre vers dossier Backupnavi***
sauvegarde du registre réalise avec succes !
*** Nettoyage registre ***
Nettoyage registre Ok
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
C:\WINDOWS\system32\egjlm.ini2 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\egjlm.bak1 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\egjlm.bak2 trouvé ! infection Vundo possible non traité par cet outil !
2)Recherche et Suppression Heuristique :
*
**
***
****
*****
******
*******
********
C:\WINDOWS\System32\atuyjsoy.exe trouvé !
Copie C:\WINDOWS\system32\atuyjsoy.exe réalise avec succes !
C:\WINDOWS\system32\atuyjsoy.exe supprimé !
C:\WINDOWS\System32\fgnsskoo.exe trouvé !
Copie C:\WINDOWS\system32\fgnsskoo.exe réalise avec succes !
C:\WINDOWS\system32\fgnsskoo.exe supprimé !
C:\WINDOWS\System32\iosrwlei.exe trouvé !
Copie C:\WINDOWS\system32\iosrwlei.exe réalise avec succes !
C:\WINDOWS\system32\iosrwlei.exe supprimé !
C:\WINDOWS\System32\kdwmyavf.exe trouvé !
Copie C:\WINDOWS\system32\kdwmyavf.exe réalise avec succes !
C:\WINDOWS\system32\kdwmyavf.exe supprimé !
C:\WINDOWS\System32\qjkjkgrn.exe trouvé !
Copie C:\WINDOWS\system32\qjkjkgrn.exe réalise avec succes !
C:\WINDOWS\system32\qjkjkgrn.exe supprimé !
C:\WINDOWS\System32\wibcqdyl.exe trouvé !
Copie C:\WINDOWS\system32\wibcqdyl.exe réalise avec succes !
C:\WINDOWS\system32\wibcqdyl.exe supprimé !
3)Contrôle présence clés Rootkit dans le registre :
Aucune autre clés présente dans le registre !
4)Certificats :
*** Nettoyage termine le jeu. 19/07/2007 à 15:29:27,76 ***
Clean Navipromo version 2.0.5 commencé le jeu. 19/07/2007 à 15:22:04,24
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 01.07.2007 a 12h00 by IL-MAFIOSO
Mode suppression automatique avec prise en charge résultats Blacklight
*** fsbl1.txt non trouvé ***
(Assurez-vous que Blacklight n'avait rien trouvé lors de la recherche)
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\derwa\Application Data ***
*** Suppression fichiers ***
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\derwa\Local Settings\Temp effectué !
*** Sauvegarde du registre vers dossier Backupnavi***
sauvegarde du registre réalise avec succes !
*** Nettoyage registre ***
Nettoyage registre Ok
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
C:\WINDOWS\system32\egjlm.ini2 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\egjlm.bak1 trouvé ! infection Vundo possible non traité par cet outil !
C:\WINDOWS\system32\egjlm.bak2 trouvé ! infection Vundo possible non traité par cet outil !
2)Recherche et Suppression Heuristique :
*
**
***
****
*****
******
*******
********
C:\WINDOWS\System32\atuyjsoy.exe trouvé !
Copie C:\WINDOWS\system32\atuyjsoy.exe réalise avec succes !
C:\WINDOWS\system32\atuyjsoy.exe supprimé !
C:\WINDOWS\System32\fgnsskoo.exe trouvé !
Copie C:\WINDOWS\system32\fgnsskoo.exe réalise avec succes !
C:\WINDOWS\system32\fgnsskoo.exe supprimé !
C:\WINDOWS\System32\iosrwlei.exe trouvé !
Copie C:\WINDOWS\system32\iosrwlei.exe réalise avec succes !
C:\WINDOWS\system32\iosrwlei.exe supprimé !
C:\WINDOWS\System32\kdwmyavf.exe trouvé !
Copie C:\WINDOWS\system32\kdwmyavf.exe réalise avec succes !
C:\WINDOWS\system32\kdwmyavf.exe supprimé !
C:\WINDOWS\System32\qjkjkgrn.exe trouvé !
Copie C:\WINDOWS\system32\qjkjkgrn.exe réalise avec succes !
C:\WINDOWS\system32\qjkjkgrn.exe supprimé !
C:\WINDOWS\System32\wibcqdyl.exe trouvé !
Copie C:\WINDOWS\system32\wibcqdyl.exe réalise avec succes !
C:\WINDOWS\system32\wibcqdyl.exe supprimé !
3)Contrôle présence clés Rootkit dans le registre :
Aucune autre clés présente dans le registre !
4)Certificats :
*** Nettoyage termine le jeu. 19/07/2007 à 15:29:27,76 ***
gforce83
Messages postés
14
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
21 juillet 2007
19 juil. 2007 à 15:39
19 juil. 2007 à 15:39
VundoFix.txt
VundoFix V6.5.6
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.
Scan started at 15:34:49 19/07/2007
Listing files found while scanning....
C:\windows\system32\asdvcwwd.dll
C:\windows\system32\betqckfq.dll
C:\windows\system32\btmjemti.ini
C:\WINDOWS\system32\eyufintk.dll
C:\windows\system32\hiaapnin.exe
C:\windows\system32\hrjensul.dll
C:\windows\system32\iclfpyev.exe
C:\windows\system32\ikhiulnq.exe
C:\windows\system32\itmejmtb.dll
C:\windows\system32\ivcgqbgu.dll
C:\WINDOWS\system32\jmuqvwyd.dll
C:\windows\system32\jqijgcer.ini
C:\windows\system32\ktnifuye.ini
C:\WINDOWS\system32\mljge.dll
C:\windows\system32\qfkcqteb.ini
C:\windows\system32\recgjiqj.dll
C:\windows\system32\ugbqgcvi.ini
C:\windows\system32\upibyiua.dll
Beginning removal...
Attempting to delete C:\windows\system32\asdvcwwd.dll
C:\windows\system32\asdvcwwd.dll Has been deleted!
Attempting to delete C:\windows\system32\betqckfq.dll
C:\windows\system32\betqckfq.dll Has been deleted!
Attempting to delete C:\windows\system32\btmjemti.ini
C:\windows\system32\btmjemti.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\eyufintk.dll
C:\WINDOWS\system32\eyufintk.dll Has been deleted!
Attempting to delete C:\windows\system32\hiaapnin.exe
C:\windows\system32\hiaapnin.exe Has been deleted!
Attempting to delete C:\windows\system32\hrjensul.dll
C:\windows\system32\hrjensul.dll Has been deleted!
Attempting to delete C:\windows\system32\iclfpyev.exe
C:\windows\system32\iclfpyev.exe Has been deleted!
Attempting to delete C:\windows\system32\ikhiulnq.exe
C:\windows\system32\ikhiulnq.exe Has been deleted!
Attempting to delete C:\windows\system32\itmejmtb.dll
C:\windows\system32\itmejmtb.dll Has been deleted!
Attempting to delete C:\windows\system32\ivcgqbgu.dll
C:\windows\system32\ivcgqbgu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jmuqvwyd.dll
C:\WINDOWS\system32\jmuqvwyd.dll Has been deleted!
Attempting to delete C:\windows\system32\jqijgcer.ini
C:\windows\system32\jqijgcer.ini Has been deleted!
Attempting to delete C:\windows\system32\ktnifuye.ini
C:\windows\system32\ktnifuye.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljge.dll
C:\WINDOWS\system32\mljge.dll Has been deleted!
Attempting to delete C:\windows\system32\qfkcqteb.ini
C:\windows\system32\qfkcqteb.ini Has been deleted!
Attempting to delete C:\windows\system32\recgjiqj.dll
C:\windows\system32\recgjiqj.dll Has been deleted!
Attempting to delete C:\windows\system32\ugbqgcvi.ini
C:\windows\system32\ugbqgcvi.ini Has been deleted!
Attempting to delete C:\windows\system32\upibyiua.dll
C:\windows\system32\upibyiua.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.5.6
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.4
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.
Scan started at 15:34:49 19/07/2007
Listing files found while scanning....
C:\windows\system32\asdvcwwd.dll
C:\windows\system32\betqckfq.dll
C:\windows\system32\btmjemti.ini
C:\WINDOWS\system32\eyufintk.dll
C:\windows\system32\hiaapnin.exe
C:\windows\system32\hrjensul.dll
C:\windows\system32\iclfpyev.exe
C:\windows\system32\ikhiulnq.exe
C:\windows\system32\itmejmtb.dll
C:\windows\system32\ivcgqbgu.dll
C:\WINDOWS\system32\jmuqvwyd.dll
C:\windows\system32\jqijgcer.ini
C:\windows\system32\ktnifuye.ini
C:\WINDOWS\system32\mljge.dll
C:\windows\system32\qfkcqteb.ini
C:\windows\system32\recgjiqj.dll
C:\windows\system32\ugbqgcvi.ini
C:\windows\system32\upibyiua.dll
Beginning removal...
Attempting to delete C:\windows\system32\asdvcwwd.dll
C:\windows\system32\asdvcwwd.dll Has been deleted!
Attempting to delete C:\windows\system32\betqckfq.dll
C:\windows\system32\betqckfq.dll Has been deleted!
Attempting to delete C:\windows\system32\btmjemti.ini
C:\windows\system32\btmjemti.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\eyufintk.dll
C:\WINDOWS\system32\eyufintk.dll Has been deleted!
Attempting to delete C:\windows\system32\hiaapnin.exe
C:\windows\system32\hiaapnin.exe Has been deleted!
Attempting to delete C:\windows\system32\hrjensul.dll
C:\windows\system32\hrjensul.dll Has been deleted!
Attempting to delete C:\windows\system32\iclfpyev.exe
C:\windows\system32\iclfpyev.exe Has been deleted!
Attempting to delete C:\windows\system32\ikhiulnq.exe
C:\windows\system32\ikhiulnq.exe Has been deleted!
Attempting to delete C:\windows\system32\itmejmtb.dll
C:\windows\system32\itmejmtb.dll Has been deleted!
Attempting to delete C:\windows\system32\ivcgqbgu.dll
C:\windows\system32\ivcgqbgu.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jmuqvwyd.dll
C:\WINDOWS\system32\jmuqvwyd.dll Has been deleted!
Attempting to delete C:\windows\system32\jqijgcer.ini
C:\windows\system32\jqijgcer.ini Has been deleted!
Attempting to delete C:\windows\system32\ktnifuye.ini
C:\windows\system32\ktnifuye.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\mljge.dll
C:\WINDOWS\system32\mljge.dll Has been deleted!
Attempting to delete C:\windows\system32\qfkcqteb.ini
C:\windows\system32\qfkcqteb.ini Has been deleted!
Attempting to delete C:\windows\system32\recgjiqj.dll
C:\windows\system32\recgjiqj.dll Has been deleted!
Attempting to delete C:\windows\system32\ugbqgcvi.ini
C:\windows\system32\ugbqgcvi.ini Has been deleted!
Attempting to delete C:\windows\system32\upibyiua.dll
C:\windows\system32\upibyiua.dll Has been deleted!
Performing Repairs to the registry.
Done!
gforce83
Messages postés
14
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
21 juillet 2007
19 juil. 2007 à 15:41
19 juil. 2007 à 15:41
hijackthis.log
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 15:44:03, on 19/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nladm\NLAgentSvc.exe
C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
C:\WINDOWS\System32\snmp.exe
c:\wamp\apache2\bin\httpd.exe
c:\wamp\mysql\bin\mysqld-nt.exe
C:\wamp\apache2\bin\httpd.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Common Files\Stardock\TrayServer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\FastSysTray\FastsysTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Alt+Q Hotkey.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\YzShadow\YzShadow.exe
C:\Program Files\Cobian Backup 8\Cobian.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\wamp\wampmanager.exe
C:\Program Files\Cobian Backup 8\cbInterface.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\derwa\Desktop\HiJackThis_v2.exe
C:\WINDOWS\system32\rundll32.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/content/public/choosecountry.aspx?c=us&l=en&s=gen
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/content/public/choosecountry.aspx?c=us&l=en&s=gen
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {941508F8-CCD9-44E0-AC29-4F1E141373F7} - C:\WINDOWS\system32\gebbxvv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: (no name) - {D0FF020D-CE07-44BA-A07B-68B6C75BD1C9} - C:\WINDOWS\system32\mljge.dll (file missing)
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O2 - BHO: (no name) - {EF308343-077A-4602-A8B9-48BCA4484BA5} - C:\WINDOWS\system32\jkkjh.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [System Files Updater] C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe /S
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] C:\Program Files\Common Files\Stardock\TrayServer.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Fast SysTray] C:\Program Files\FastSysTray\FastsysTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Alt+Q Hotkey Tool] C:\WINDOWS\Alt+Q Hotkey.exe
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [Yz Shadow] C:\Program Files\YzShadow\YzShadow.exe
O4 - HKCU\..\Run: [Cobian Backup 8] "C:\Program Files\Cobian Backup 8\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\Software\..\Telephony: DomainName = bruxelles.eurologos.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O20 - Winlogon Notify: gebbxvv - C:\WINDOWS\SYSTEM32\gebbxvv.dll
O20 - Winlogon Notify: jkkjh - C:\WINDOWS\system32\jkkjh.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Update Service (gupdate) - Google Inc. - C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
O23 - Service: Iap - Dell Inc - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Network LookOut Agent (NetworkLookOutAgent) - Unknown owner - C:\WINDOWS\system32\nladm\NLAgentSvc.exe
O23 - Service: Net Monitor for Employees Agent (NMEmployeesAgent) - Unknown owner - C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 15:44:03, on 19/07/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nladm\NLAgentSvc.exe
C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
C:\WINDOWS\System32\snmp.exe
c:\wamp\apache2\bin\httpd.exe
c:\wamp\mysql\bin\mysqld-nt.exe
C:\wamp\apache2\bin\httpd.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Common Files\Stardock\TrayServer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\FastSysTray\FastsysTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Alt+Q Hotkey.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\YzShadow\YzShadow.exe
C:\Program Files\Cobian Backup 8\Cobian.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\wamp\wampmanager.exe
C:\Program Files\Cobian Backup 8\cbInterface.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\derwa\Desktop\HiJackThis_v2.exe
C:\WINDOWS\system32\rundll32.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.dell.com/content/public/choosecountry.aspx?c=us&l=en&s=gen
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.dell.com/content/public/choosecountry.aspx?c=us&l=en&s=gen
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {941508F8-CCD9-44E0-AC29-4F1E141373F7} - C:\WINDOWS\system32\gebbxvv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: (no name) - {D0FF020D-CE07-44BA-A07B-68B6C75BD1C9} - C:\WINDOWS\system32\mljge.dll (file missing)
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O2 - BHO: (no name) - {EF308343-077A-4602-A8B9-48BCA4484BA5} - C:\WINDOWS\system32\jkkjh.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [System Files Updater] C:\WINDOWS\FlyakiteOSX\Tools\System Files Updater.exe /S
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] C:\Program Files\Common Files\Stardock\TrayServer.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Fast SysTray] C:\Program Files\FastSysTray\FastsysTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Alt+Q Hotkey Tool] C:\WINDOWS\Alt+Q Hotkey.exe
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [Yz Shadow] C:\Program Files\YzShadow\YzShadow.exe
O4 - HKCU\..\Run: [Cobian Backup 8] "C:\Program Files\Cobian Backup 8\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\Software\..\Telephony: DomainName = bruxelles.eurologos.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O20 - Winlogon Notify: gebbxvv - C:\WINDOWS\SYSTEM32\gebbxvv.dll
O20 - Winlogon Notify: jkkjh - C:\WINDOWS\system32\jkkjh.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Update Service (gupdate) - Google Inc. - C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
O23 - Service: Iap - Dell Inc - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Network LookOut Agent (NetworkLookOutAgent) - Unknown owner - C:\WINDOWS\system32\nladm\NLAgentSvc.exe
O23 - Service: Net Monitor for Employees Agent (NMEmployeesAgent) - Unknown owner - C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
19 juil. 2007 à 16:07
19 juil. 2007 à 16:07
ok,
Télécharger ComboFix (par sUBs) sur le Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Démarrer en mode sans echec
* Double cliquer combofix.exe.
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée dans: C:\Combofix.txt , poste le avec un nouveau hijack stp
++
Télécharger ComboFix (par sUBs) sur le Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
* Démarrer en mode sans echec
* Double cliquer combofix.exe.
* Appuyer sur la touche Y (Yes) pour démarrer le scan
* Le rapport sera crée dans: C:\Combofix.txt , poste le avec un nouveau hijack stp
++
gforce83
Messages postés
14
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
21 juillet 2007
19 juil. 2007 à 16:57
19 juil. 2007 à 16:57
"derwa" - 2007-07-19 16:40:07 - ComboFix 07-07-14.6 - Service Pack 2 NTFS [SAFE MODE]
(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\ymsfakit.exe
C:\WINDOWS\system32\hjkkj.bak1
C:\WINDOWS\system32\hjkkj.ini
C:\WINDOWS\system32\egjlm.bak1
C:\WINDOWS\system32\egjlm.bak2
C:\WINDOWS\system32\egjlm.ini
C:\WINDOWS\system32\egjlm.ini2
C:\WINDOWS\system32\egjlm.tmp
C:\WINDOWS\system32\jkkjh.dll
C:\WINDOWS\system32\gebbxvv.dll
C:\WINDOWS\system32\gebbxvv.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
C:\WINDOWS\system32\jkkjh.dll
C:\WINDOWS\system32\gebbxvv.dll
C:\WINDOWS\system32\gebbxvv.dll
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\yjoxpflb.exe
((((((((((((((((((((((((( Files Created from 2007-06-19 to 2007-07-19 )))))))))))))))))))))))))))))))
2007-07-19 16:39 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-19 15:43 266,336 --------- C:\WINDOWS\system32\jkkjh.dll
2007-07-19 15:36 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2007-07-19 15:34 <DIR> d-------- C:\VundoFix Backups
2007-07-18 16:36 <DIR> d-------- C:\Program Files\Navilog1
2007-07-17 12:33 <DIR> d-------- C:\WINDOWS\Prefetch
2007-07-17 12:31 <DIR> d--h----- C:\Program Files\WindowsUpdate
2007-07-17 12:31 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-07-17 11:23 <DIR> d-------- C:\WINDOWS\system32\Dell
2007-07-17 11:13 <DIR> d-------- C:\WINDOWS\system32\vmm32
2007-07-16 10:12 <DIR> d-------- C:\Program Files\Lavasoft
2007-07-16 10:12 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-07-16 10:11 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-16 09:23 <DIR> d-------- C:\Program Files\CCleaner
2007-07-16 08:56 <DIR> d-------- C:\Program Files\movie maker
2007-07-13 16:46 <DIR> d-------- C:\Program Files\RogueRemover
2007-07-13 14:18 23 --ahs---- C:\WINDOWS\system32\ac7_r.dll
2007-07-13 14:18 <DIR> d-------- C:\Program Files\jv16 PowerTools 2007
2007-07-13 11:06 95,872 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-07-13 11:06 94,552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-13 11:06 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-13 11:06 745,600 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-13 11:06 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-13 11:06 26,888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-13 11:06 23,416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-13 11:06 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2007-07-13 11:06 <DIR> d-------- C:\Program Files\Alwil Software
2007-07-13 10:21 3,090 --a------ C:\WINDOWS\system32\tmp.reg
2007-07-13 10:20 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-07-13 10:20 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-07-11 13:15 <DIR> d-------- C:\DOCUME~1\derwa\APPLIC~1\dBpoweramp
2007-07-11 12:49 2,976 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp WavPack Codec.dat
2007-07-11 12:48 3,494 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Mp2 and BwfMp2 codec.dat
2007-07-11 12:48 3,087 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp mp3 (Fraunhofer IIS) Codec.dat
2007-07-11 12:48 3,076 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat
2007-07-11 12:48 2,999 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
2007-07-11 12:48 2,920 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat
2007-07-11 12:48 2,814 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.dat
2007-07-11 12:48 14,189 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2007-07-11 12:29 31,254 --------- C:\WINDOWS\system32\gebbxvv.dll
2007-07-10 12:50 <DIR> d-------- C:\Program Files\Webserver Stress Tool 7
2007-07-10 10:47 <DIR> d-------- C:\Program Files\WinPcap
2007-07-10 10:47 <DIR> d-------- C:\Program Files\EffeTech HTTP Sniffer
2007-07-10 10:37 <DIR> d-------- C:\DriveKey
2007-06-26 12:47 <DIR> d-------- C:\Program Files\Safari
2007-06-25 08:08 <DIR> d-------- C:\WINDOWS\system32\nladm
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-07-19 13:41:28 -------- d-----w C:\DOCUME~1\derwa\APPLIC~1\SolidDocuments
2007-07-17 14:30:30 -------- d-----w C:\Program Files\Steam
2007-07-17 06:58:40 -------- d-----w C:\Program Files\Winamp
2007-07-16 11:37:16 -------- d-----w C:\DOCUME~1\derwa\APPLIC~1\Azureus
2007-07-13 14:21:14 12,844 ----a-w C:\WINDOWS\mozver.dat
2007-07-13 13:47:55 -------- d-----w C:\Program Files\SlySoft
2007-07-13 13:47:49 -------- d-----w C:\Program Files\Viewpoint
2007-07-13 12:33:40 -------- d-----w C:\Program Files\CyberLink
2007-07-13 12:33:32 -------- d-----w C:\Program Files\themexp
2007-07-13 12:32:07 -------- d-----w C:\Program Files\amsn
2007-07-11 10:48:58 426,872 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2007-07-10 08:37:31 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-07-06 07:32:29 -------- d-----w C:\Program Files\Mozilla Thunderbird
2007-07-06 07:28:18 -------- d-----w C:\Program Files\Google
2007-06-27 07:15:36 -------- d-----w C:\DOCUME~1\derwa\APPLIC~1\Google
2007-06-26 10:48:01 -------- d-----w C:\DOCUME~1\derwa\APPLIC~1\Apple Computer
2007-06-22 10:05:55 -------- d-----w C:\DOCUME~1\derwa\APPLIC~1\MySQL
2007-06-12 07:15:27 -------- d-----w C:\Program Files\MySQL
2007-06-04 13:18:48 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-06-04 13:17:02 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-06-04 13:14:56 6,272 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys
2007-05-24 07:39:43 -------- d-----w C:\Program Files\Lavalys
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-20 15:05:49 664 ---ha-w C:\os745025.bin
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{259F616C-A300-44F5-B04A-ED001A26C85C}]
2004-12-24 02:33 208896 --a------ C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}]
2003-08-03 00:24 192512 -ra------ C:\Program Files\SpywareGuard\dlprotect.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 02:04 853672 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2006-10-12 04:25 434279 --a------ C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E}]
2007-07-19 15:43 266336 --------- C:\WINDOWS\system32\jkkjh.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{941508F8-CCD9-44E0-AC29-4F1E141373F7}]
2007-07-11 12:29 31254 --------- C:\WINDOWS\system32\gebbxvv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2006-11-17 16:44 2161728 -ra------ c:\program files\google\googletoolbar3.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
2007-01-11 10:35 623992 --a------ C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D0FF020D-CE07-44BA-A07B-68B6C75BD1C9}]
C:\WINDOWS\system32\mljge.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
2007-06-10 18:50 872448 --a------ C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2003-09-29 07:10]
"1A:Stardock TrayMonitor"="C:\Program Files\Common Files\Stardock\TrayServer.exe" [2003-02-14 03:57]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"Fast SysTray"="C:\Program Files\FastSysTray\FastsysTray.exe" [2005-10-05 10:39]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]
"Alt+Q Hotkey Tool"="C:\WINDOWS\Alt+Q Hotkey.exe" [2005-12-18 21:14]
"UberIcon"="C:\Program Files\UberIcon\UberIcon Manager.exe" [2006-02-24 02:32]
"Yz Shadow"="C:\Program Files\YzShadow\YzShadow.exe" [2006-02-24 04:51]
"Cobian Backup 8"="C:\Program Files\Cobian Backup 8\Cobian.exe" [2007-02-15 17:44]
"Steam"="" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{941508F8-CCD9-44E0-AC29-4F1E141373F7}"="C:\WINDOWS\system32\gebbxvv.dll" [2007-07-11 12:29]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebbxvv]
gebbxvv.dll --------- 2007-07-11 12:29 31254 C:\WINDOWS\system32\gebbxvv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkjh]
C:\WINDOWS\system32\jkkjh.dll --------- 2007-07-19 15:43 266336 C:\WINDOWS\system32\jkkjh.dll
[color=red]SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.[/color]
~~\SafeBoot\Minimal\RpcSs
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
"icq.com"=rundll32.exe "C:\WINDOWS\system32\betqckfq.dll",forkonce
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
Contents of the 'Scheduled Tasks' folder
2007-07-19 14:49:45 C:\WINDOWS\tasks\MP Scheduled Scan.job
**************************************************************************
catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-19 16:48:28
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\wampmysqld]
"ImagePath"="c:\wamp\mysql\bin\mysqld-nt.exe --defaults-file=c:\wamp\mysql\my.ini wampmysqld"
Completion time: 2007-07-19 16:52:47 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-19 16:52
--- E O F ---
HiJackThis:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 16:57, on 2007-07-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nladm\NLAgentSvc.exe
C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Common Files\Stardock\TrayServer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Alt+Q Hotkey.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\YzShadow\YzShadow.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\derwa\Desktop\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E} - C:\WINDOWS\system32\jkkjh.dll
O2 - BHO: (no name) - {941508F8-CCD9-44E0-AC29-4F1E141373F7} - C:\WINDOWS\system32\gebbxvv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: (no name) - {D0FF020D-CE07-44BA-A07B-68B6C75BD1C9} - C:\WINDOWS\system32\mljge.dll (file missing)
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] C:\Program Files\Common Files\Stardock\TrayServer.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Fast SysTray] C:\Program Files\FastSysTray\FastsysTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\pdqhwxcm.dll",forkonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Alt+Q Hotkey Tool] C:\WINDOWS\Alt+Q Hotkey.exe
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [Yz Shadow] C:\Program Files\YzShadow\YzShadow.exe
O4 - HKCU\..\Run: [Cobian Backup 8] "C:\Program Files\Cobian Backup 8\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\Software\..\Telephony: DomainName = bruxelles.eurologos.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O20 - Winlogon Notify: gebbxvv - C:\WINDOWS\SYSTEM32\gebbxvv.dll
O20 - Winlogon Notify: jkkjh - C:\WINDOWS\system32\jkkjh.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Update Service (gupdate) - Google Inc. - C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
O23 - Service: Iap - Dell Inc - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Network LookOut Agent (NetworkLookOutAgent) - Unknown owner - C:\WINDOWS\system32\nladm\NLAgentSvc.exe
O23 - Service: Net Monitor for Employees Agent (NMEmployeesAgent) - Unknown owner - C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\ymsfakit.exe
C:\WINDOWS\system32\hjkkj.bak1
C:\WINDOWS\system32\hjkkj.ini
C:\WINDOWS\system32\egjlm.bak1
C:\WINDOWS\system32\egjlm.bak2
C:\WINDOWS\system32\egjlm.ini
C:\WINDOWS\system32\egjlm.ini2
C:\WINDOWS\system32\egjlm.tmp
C:\WINDOWS\system32\jkkjh.dll
C:\WINDOWS\system32\gebbxvv.dll
C:\WINDOWS\system32\gebbxvv.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
C:\WINDOWS\system32\jkkjh.dll
C:\WINDOWS\system32\gebbxvv.dll
C:\WINDOWS\system32\gebbxvv.dll
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\yjoxpflb.exe
((((((((((((((((((((((((( Files Created from 2007-06-19 to 2007-07-19 )))))))))))))))))))))))))))))))
2007-07-19 16:39 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-07-19 15:43 266,336 --------- C:\WINDOWS\system32\jkkjh.dll
2007-07-19 15:36 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2007-07-19 15:34 <DIR> d-------- C:\VundoFix Backups
2007-07-18 16:36 <DIR> d-------- C:\Program Files\Navilog1
2007-07-17 12:33 <DIR> d-------- C:\WINDOWS\Prefetch
2007-07-17 12:31 <DIR> d--h----- C:\Program Files\WindowsUpdate
2007-07-17 12:31 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-07-17 11:23 <DIR> d-------- C:\WINDOWS\system32\Dell
2007-07-17 11:13 <DIR> d-------- C:\WINDOWS\system32\vmm32
2007-07-16 10:12 <DIR> d-------- C:\Program Files\Lavasoft
2007-07-16 10:12 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
2007-07-16 10:11 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-07-16 09:23 <DIR> d-------- C:\Program Files\CCleaner
2007-07-16 08:56 <DIR> d-------- C:\Program Files\movie maker
2007-07-13 16:46 <DIR> d-------- C:\Program Files\RogueRemover
2007-07-13 14:18 23 --ahs---- C:\WINDOWS\system32\ac7_r.dll
2007-07-13 14:18 <DIR> d-------- C:\Program Files\jv16 PowerTools 2007
2007-07-13 11:06 95,872 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-07-13 11:06 94,552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-13 11:06 85,952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-13 11:06 745,600 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-13 11:06 43,176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-13 11:06 26,888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-13 11:06 23,416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-13 11:06 1,060,864 --a------ C:\WINDOWS\system32\MFC71.dll
2007-07-13 11:06 <DIR> d-------- C:\Program Files\Alwil Software
2007-07-13 10:21 3,090 --a------ C:\WINDOWS\system32\tmp.reg
2007-07-13 10:20 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-07-13 10:20 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-07-11 13:15 <DIR> d-------- C:\DOCUME~1\derwa\APPLIC~1\dBpoweramp
2007-07-11 12:49 2,976 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp WavPack Codec.dat
2007-07-11 12:48 3,494 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Mp2 and BwfMp2 codec.dat
2007-07-11 12:48 3,087 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp mp3 (Fraunhofer IIS) Codec.dat
2007-07-11 12:48 3,076 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Monkeys Audio Codec.dat
2007-07-11 12:48 2,999 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Ogg Vorbis Codec.dat
2007-07-11 12:48 2,920 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp FLAC Codec.dat
2007-07-11 12:48 2,814 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp [Calculate Audio CRC] Codec.dat
2007-07-11 12:48 14,189 --a------ C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Music Converter.dat
2007-07-11 12:29 31,254 --------- C:\WINDOWS\system32\gebbxvv.dll
2007-07-10 12:50 <DIR> d-------- C:\Program Files\Webserver Stress Tool 7
2007-07-10 10:47 <DIR> d-------- C:\Program Files\WinPcap
2007-07-10 10:47 <DIR> d-------- C:\Program Files\EffeTech HTTP Sniffer
2007-07-10 10:37 <DIR> d-------- C:\DriveKey
2007-06-26 12:47 <DIR> d-------- C:\Program Files\Safari
2007-06-25 08:08 <DIR> d-------- C:\WINDOWS\system32\nladm
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-07-19 13:41:28 -------- d-----w C:\DOCUME~1\derwa\APPLIC~1\SolidDocuments
2007-07-17 14:30:30 -------- d-----w C:\Program Files\Steam
2007-07-17 06:58:40 -------- d-----w C:\Program Files\Winamp
2007-07-16 11:37:16 -------- d-----w C:\DOCUME~1\derwa\APPLIC~1\Azureus
2007-07-13 14:21:14 12,844 ----a-w C:\WINDOWS\mozver.dat
2007-07-13 13:47:55 -------- d-----w C:\Program Files\SlySoft
2007-07-13 13:47:49 -------- d-----w C:\Program Files\Viewpoint
2007-07-13 12:33:40 -------- d-----w C:\Program Files\CyberLink
2007-07-13 12:33:32 -------- d-----w C:\Program Files\themexp
2007-07-13 12:32:07 -------- d-----w C:\Program Files\amsn
2007-07-11 10:48:58 426,872 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2007-07-10 08:37:31 -------- d--h--w C:\Program Files\InstallShield Installation Information
2007-07-06 07:32:29 -------- d-----w C:\Program Files\Mozilla Thunderbird
2007-07-06 07:28:18 -------- d-----w C:\Program Files\Google
2007-06-27 07:15:36 -------- d-----w C:\DOCUME~1\derwa\APPLIC~1\Google
2007-06-26 10:48:01 -------- d-----w C:\DOCUME~1\derwa\APPLIC~1\Apple Computer
2007-06-22 10:05:55 -------- d-----w C:\DOCUME~1\derwa\APPLIC~1\MySQL
2007-06-12 07:15:27 -------- d-----w C:\Program Files\MySQL
2007-06-04 13:18:48 9,344 ----a-w C:\WINDOWS\system32\drivers\NSDriver.sys
2007-06-04 13:17:02 8,320 ----a-w C:\WINDOWS\system32\drivers\AWRTRD.sys
2007-06-04 13:14:56 6,272 ----a-w C:\WINDOWS\system32\drivers\AWRTPD.sys
2007-05-24 07:39:43 -------- d-----w C:\Program Files\Lavalys
2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-20 15:05:49 664 ---ha-w C:\os745025.bin
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
2006-10-22 23:08 62080 --a------ C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{259F616C-A300-44F5-B04A-ED001A26C85C}]
2004-12-24 02:33 208896 --a------ C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}]
2003-08-03 00:24 192512 -ra------ C:\Program Files\SpywareGuard\dlprotect.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
2005-05-31 02:04 853672 --a------ C:\PROGRA~1\SPYBOT~1\SDHelper.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
2006-10-12 04:25 434279 --a------ C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E}]
2007-07-19 15:43 266336 --------- C:\WINDOWS\system32\jkkjh.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{941508F8-CCD9-44E0-AC29-4F1E141373F7}]
2007-07-11 12:29 31254 --------- C:\WINDOWS\system32\gebbxvv.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
2006-11-17 16:44 2161728 -ra------ c:\program files\google\googletoolbar3.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{CC7E636D-39AA-49b6-B511-65413DA137A1}]
2007-01-11 10:35 623992 --a------ C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D0FF020D-CE07-44BA-A07B-68B6C75BD1C9}]
C:\WINDOWS\system32\mljge.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
2007-06-10 18:50 872448 --a------ C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2003-09-29 07:10]
"1A:Stardock TrayMonitor"="C:\Program Files\Common Files\Stardock\TrayServer.exe" [2003-02-14 03:57]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20]
"Fast SysTray"="C:\Program Files\FastSysTray\FastsysTray.exe" [2005-10-05 10:39]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 06:00]
"Alt+Q Hotkey Tool"="C:\WINDOWS\Alt+Q Hotkey.exe" [2005-12-18 21:14]
"UberIcon"="C:\Program Files\UberIcon\UberIcon Manager.exe" [2006-02-24 02:32]
"Yz Shadow"="C:\Program Files\YzShadow\YzShadow.exe" [2006-02-24 04:51]
"Cobian Backup 8"="C:\Program Files\Cobian Backup 8\Cobian.exe" [2007-02-15 17:44]
"Steam"="" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{941508F8-CCD9-44E0-AC29-4F1E141373F7}"="C:\WINDOWS\system32\gebbxvv.dll" [2007-07-11 12:29]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\gebbxvv]
gebbxvv.dll --------- 2007-07-11 12:29 31254 C:\WINDOWS\system32\gebbxvv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkjh]
C:\WINDOWS\system32\jkkjh.dll --------- 2007-07-19 15:43 266336 C:\WINDOWS\system32\jkkjh.dll
[color=red]SafeBoot registry key needs repairs. This machine cannot enter Safe Mode.[/color]
~~\SafeBoot\Minimal\RpcSs
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\aawservice]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"CloneCDTray"="C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
"icq.com"=rundll32.exe "C:\WINDOWS\system32\betqckfq.dll",forkonce
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
Contents of the 'Scheduled Tasks' folder
2007-07-19 14:49:45 C:\WINDOWS\tasks\MP Scheduled Scan.job
**************************************************************************
catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-07-19 16:48:28
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_LOCAL_MACHINE\system\ControlSet003\Services\wampmysqld]
"ImagePath"="c:\wamp\mysql\bin\mysqld-nt.exe --defaults-file=c:\wamp\mysql\my.ini wampmysqld"
Completion time: 2007-07-19 16:52:47 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-07-19 16:52
--- E O F ---
HiJackThis:
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 16:57, on 2007-07-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nladm\NLAgentSvc.exe
C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Common Files\Stardock\TrayServer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Alt+Q Hotkey.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\YzShadow\YzShadow.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\derwa\Desktop\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E} - C:\WINDOWS\system32\jkkjh.dll
O2 - BHO: (no name) - {941508F8-CCD9-44E0-AC29-4F1E141373F7} - C:\WINDOWS\system32\gebbxvv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: (no name) - {D0FF020D-CE07-44BA-A07B-68B6C75BD1C9} - C:\WINDOWS\system32\mljge.dll (file missing)
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] C:\Program Files\Common Files\Stardock\TrayServer.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Fast SysTray] C:\Program Files\FastSysTray\FastsysTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\pdqhwxcm.dll",forkonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Alt+Q Hotkey Tool] C:\WINDOWS\Alt+Q Hotkey.exe
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [Yz Shadow] C:\Program Files\YzShadow\YzShadow.exe
O4 - HKCU\..\Run: [Cobian Backup 8] "C:\Program Files\Cobian Backup 8\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\Software\..\Telephony: DomainName = bruxelles.eurologos.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O20 - Winlogon Notify: gebbxvv - C:\WINDOWS\SYSTEM32\gebbxvv.dll
O20 - Winlogon Notify: jkkjh - C:\WINDOWS\system32\jkkjh.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Update Service (gupdate) - Google Inc. - C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
O23 - Service: Iap - Dell Inc - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Network LookOut Agent (NetworkLookOutAgent) - Unknown owner - C:\WINDOWS\system32\nladm\NLAgentSvc.exe
O23 - Service: Net Monitor for Employees Agent (NMEmployeesAgent) - Unknown owner - C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
19 juil. 2007 à 17:07
19 juil. 2007 à 17:07
ok,
Télécharger VirtumundoBegone sur le bureau: http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
Double cliquer sur VirtumundoBeGone.exe et suivre les instructions.
Une fois terminé, redémarrer le PC, le rapport VBG.TXT sera crée sur le bureau .
(Si un message Ecran bleu "Erreur fatale" apparaît, pas d’inquiétude car c'est normal et attendu). Comme précédemment, refaire un rapport hijackhthis, et fixer les lignes correspondante comme indiquer plus haut.
++
Télécharger VirtumundoBegone sur le bureau: http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
Double cliquer sur VirtumundoBeGone.exe et suivre les instructions.
Une fois terminé, redémarrer le PC, le rapport VBG.TXT sera crée sur le bureau .
(Si un message Ecran bleu "Erreur fatale" apparaît, pas d’inquiétude car c'est normal et attendu). Comme précédemment, refaire un rapport hijackhthis, et fixer les lignes correspondante comme indiquer plus haut.
++
gforce83
Messages postés
14
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
21 juillet 2007
19 juil. 2007 à 17:19
19 juil. 2007 à 17:19
mais fixer quelle lignes?
[07/19/2007, 17:15:51] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\derwa\Desktop\VirtumundoBeGone.exe" )
[07/19/2007, 17:16:04] - Detected System Information:
[07/19/2007, 17:16:04] - Windows Version: 5.1.2600, Service Pack 2
[07/19/2007, 17:16:04] - Current Username: derwa (Admin)
[07/19/2007, 17:16:04] - Windows is in NORMAL mode.
[07/19/2007, 17:16:04] - Searching for Browser Helper Objects:
[07/19/2007, 17:16:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/19/2007, 17:16:04] - BHO 2: {259F616C-A300-44F5-B04A-ED001A26C85C} (Solid Converter PDF)
[07/19/2007, 17:16:04] - BHO 3: {4A368E80-174F-4872-96B5-0B27DDD11DB2} (SpywareGuardDLBLOCK.CBrowserHelper)
[07/19/2007, 17:16:04] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[07/19/2007, 17:16:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:04] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[07/19/2007, 17:16:04] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[07/19/2007, 17:16:04] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/19/2007, 17:16:04] - BHO 6: {7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E} ()
[07/19/2007, 17:16:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:04] - Checking for HKLM\...\Winlogon\Notify\jkkjh
[07/19/2007, 17:16:04] - Found: HKLM\...\Winlogon\Notify\jkkjh - This is probably Virtumundo.
[07/19/2007, 17:16:04] - Assigning {7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E} MSEvents Object
[07/19/2007, 17:16:04] - BHO list has been changed! Starting over...
[07/19/2007, 17:16:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/19/2007, 17:16:04] - BHO 2: {259F616C-A300-44F5-B04A-ED001A26C85C} (Solid Converter PDF)
[07/19/2007, 17:16:04] - BHO 3: {4A368E80-174F-4872-96B5-0B27DDD11DB2} (SpywareGuardDLBLOCK.CBrowserHelper)
[07/19/2007, 17:16:04] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[07/19/2007, 17:16:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:04] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[07/19/2007, 17:16:04] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[07/19/2007, 17:16:04] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/19/2007, 17:16:04] - BHO 6: {7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E} (MSEvents Object)
[07/19/2007, 17:16:04] - ALERT: Found MSEvents Object!
[07/19/2007, 17:16:04] - BHO 7: {941508F8-CCD9-44E0-AC29-4F1E141373F7} ()
[07/19/2007, 17:16:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:04] - Checking for HKLM\...\Winlogon\Notify\gebbxvv
[07/19/2007, 17:16:04] - Found: HKLM\...\Winlogon\Notify\gebbxvv - This is probably Virtumundo.
[07/19/2007, 17:16:04] - Assigning {941508F8-CCD9-44E0-AC29-4F1E141373F7} MSEvents Object
[07/19/2007, 17:16:04] - BHO list has been changed! Starting over...
[07/19/2007, 17:16:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/19/2007, 17:16:04] - BHO 2: {259F616C-A300-44F5-B04A-ED001A26C85C} (Solid Converter PDF)
[07/19/2007, 17:16:04] - BHO 3: {4A368E80-174F-4872-96B5-0B27DDD11DB2} (SpywareGuardDLBLOCK.CBrowserHelper)
[07/19/2007, 17:16:04] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[07/19/2007, 17:16:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:04] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[07/19/2007, 17:16:04] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[07/19/2007, 17:16:04] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/19/2007, 17:16:04] - BHO 6: {7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E} (MSEvents Object)
[07/19/2007, 17:16:04] - ALERT: Found MSEvents Object!
[07/19/2007, 17:16:04] - BHO 7: {941508F8-CCD9-44E0-AC29-4F1E141373F7} (MSEvents Object)
[07/19/2007, 17:16:04] - ALERT: Found MSEvents Object!
[07/19/2007, 17:16:04] - BHO 8: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[07/19/2007, 17:16:04] - BHO 9: {CC7E636D-39AA-49b6-B511-65413DA137A1} (IE DevToolbar BHO)
[07/19/2007, 17:16:04] - BHO 10: {D0FF020D-CE07-44BA-A07B-68B6C75BD1C9} ()
[07/19/2007, 17:16:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:04] - Checking for HKLM\...\Winlogon\Notify\mljge
[07/19/2007, 17:16:04] - Key not found: HKLM\...\Winlogon\Notify\mljge, continuing.
[07/19/2007, 17:16:04] - BHO 11: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} (Google Gears Helper)
[07/19/2007, 17:16:04] - Finished Searching Browser Helper Objects
[07/19/2007, 17:16:04] - *** Detected MSEvents Object
[07/19/2007, 17:16:04] - Trying to remove MSEvents Object...
[07/19/2007, 17:16:05] - Terminating Process: IEXPLORE.EXE
[07/19/2007, 17:16:05] - Terminating Process: RUNDLL32.EXE
[07/19/2007, 17:16:05] - Disabling Automatic Shell Restart
[07/19/2007, 17:16:05] - Terminating Process: EXPLORER.EXE
[07/19/2007, 17:16:05] - Suspending the NT Session Manager System Service
[07/19/2007, 17:16:06] - Terminating Windows NT Logon/Logoff Manager
[07/19/2007, 17:16:06] - Re-enabling Automatic Shell Restart
[07/19/2007, 17:16:06] - File to disable: C:\WINDOWS\system32\jkkjh.dll
[07/19/2007, 17:16:06] - Renaming C:\WINDOWS\system32\jkkjh.dll -> C:\WINDOWS\system32\jkkjh.dll.vir
[07/19/2007, 17:16:06] - File successfully renamed!
[07/19/2007, 17:16:06] - Removing HKLM\...\Browser Helper Objects\{7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E}
[07/19/2007, 17:16:06] - Removing HKCR\CLSID\{7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E}
[07/19/2007, 17:16:06] - Adding Kill Bit for ActiveX for GUID: {7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E}
[07/19/2007, 17:16:06] - Deleting ATLEvents/MSEvents Registry entries
[07/19/2007, 17:16:06] - Removing HKLM\...\Winlogon\Notify\jkkjh
[07/19/2007, 17:16:06] - Searching for Browser Helper Objects:
[07/19/2007, 17:16:06] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/19/2007, 17:16:06] - BHO 2: {259F616C-A300-44F5-B04A-ED001A26C85C} (Solid Converter PDF)
[07/19/2007, 17:16:06] - BHO 3: {4A368E80-174F-4872-96B5-0B27DDD11DB2} (SpywareGuardDLBLOCK.CBrowserHelper)
[07/19/2007, 17:16:06] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[07/19/2007, 17:16:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:06] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[07/19/2007, 17:16:06] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[07/19/2007, 17:16:06] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/19/2007, 17:16:06] - BHO 6: {941508F8-CCD9-44E0-AC29-4F1E141373F7} (MSEvents Object)
[07/19/2007, 17:16:06] - ALERT: Found MSEvents Object!
[07/19/2007, 17:16:06] - BHO 7: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[07/19/2007, 17:16:06] - BHO 8: {CC7E636D-39AA-49b6-B511-65413DA137A1} (IE DevToolbar BHO)
[07/19/2007, 17:16:06] - BHO 9: {D0FF020D-CE07-44BA-A07B-68B6C75BD1C9} ()
[07/19/2007, 17:16:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:06] - Checking for HKLM\...\Winlogon\Notify\mljge
[07/19/2007, 17:16:06] - Key not found: HKLM\...\Winlogon\Notify\mljge, continuing.
[07/19/2007, 17:16:06] - BHO 10: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} (Google Gears Helper)
[07/19/2007, 17:16:06] - Finished Searching Browser Helper Objects
[07/19/2007, 17:16:06] - *** Detected MSEvents Object
[07/19/2007, 17:16:06] - Trying to remove MSEvents Object...
[07/19/2007, 17:16:07] - Terminating Process: IEXPLORE.EXE
[07/19/2007, 17:16:07] - Terminating Process: RUNDLL32.EXE
[07/19/2007, 17:16:07] - Disabling Automatic Shell Restart
[07/19/2007, 17:16:07] - Terminating Process: EXPLORER.EXE
[07/19/2007, 17:16:07] - Suspending the NT Session Manager System Service
[07/19/2007, 17:16:07] - Terminating Windows NT Logon/Logoff Manager
[07/19/2007, 17:16:07] - Re-enabling Automatic Shell Restart
[07/19/2007, 17:16:07] - File to disable: C:\WINDOWS\system32\gebbxvv.dll
[07/19/2007, 17:16:07] - Renaming C:\WINDOWS\system32\gebbxvv.dll -> C:\WINDOWS\system32\gebbxvv.dll.vir
[07/19/2007, 17:16:07] - File successfully renamed!
[07/19/2007, 17:16:07] - Removing HKLM\...\Browser Helper Objects\{941508F8-CCD9-44E0-AC29-4F1E141373F7}
[07/19/2007, 17:16:07] - Removing HKCR\CLSID\{941508F8-CCD9-44E0-AC29-4F1E141373F7}
[07/19/2007, 17:16:07] - Adding Kill Bit for ActiveX for GUID: {941508F8-CCD9-44E0-AC29-4F1E141373F7}
[07/19/2007, 17:16:07] - Deleting ATLEvents/MSEvents Registry entries
[07/19/2007, 17:16:07] - Removing HKLM\...\Winlogon\Notify\gebbxvv
[07/19/2007, 17:16:07] - Searching for Browser Helper Objects:
[07/19/2007, 17:16:07] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/19/2007, 17:16:07] - BHO 2: {259F616C-A300-44F5-B04A-ED001A26C85C} (Solid Converter PDF)
[07/19/2007, 17:16:07] - BHO 3: {4A368E80-174F-4872-96B5-0B27DDD11DB2} (SpywareGuardDLBLOCK.CBrowserHelper)
[07/19/2007, 17:16:07] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[07/19/2007, 17:16:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:07] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[07/19/2007, 17:16:07] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[07/19/2007, 17:16:07] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/19/2007, 17:16:07] - BHO 6: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[07/19/2007, 17:16:07] - BHO 7: {CC7E636D-39AA-49b6-B511-65413DA137A1} (IE DevToolbar BHO)
[07/19/2007, 17:16:07] - BHO 8: {D0FF020D-CE07-44BA-A07B-68B6C75BD1C9} ()
[07/19/2007, 17:16:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:07] - Checking for HKLM\...\Winlogon\Notify\mljge
[07/19/2007, 17:16:07] - Key not found: HKLM\...\Winlogon\Notify\mljge, continuing.
[07/19/2007, 17:16:07] - BHO 9: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} (Google Gears Helper)
[07/19/2007, 17:16:07] - Finished Searching Browser Helper Objects
[07/19/2007, 17:16:07] - Finishing up...
[07/19/2007, 17:16:07] - A restart is needed.
[07/19/2007, 17:16:07] - Automatic Reboot on STOP Error is not set. User will have to manually restart.
[07/19/2007, 17:16:30] - Attempting to Restart via STOP error (Blue Screen!)
HiJackThis_v2
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 17:21, on 2007-07-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nladm\NLAgentSvc.exe
C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Common Files\Stardock\TrayServer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\FastSysTray\FastsysTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Alt+Q Hotkey.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\YzShadow\YzShadow.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\derwa\Desktop\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: (no name) - {D0FF020D-CE07-44BA-A07B-68B6C75BD1C9} - C:\WINDOWS\system32\mljge.dll (file missing)
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] C:\Program Files\Common Files\Stardock\TrayServer.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Fast SysTray] C:\Program Files\FastSysTray\FastsysTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\pdqhwxcm.dll",forkonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Alt+Q Hotkey Tool] C:\WINDOWS\Alt+Q Hotkey.exe
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [Yz Shadow] C:\Program Files\YzShadow\YzShadow.exe
O4 - HKCU\..\Run: [Cobian Backup 8] "C:\Program Files\Cobian Backup 8\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\Software\..\Telephony: DomainName = bruxelles.eurologos.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Update Service (gupdate) - Google Inc. - C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
O23 - Service: Iap - Dell Inc - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Network LookOut Agent (NetworkLookOutAgent) - Unknown owner - C:\WINDOWS\system32\nladm\NLAgentSvc.exe
O23 - Service: Net Monitor for Employees Agent (NMEmployeesAgent) - Unknown owner - C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
[07/19/2007, 17:15:51] - VirtumundoBeGone v1.5 ( "C:\Documents and Settings\derwa\Desktop\VirtumundoBeGone.exe" )
[07/19/2007, 17:16:04] - Detected System Information:
[07/19/2007, 17:16:04] - Windows Version: 5.1.2600, Service Pack 2
[07/19/2007, 17:16:04] - Current Username: derwa (Admin)
[07/19/2007, 17:16:04] - Windows is in NORMAL mode.
[07/19/2007, 17:16:04] - Searching for Browser Helper Objects:
[07/19/2007, 17:16:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/19/2007, 17:16:04] - BHO 2: {259F616C-A300-44F5-B04A-ED001A26C85C} (Solid Converter PDF)
[07/19/2007, 17:16:04] - BHO 3: {4A368E80-174F-4872-96B5-0B27DDD11DB2} (SpywareGuardDLBLOCK.CBrowserHelper)
[07/19/2007, 17:16:04] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[07/19/2007, 17:16:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:04] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[07/19/2007, 17:16:04] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[07/19/2007, 17:16:04] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/19/2007, 17:16:04] - BHO 6: {7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E} ()
[07/19/2007, 17:16:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:04] - Checking for HKLM\...\Winlogon\Notify\jkkjh
[07/19/2007, 17:16:04] - Found: HKLM\...\Winlogon\Notify\jkkjh - This is probably Virtumundo.
[07/19/2007, 17:16:04] - Assigning {7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E} MSEvents Object
[07/19/2007, 17:16:04] - BHO list has been changed! Starting over...
[07/19/2007, 17:16:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/19/2007, 17:16:04] - BHO 2: {259F616C-A300-44F5-B04A-ED001A26C85C} (Solid Converter PDF)
[07/19/2007, 17:16:04] - BHO 3: {4A368E80-174F-4872-96B5-0B27DDD11DB2} (SpywareGuardDLBLOCK.CBrowserHelper)
[07/19/2007, 17:16:04] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[07/19/2007, 17:16:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:04] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[07/19/2007, 17:16:04] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[07/19/2007, 17:16:04] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/19/2007, 17:16:04] - BHO 6: {7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E} (MSEvents Object)
[07/19/2007, 17:16:04] - ALERT: Found MSEvents Object!
[07/19/2007, 17:16:04] - BHO 7: {941508F8-CCD9-44E0-AC29-4F1E141373F7} ()
[07/19/2007, 17:16:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:04] - Checking for HKLM\...\Winlogon\Notify\gebbxvv
[07/19/2007, 17:16:04] - Found: HKLM\...\Winlogon\Notify\gebbxvv - This is probably Virtumundo.
[07/19/2007, 17:16:04] - Assigning {941508F8-CCD9-44E0-AC29-4F1E141373F7} MSEvents Object
[07/19/2007, 17:16:04] - BHO list has been changed! Starting over...
[07/19/2007, 17:16:04] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/19/2007, 17:16:04] - BHO 2: {259F616C-A300-44F5-B04A-ED001A26C85C} (Solid Converter PDF)
[07/19/2007, 17:16:04] - BHO 3: {4A368E80-174F-4872-96B5-0B27DDD11DB2} (SpywareGuardDLBLOCK.CBrowserHelper)
[07/19/2007, 17:16:04] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[07/19/2007, 17:16:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:04] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[07/19/2007, 17:16:04] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[07/19/2007, 17:16:04] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/19/2007, 17:16:04] - BHO 6: {7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E} (MSEvents Object)
[07/19/2007, 17:16:04] - ALERT: Found MSEvents Object!
[07/19/2007, 17:16:04] - BHO 7: {941508F8-CCD9-44E0-AC29-4F1E141373F7} (MSEvents Object)
[07/19/2007, 17:16:04] - ALERT: Found MSEvents Object!
[07/19/2007, 17:16:04] - BHO 8: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[07/19/2007, 17:16:04] - BHO 9: {CC7E636D-39AA-49b6-B511-65413DA137A1} (IE DevToolbar BHO)
[07/19/2007, 17:16:04] - BHO 10: {D0FF020D-CE07-44BA-A07B-68B6C75BD1C9} ()
[07/19/2007, 17:16:04] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:04] - Checking for HKLM\...\Winlogon\Notify\mljge
[07/19/2007, 17:16:04] - Key not found: HKLM\...\Winlogon\Notify\mljge, continuing.
[07/19/2007, 17:16:04] - BHO 11: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} (Google Gears Helper)
[07/19/2007, 17:16:04] - Finished Searching Browser Helper Objects
[07/19/2007, 17:16:04] - *** Detected MSEvents Object
[07/19/2007, 17:16:04] - Trying to remove MSEvents Object...
[07/19/2007, 17:16:05] - Terminating Process: IEXPLORE.EXE
[07/19/2007, 17:16:05] - Terminating Process: RUNDLL32.EXE
[07/19/2007, 17:16:05] - Disabling Automatic Shell Restart
[07/19/2007, 17:16:05] - Terminating Process: EXPLORER.EXE
[07/19/2007, 17:16:05] - Suspending the NT Session Manager System Service
[07/19/2007, 17:16:06] - Terminating Windows NT Logon/Logoff Manager
[07/19/2007, 17:16:06] - Re-enabling Automatic Shell Restart
[07/19/2007, 17:16:06] - File to disable: C:\WINDOWS\system32\jkkjh.dll
[07/19/2007, 17:16:06] - Renaming C:\WINDOWS\system32\jkkjh.dll -> C:\WINDOWS\system32\jkkjh.dll.vir
[07/19/2007, 17:16:06] - File successfully renamed!
[07/19/2007, 17:16:06] - Removing HKLM\...\Browser Helper Objects\{7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E}
[07/19/2007, 17:16:06] - Removing HKCR\CLSID\{7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E}
[07/19/2007, 17:16:06] - Adding Kill Bit for ActiveX for GUID: {7F044ECC-ECEC-4FEA-B0DA-7E08CF17319E}
[07/19/2007, 17:16:06] - Deleting ATLEvents/MSEvents Registry entries
[07/19/2007, 17:16:06] - Removing HKLM\...\Winlogon\Notify\jkkjh
[07/19/2007, 17:16:06] - Searching for Browser Helper Objects:
[07/19/2007, 17:16:06] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/19/2007, 17:16:06] - BHO 2: {259F616C-A300-44F5-B04A-ED001A26C85C} (Solid Converter PDF)
[07/19/2007, 17:16:06] - BHO 3: {4A368E80-174F-4872-96B5-0B27DDD11DB2} (SpywareGuardDLBLOCK.CBrowserHelper)
[07/19/2007, 17:16:06] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[07/19/2007, 17:16:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:06] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[07/19/2007, 17:16:06] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[07/19/2007, 17:16:06] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/19/2007, 17:16:06] - BHO 6: {941508F8-CCD9-44E0-AC29-4F1E141373F7} (MSEvents Object)
[07/19/2007, 17:16:06] - ALERT: Found MSEvents Object!
[07/19/2007, 17:16:06] - BHO 7: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[07/19/2007, 17:16:06] - BHO 8: {CC7E636D-39AA-49b6-B511-65413DA137A1} (IE DevToolbar BHO)
[07/19/2007, 17:16:06] - BHO 9: {D0FF020D-CE07-44BA-A07B-68B6C75BD1C9} ()
[07/19/2007, 17:16:06] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:06] - Checking for HKLM\...\Winlogon\Notify\mljge
[07/19/2007, 17:16:06] - Key not found: HKLM\...\Winlogon\Notify\mljge, continuing.
[07/19/2007, 17:16:06] - BHO 10: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} (Google Gears Helper)
[07/19/2007, 17:16:06] - Finished Searching Browser Helper Objects
[07/19/2007, 17:16:06] - *** Detected MSEvents Object
[07/19/2007, 17:16:06] - Trying to remove MSEvents Object...
[07/19/2007, 17:16:07] - Terminating Process: IEXPLORE.EXE
[07/19/2007, 17:16:07] - Terminating Process: RUNDLL32.EXE
[07/19/2007, 17:16:07] - Disabling Automatic Shell Restart
[07/19/2007, 17:16:07] - Terminating Process: EXPLORER.EXE
[07/19/2007, 17:16:07] - Suspending the NT Session Manager System Service
[07/19/2007, 17:16:07] - Terminating Windows NT Logon/Logoff Manager
[07/19/2007, 17:16:07] - Re-enabling Automatic Shell Restart
[07/19/2007, 17:16:07] - File to disable: C:\WINDOWS\system32\gebbxvv.dll
[07/19/2007, 17:16:07] - Renaming C:\WINDOWS\system32\gebbxvv.dll -> C:\WINDOWS\system32\gebbxvv.dll.vir
[07/19/2007, 17:16:07] - File successfully renamed!
[07/19/2007, 17:16:07] - Removing HKLM\...\Browser Helper Objects\{941508F8-CCD9-44E0-AC29-4F1E141373F7}
[07/19/2007, 17:16:07] - Removing HKCR\CLSID\{941508F8-CCD9-44E0-AC29-4F1E141373F7}
[07/19/2007, 17:16:07] - Adding Kill Bit for ActiveX for GUID: {941508F8-CCD9-44E0-AC29-4F1E141373F7}
[07/19/2007, 17:16:07] - Deleting ATLEvents/MSEvents Registry entries
[07/19/2007, 17:16:07] - Removing HKLM\...\Winlogon\Notify\gebbxvv
[07/19/2007, 17:16:07] - Searching for Browser Helper Objects:
[07/19/2007, 17:16:07] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[07/19/2007, 17:16:07] - BHO 2: {259F616C-A300-44F5-B04A-ED001A26C85C} (Solid Converter PDF)
[07/19/2007, 17:16:07] - BHO 3: {4A368E80-174F-4872-96B5-0B27DDD11DB2} (SpywareGuardDLBLOCK.CBrowserHelper)
[07/19/2007, 17:16:07] - BHO 4: {53707962-6F74-2D53-2644-206D7942484F} ()
[07/19/2007, 17:16:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:07] - Checking for HKLM\...\Winlogon\Notify\SDHelper
[07/19/2007, 17:16:07] - Key not found: HKLM\...\Winlogon\Notify\SDHelper, continuing.
[07/19/2007, 17:16:07] - BHO 5: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} (SSVHelper Class)
[07/19/2007, 17:16:07] - BHO 6: {AA58ED58-01DD-4d91-8333-CF10577473F7} (Google Toolbar Helper)
[07/19/2007, 17:16:07] - BHO 7: {CC7E636D-39AA-49b6-B511-65413DA137A1} (IE DevToolbar BHO)
[07/19/2007, 17:16:07] - BHO 8: {D0FF020D-CE07-44BA-A07B-68B6C75BD1C9} ()
[07/19/2007, 17:16:07] - WARNING: BHO has no default name. Checking for Winlogon reference.
[07/19/2007, 17:16:07] - Checking for HKLM\...\Winlogon\Notify\mljge
[07/19/2007, 17:16:07] - Key not found: HKLM\...\Winlogon\Notify\mljge, continuing.
[07/19/2007, 17:16:07] - BHO 9: {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} (Google Gears Helper)
[07/19/2007, 17:16:07] - Finished Searching Browser Helper Objects
[07/19/2007, 17:16:07] - Finishing up...
[07/19/2007, 17:16:07] - A restart is needed.
[07/19/2007, 17:16:07] - Automatic Reboot on STOP Error is not set. User will have to manually restart.
[07/19/2007, 17:16:30] - Attempting to Restart via STOP error (Blue Screen!)
HiJackThis_v2
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 17:21, on 2007-07-19
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nladm\NLAgentSvc.exe
C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Common Files\Stardock\TrayServer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\FastSysTray\FastsysTray.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Alt+Q Hotkey.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\YzShadow\YzShadow.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\derwa\Desktop\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: (no name) - {D0FF020D-CE07-44BA-A07B-68B6C75BD1C9} - C:\WINDOWS\system32\mljge.dll (file missing)
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] C:\Program Files\Common Files\Stardock\TrayServer.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Fast SysTray] C:\Program Files\FastSysTray\FastsysTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\pdqhwxcm.dll",forkonce
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Alt+Q Hotkey Tool] C:\WINDOWS\Alt+Q Hotkey.exe
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [Yz Shadow] C:\Program Files\YzShadow\YzShadow.exe
O4 - HKCU\..\Run: [Cobian Backup 8] "C:\Program Files\Cobian Backup 8\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\Software\..\Telephony: DomainName = bruxelles.eurologos.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Update Service (gupdate) - Google Inc. - C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
O23 - Service: Iap - Dell Inc - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Network LookOut Agent (NetworkLookOutAgent) - Unknown owner - C:\WINDOWS\system32\nladm\NLAgentSvc.exe
O23 - Service: Net Monitor for Employees Agent (NMEmployeesAgent) - Unknown owner - C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
19 juil. 2007 à 22:13
19 juil. 2007 à 22:13
Oups ! le fixage de lignes, c'est pas pour tout de suite ! :)
fais ce qui est indiqué ici :
virus methode preliminaire de desinfection version fr
++
fais ce qui est indiqué ici :
virus methode preliminaire de desinfection version fr
++
gforce83
Messages postés
14
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
21 juillet 2007
19 juil. 2007 à 23:09
19 juil. 2007 à 23:09
ok je ferais ça demain vu que c'est le pc du boulot. en tout cas merci pour ton aide.
mais pouquoi oup? serait tu m'expliquer un peu ma situation.
Merci
mais pouquoi oup? serait tu m'expliquer un peu ma situation.
Merci
gforce83
Messages postés
14
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
21 juillet 2007
20 juil. 2007 à 10:54
20 juil. 2007 à 10:54
rapport AVG
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 10:57 2007-07-20
+ Résultat de l'analyse:
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF} -> Adware.Generic : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ymsfakit.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\WINDOWS\system32\qevinibj.exe -> Downloader.Tiny.id : Nettoyé.
:mozilla.221:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.222:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.223:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.224:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.225:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.226:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.227:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.87:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.13:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v0a5u9f7.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.404:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.405:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.406:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.407:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.408:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.409:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.410:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.411:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.412:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.413:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.414:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.415:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.416:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.417:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.418:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.419:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.420:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.421:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.422:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.66:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.67:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.6:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Profiles\default\hkf1yl10.slt\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.811:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.849:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Administrator.BRUXELLES\Cookies\administrator@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.367:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.368:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.369:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.122:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.8:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v0a5u9f7.default\cookies.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.76:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.77:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.80:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.81:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.553:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.554:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.556:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.557:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.558:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.679:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.680:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.134:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.14:C:\Documents and Settings\derwa\Application Data\Mozilla\Firefox\Profiles\1rd9cmv1.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.8:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.13:C:\Documents and Settings\derwa\Application Data\Mozilla\Firefox\Profiles\1rd9cmv1.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.196:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Administrator\Cookies\administrator@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.482:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.483:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\Administrator\Cookies\administrator@com[2].txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@com[2].txt -> TrackingCookie.Com : Nettoyé.
:mozilla.47:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.48:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.49:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.510:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.511:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.513:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.12:C:\Documents and Settings\derwa\Application Data\Mozilla\Firefox\Profiles\1rd9cmv1.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.95:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.28:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.593:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.193:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.194:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.195:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.198:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.199:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.200:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.201:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.436:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.437:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.438:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.440:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.289:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.358:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.359:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.360:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.361:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.856:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@phg.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.486:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Hitslink : Nettoyé.
:mozilla.101:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.102:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.502:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.503:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.424:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Komtrack : Nettoyé.
:mozilla.425:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Komtrack : Nettoyé.
:mozilla.715:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.716:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.717:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.178:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.120:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.121:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.293:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.294:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Administrator.BRUXELLES\Cookies\administrator@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.16:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.45:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.470:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.471:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.472:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.473:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.169:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.170:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.171:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.27:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Profiles\default\hkf1yl10.slt\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.107:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.108:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@realmedia[1].txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.386:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.387:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.388:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.389:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.390:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.391:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.392:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.370:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.371:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.372:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.373:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.374:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.447:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.448:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.449:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.450:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.451:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.452:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.114:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.115:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.116:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.117:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.305:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.307:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.647:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.6:C:\Documents and Settings\derwa\Application Data\Mozilla\Firefox\Profiles\1rd9cmv1.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
C:\Documents and Settings\Administrator\Cookies\administrator@skype[1].txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.204:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.205:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.206:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.31:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.32:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.33:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.850:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Spylog : Nettoyé.
C:\Documents and Settings\Administrator\Cookies\administrator@starware[2].txt -> TrackingCookie.Starware : Nettoyé.
:mozilla.333:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.334:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.335:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.336:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.337:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.338:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.339:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.340:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.341:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.342:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.343:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.344:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.345:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.346:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.347:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.348:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.349:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.350:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.351:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.352:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.353:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.354:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.355:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.172:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.174:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.175:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.28:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Profiles\default\hkf1yl10.slt\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.29:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Profiles\default\hkf1yl10.slt\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.44:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.79:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.80:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.81:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.82:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.73:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Trafic : Nettoyé.
:mozilla.110:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.326:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.489:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.59:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.859:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.860:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.861:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.245:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.246:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.247:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.673:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Administrator.BRUXELLES\Cookies\administrator@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.173:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.383:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.384:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.385:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.691:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.692:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.693:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 10:57 2007-07-20
+ Résultat de l'analyse:
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FFFFFFFF-FFFF-FFFF-FFFF-FFFFFFFFFFFF} -> Adware.Generic : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ymsfakit.exe.vir -> Downloader.Tiny.id : Nettoyé.
C:\WINDOWS\system32\qevinibj.exe -> Downloader.Tiny.id : Nettoyé.
:mozilla.221:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.222:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.223:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.224:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.225:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.226:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.227:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.87:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.13:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v0a5u9f7.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.404:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.405:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.406:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.407:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.408:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.409:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.410:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.411:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.412:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.413:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.414:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.415:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.416:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.417:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.418:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.419:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.420:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.421:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.422:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.66:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.67:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.6:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Profiles\default\hkf1yl10.slt\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.811:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.849:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Administrator.BRUXELLES\Cookies\administrator@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.367:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.368:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.369:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.122:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.8:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\v0a5u9f7.default\cookies.txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.76:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.77:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.80:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.81:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.553:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.554:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.556:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.557:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.558:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.679:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.680:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.134:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.14:C:\Documents and Settings\derwa\Application Data\Mozilla\Firefox\Profiles\1rd9cmv1.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.8:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.13:C:\Documents and Settings\derwa\Application Data\Mozilla\Firefox\Profiles\1rd9cmv1.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.196:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Administrator\Cookies\administrator@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.482:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
:mozilla.483:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\Administrator\Cookies\administrator@com[2].txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@com[2].txt -> TrackingCookie.Com : Nettoyé.
:mozilla.47:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.48:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.49:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.510:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.511:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.513:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.12:C:\Documents and Settings\derwa\Application Data\Mozilla\Firefox\Profiles\1rd9cmv1.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.95:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.28:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.593:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.193:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.194:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.195:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.198:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.199:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.200:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.201:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.436:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.437:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.438:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.440:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.289:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.358:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.359:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.360:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.361:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.856:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@phg.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.486:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Hitslink : Nettoyé.
:mozilla.101:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.102:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.502:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.503:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.424:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Komtrack : Nettoyé.
:mozilla.425:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Komtrack : Nettoyé.
:mozilla.715:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.716:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.717:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.178:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.120:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.121:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.293:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.294:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Administrator.BRUXELLES\Cookies\administrator@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.16:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.45:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.470:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.471:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.472:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.473:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.169:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.170:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.171:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.27:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Profiles\default\hkf1yl10.slt\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.107:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.108:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@realmedia[1].txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.386:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.387:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.388:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.389:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.390:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.391:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.392:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\Nabli\Cookies\nabli@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.370:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.371:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.372:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.373:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.374:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Ru4 : Nettoyé.
:mozilla.447:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.448:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.449:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.450:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.451:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.452:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.114:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.115:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.116:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.117:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.305:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.307:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.647:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.6:C:\Documents and Settings\derwa\Application Data\Mozilla\Firefox\Profiles\1rd9cmv1.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
C:\Documents and Settings\Administrator\Cookies\administrator@skype[1].txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.204:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.205:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.206:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.31:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.32:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.33:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.850:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Spylog : Nettoyé.
C:\Documents and Settings\Administrator\Cookies\administrator@starware[2].txt -> TrackingCookie.Starware : Nettoyé.
:mozilla.333:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.334:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.335:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.336:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.337:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.338:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.339:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.340:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.341:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.342:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.343:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.344:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.345:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.346:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.347:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.348:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.349:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.350:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.351:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.352:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.353:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.354:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.355:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.172:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.174:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.175:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.28:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Profiles\default\hkf1yl10.slt\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.29:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Profiles\default\hkf1yl10.slt\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.44:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.79:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.80:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.81:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.82:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.73:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Trafic : Nettoyé.
:mozilla.110:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.326:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.489:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.59:C:\Documents and Settings\Nabli\Application Data\Mozilla\Firefox\Profiles\79dfqoj3.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.859:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.860:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.861:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.245:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.246:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.247:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.673:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Administrator.BRUXELLES\Cookies\administrator@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.173:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.383:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.384:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.385:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.691:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.692:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.693:C:\Documents and Settings\Administrator.BRUXELLES\Application Data\Mozilla\Firefox\Profiles\56oy85gf.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
20 juil. 2007 à 13:04
20 juil. 2007 à 13:04
Salut
"oups" parce que je me suis trompé ! :)
poste la suite stp
++
"oups" parce que je me suis trompé ! :)
poste la suite stp
++
gforce83
Messages postés
14
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
21 juillet 2007
20 juil. 2007 à 13:50
20 juil. 2007 à 13:50
ben pour la suite il n'y a que l'analyse online mais ça prend exagéré du temps et je ne sais plus travailler pendant ce temps. Autre chose?
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
20 juil. 2007 à 14:08
20 juil. 2007 à 14:08
Dommage, le scan en ligne est pas mal ...
poste un nouveau hijack, et dis moi où en sont tes soucis !
++
poste un nouveau hijack, et dis moi où en sont tes soucis !
++
gforce83
Messages postés
14
Date d'inscription
mardi 17 juillet 2007
Statut
Membre
Dernière intervention
21 juillet 2007
20 juil. 2007 à 14:12
20 juil. 2007 à 14:12
disons que pour l'instant je n'ai plus de fenêtres qui s'ouvrent mais temp en temp j'ai des erreur windows qui me dit que internet explorer ne peut pas exécuter je c pas quoi avec la memoire read.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 14:14, on 2007-07-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nladm\NLAgentSvc.exe
C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
C:\WINDOWS\System32\snmp.exe
c:\wamp\apache2\bin\httpd.exe
c:\wamp\mysql\bin\mysqld-nt.exe
C:\wamp\apache2\bin\httpd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Common Files\Stardock\TrayServer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Alt+Q Hotkey.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\YzShadow\YzShadow.exe
C:\wamp\wampmanager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\derwa\Desktop\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] C:\Program Files\Common Files\Stardock\TrayServer.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Fast SysTray] C:\Program Files\FastSysTray\FastsysTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\pdqhwxcm.dll",forkonce
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Alt+Q Hotkey Tool] C:\WINDOWS\Alt+Q Hotkey.exe
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [Yz Shadow] C:\Program Files\YzShadow\YzShadow.exe
O4 - HKCU\..\Run: [Cobian Backup 8] "C:\Program Files\Cobian Backup 8\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\Software\..\Telephony: DomainName = bruxelles.eurologos.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Update Service (gupdate) - Google Inc. - C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
O23 - Service: Iap - Dell Inc - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Network LookOut Agent (NetworkLookOutAgent) - Unknown owner - C:\WINDOWS\system32\nladm\NLAgentSvc.exe
O23 - Service: Net Monitor for Employees Agent (NMEmployeesAgent) - Unknown owner - C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 14:14, on 2007-07-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
C:\Program Files\Dell\OpenManage\Client\Iap.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nladm\NLAgentSvc.exe
C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
C:\WINDOWS\System32\snmp.exe
c:\wamp\apache2\bin\httpd.exe
c:\wamp\mysql\bin\mysqld-nt.exe
C:\wamp\apache2\bin\httpd.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Common Files\Stardock\TrayServer.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Alt+Q Hotkey.exe
C:\Program Files\UberIcon\UberIcon Manager.exe
C:\Program Files\YzShadow\YzShadow.exe
C:\wamp\wampmanager.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\derwa\Desktop\HiJackThis_v2.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: IE DevToolbar BHO - {CC7E636D-39AA-49b6-B511-65413DA137A1} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O3 - Toolbar: Zend Studio - {95188727-288F-4581-A48D-EAB3BD027314} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [1A:Stardock TrayMonitor] C:\Program Files\Common Files\Stardock\TrayServer.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Fast SysTray] C:\Program Files\FastSysTray\FastsysTray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\pdqhwxcm.dll",forkonce
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Alt+Q Hotkey Tool] C:\WINDOWS\Alt+Q Hotkey.exe
O4 - HKCU\..\Run: [UberIcon] "C:\Program Files\UberIcon\UberIcon Manager.exe"
O4 - HKCU\..\Run: [Yz Shadow] C:\Program Files\YzShadow\YzShadow.exe
O4 - HKCU\..\Run: [Cobian Backup 8] "C:\Program Files\Cobian Backup 8\Cobian.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Startup: Mozilla Thunderbird.lnk = C:\Program Files\Mozilla Thunderbird\thunderbird.exe
O4 - Startup: WampServer.lnk = C:\wamp\wampmanager.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Zend Studio - Debug current page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugCurrent.html
O8 - Extra context menu item: Zend Studio - Debug next page - res://C:\Program Files\Zend\ZendStudio-5.5.0\bin\ZendIEToolbar.dll/DebugNext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra 'Tools' menuitem: &Google Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.1.50.0\gears.dll
O9 - Extra button: IE Developer Toolbar - {48FFE35F-36D9-44bd-A6CC-1D34414EAC0D} - C:\Program Files\Microsoft\Internet Explorer Developer Toolbar\IEDevToolbar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zend Studio Toolbar - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra 'Tools' menuitem: Zend Studio - {A26ABCF0-1C8F-46e7-A67C-0489DC21B9CC} - C:\PROGRA~1\Zend\ZENDST~1.0\bin\ZENDIE~1.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\Software\..\Telephony: DomainName = bruxelles.eurologos.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O17 - HKLM\System\CS3\Services\Tcpip\Parameters: Domain = bruxelles.eurologos.local
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: Google Update Service (gupdate) - Google Inc. - C:\Program Files\Google\Common\Update\1.0.69.0\GoogleUpdate.exe
O23 - Service: Iap - Dell Inc - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Network LookOut Agent (NetworkLookOutAgent) - Unknown owner - C:\WINDOWS\system32\nladm\NLAgentSvc.exe
O23 - Service: Net Monitor for Employees Agent (NMEmployeesAgent) - Unknown owner - C:\Program Files\Network LookOut\Net Monitor for Employees Professional\bin\NLSAgentSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: wampapache - Apache Software Foundation - c:\wamp\apache2\bin\httpd.exe
O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt.exe
green day
Messages postés
26371
Date d'inscription
vendredi 30 septembre 2005
Statut
Modérateur, Contributeur sécurité
Dernière intervention
27 décembre 2019
2 162
20 juil. 2007 à 15:52
20 juil. 2007 à 15:52
Disons donc que c'est plutôt positif ! :)
Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\pdqhwxcm.dll",forkonce
ensuite, repasse un coup de ccleaner et installe un parefeu et ça sera tout bon normalement !
voir ici :
securite proteger un ordinateur contre les malwares d internet
@+
Relance HijackThis : choisis " do a scan only" coche la case devant les lignes ci-dessous et clique en bas sur "fix checked" :
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\pdqhwxcm.dll",forkonce
ensuite, repasse un coup de ccleaner et installe un parefeu et ça sera tout bon normalement !
voir ici :
securite proteger un ordinateur contre les malwares d internet
@+