Backdoor.Win32.IRCBot.bal le supprimer svp.
Elchichador
Messages postés
17
Statut
Membre
-
LOLAY -
LOLAY -
Bonjour,
ma belle fille qui est toujours sur msn a chopé un virus :un scan online sur Kasperky a identifier
Backdoor.Win32.IRCBot.bal comment s'en defaire?
Voila le rapport :
KASPERSKY ONLINE SCANNER REPORT
Thursday, October 18, 2007 11:00:57 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 18/10/2007
Kaspersky Anti-Virus database records: 439038
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target Folders
C:\
Scan Statistics
Total number of scanned objects 99059
Number of viruses found 1
Number of infected objects 2
Number of suspicious objects 0
Duration of the scan process 01:46:26
Infected Object Name Virus Name Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\VirusScan\OnAccessScanLog.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\VirusScan\AccessProtectionLog.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\VirusScan\BufferOverflowProtectionLog.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\Common Framework\Db\PrdMgr_R2D2.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\Common Framework\Db\Agent_R2D2.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\BOPDATA\_Date-20071018_Time-190918171_EnterceptRules.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\BOPDATA\_Date-20071018_Time-190918171_EnterceptExceptions.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\julie\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\julie\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Temp\JETEC63.tmp Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Musicmatch\Jukebox\mmjblog.txt Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Musicmatch\Jukebox\mmjbaltlog.txt Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Musicmatch\MIM\Database\Default.mdb Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Musicmatch\MIM\Database\Default.ldb Object is locked skipped
C:\Documents and Settings\julie\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\clara\Mes documents\Mes fichiers reçus\news86.zip/news86.scr Infected: Backdoor.Win32.IRCBot.bal skipped
C:\Documents and Settings\clara\Mes documents\Mes fichiers reçus\news86.zip ZIP: infected - 1 skipped
C:\Program Files\eMule\Temp\002.part Object is locked skipped
C:\Program Files\eMule\Temp\006.part Object is locked skipped
C:\Program Files\eMule\Temp\017.part Object is locked skipped
C:\System Volume Information\_restore{49AB0524-AE79-4BEC-BF90-307CF06458BF}\RP182\change.log Object is locked skipped
Scan process completed.
Merci d'avance.
Elchichador
ma belle fille qui est toujours sur msn a chopé un virus :un scan online sur Kasperky a identifier
Backdoor.Win32.IRCBot.bal comment s'en defaire?
Voila le rapport :
KASPERSKY ONLINE SCANNER REPORT
Thursday, October 18, 2007 11:00:57 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 18/10/2007
Kaspersky Anti-Virus database records: 439038
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target Folders
C:\
Scan Statistics
Total number of scanned objects 99059
Number of viruses found 1
Number of infected objects 2
Number of suspicious objects 0
Duration of the scan process 01:46:26
Infected Object Name Virus Name Last Action
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\VirusScan\OnAccessScanLog.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\VirusScan\AccessProtectionLog.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\VirusScan\BufferOverflowProtectionLog.txt Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\Common Framework\Db\PrdMgr_R2D2.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\Common Framework\Db\Agent_R2D2.log Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\BOPDATA\_Date-20071018_Time-190918171_EnterceptRules.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Network Associates\BOPDATA\_Date-20071018_Time-190918171_EnterceptExceptions.dat Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\julie\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\julie\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Temp\JETEC63.tmp Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Musicmatch\Jukebox\mmjblog.txt Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Musicmatch\Jukebox\mmjbaltlog.txt Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Musicmatch\MIM\Database\Default.mdb Object is locked skipped
C:\Documents and Settings\julie\Local Settings\Application Data\Musicmatch\MIM\Database\Default.ldb Object is locked skipped
C:\Documents and Settings\julie\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\clara\Mes documents\Mes fichiers reçus\news86.zip/news86.scr Infected: Backdoor.Win32.IRCBot.bal skipped
C:\Documents and Settings\clara\Mes documents\Mes fichiers reçus\news86.zip ZIP: infected - 1 skipped
C:\Program Files\eMule\Temp\002.part Object is locked skipped
C:\Program Files\eMule\Temp\006.part Object is locked skipped
C:\Program Files\eMule\Temp\017.part Object is locked skipped
C:\System Volume Information\_restore{49AB0524-AE79-4BEC-BF90-307CF06458BF}\RP182\change.log Object is locked skipped
Scan process completed.
Merci d'avance.
Elchichador
Configuration: Windows XP Internet Explorer 7.0
20 réponses
-
Bonsoir,
Télécharge MSNFix.zip (de !aur3n7) sur ton bureau:
http://sosvirus.changelog.fr/MSNFix.zip
Décompresse-le (clic droit >> Extraire ici) et place les fichiers dans C:\MSNFix (très important).
Double cliquer sur le fichier MSNFix.bat.
- Exécutez l'option R.
-- Si l'infection est détectée, un message l'indiquera et il suffira de presser une touche pour lancer le nettoyage
Note :
Si une erreur de suppression est détectée un message s'affichera demandant de redémarrer l'ordinateur afin de terminer les opérations. Dans ce cas il suffit de redémarrer l'ordinateur en mode normal
- Le rapport sera enregistré dans le même dossier que MSNFix sous forme date_heure.txt
* Télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre-le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
Clique sur "do a system scan and save logfile" (cf démo)
Faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
A+ -
Bonsoir
suivre la procédure dans l'ordre
Télécharge:
http://www.grisoft.cz/filedir/inst/avgas-setup-7.5.1.43.exe AVG-AntiSpyware
= Installer
= Le lancer
= Clic : Mise à jour
------
= Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.
Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
-------
= Dans ANALYSE ( en forme de loupe )
==> Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine
==> Clic : Analyse complète du système
En fin de scan ( qui est assez long)
==> Clic Appliquer toutes les actions <== ceci Très important
==> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
-------
En mode normal
colle le rapport
-------------
Télécharge sur le bureau
[url=http://sosvirus.changelog.fr/MSNFix.zip]MSNfix[/url]
= Clic-Droit sur MSNFix.zip
= Extraire ici ( ou extraire sans confirmation ou tout ou unzip)
= Double-Clic sur le dossier MSNfix qui vient de se créer
= Double-Clic MSNfix ==> Symbole roue dentée
= Choisir R
= Choisir ensuite N ( si infection)
= Enregistre le rapport
redémarre le PC et relancer MSN tu sauras ainsi si tout est supprimé
=======================
et pour contrôle
Télécharge sur le bureau
[url=http://www.merijn.org/files/hijackthis.zip]hijackthis.zip[/url]
= Clic-droit sur Hijackthis
= Extraire ici ( ou extraire sans confirmation ou tout ou unzip)
= clic droit sur Hijackthis ( en forme de dynamite) ==> renommer ==> écrire : test.exe ( à la place de hijackthis.exe) <== Important
=Double-clic dessus
= Clic Do a system scan and save the log
= ensuite colle le rapport -
Voici le rapport collé de Hijackthis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:59:40, on 19/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\Winamp\Winampa.exe
C:\PROGRA~1\MUSICM~1\MUSICM~1\MMDiag.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Zshutdown] c:\sysprep\patch\sysprep.cmd
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
-
-
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question -
J'ai fait MSNfix
rapport : pas de dossier dans MSNfix sous forme date_heure mais il n'a pas detecté d'infection
par contre un fichier document txt: serait-ce le rapport?
C:\Documents and Settings\julie\Application Data\addon.dat
C:\Documents and Settings\julie\Application Data\inside.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\carlton
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\Antivirus32.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\ashDisp.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\ashServ.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\atimvex.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\atrvmmx.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\bios.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\BRISA.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\bsyys.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\bsyys.scr
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\carlton
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\ccssrss.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\cmd.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\Computador.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\Diup.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\dll.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\dllvirtual.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\eixdrv.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\ExAlien.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\fbguad.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\firefoxx.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\Flash.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\GbpSvc.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\HelpDesk.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\Hide32.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\icpldrvx.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\imglog.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\InstallHelp.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\javaupd.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\javsu.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\juchek.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\jvasu.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\JVM0.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\jvms.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\klpp.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\logon.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\lsssas.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\mdll.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\messengerr.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\messenup.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\messgrr.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\mjavas.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\msm.cmd
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\MSN_MSS.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\msnconf.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\MSNENVIA.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\msnfile.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\msng.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\msnmsg.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\msnmsgr.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\msnsgs.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\mxjxde.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\My_Love.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\Ndtstat.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\norton32.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\ntvvm.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\pdvsym.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\qtapp.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\regfixxsx.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\registtry.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\remote.cmd
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\repara_ae.bat
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\Rg2catbd.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\rundl32.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\rxnetq.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\smss.scr
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\svchost.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\svchostss.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\svhost.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\sxrork.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\sxrsym.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\syst.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\system32.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\systemdll.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\task.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\taskmgrrr.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\Tasks.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\udll.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\voieup.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\voiork.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\wepaint.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\Win XP.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\win.scr
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\Windows Update.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\Windows32.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\windowsupdate.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\Winhost.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\winupdbc.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\WMedPlayer.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\wrdmgr.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\wrloginpro.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\wsnctfy.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\wuaucltt.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\ying.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\yong.exe
C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1\DÉMARR~1\ZaZ.exe
C:\Program Files\Fichiers communs\Carlson\carlton
C:\Program Files\Fichiers communs\Delsim\del.exe
C:\PROGRA~1\FICHIE~1\Microsoft Shared\DAO\svchost.exe
C:\PROGRA~1\FICHIE~1\tmp.scr
C:\i.mages.zip
C:\DOCUME~1\julie\LOCALS~1\APPLIC~1\addon.dat
C:\PROGRA~1\\NetMeeting\maisumviado.exe
C:\PROGRA~1\\outloo~1\update.exe
C:\PROGRA~1\\WinPop\winpop.exe.lzma
C:\PROGRA~1\a.txt
C:\PROGRA~1\Adobe\AdobeLanc.exe
C:\PROGRA~1\Ajuda.exe
C:\PROGRA~1\Amor.exe
C:\PROGRA~1\Bifrost\klog.dat
C:\PROGRA~1\Bifrost\server.exe
C:\PROGRA~1\Bifrost\sys32.exe
C:\PROGRA~1\Cica.exe
C:\PROGRA~1\Config\Config.exe
C:\PROGRA~1\dll.exe
C:\PROGRA~1\dllvirtual.exe
C:\PROGRA~1\dllwin.exe
C:\PROGRA~1\ExAlien.exe
C:\PROGRA~1\Favoritos.exe
C:\PROGRA~1\fer.exe
C:\PROGRA~1\Firewall.exe
C:\PROGRA~1\Flash.exe
C:\PROGRA~1\GbPlugin\\Rg2catbd.exe
C:\PROGRA~1\GbPlugin\GbpSvc.exe
C:\PROGRA~1\GbPlugin\mdll.exe
C:\PROGRA~1\GbPlugin\msng.exe
C:\PROGRA~1\GbPlugin\Ndtstat.exe
C:\PROGRA~1\GbPlugin\Rg2catbd.exe
C:\PROGRA~1\GbPlugin\udll.exe
C:\PROGRA~1\GbPlugin\yong.exe
C:\PROGRA~1\GbpSvc.exe
C:\PROGRA~1\help.exe
C:\PROGRA~1\HelpDesk.exe
C:\PROGRA~1\icpldrvx.exe
C:\PROGRA~1\ildredr.exe
C:\PROGRA~1\inetget2\installeur.exe
C:\PROGRA~1\Internet Explorer\bb.exe
C:\PROGRA~1\Internet Explorer\desc.exe
C:\PROGRA~1\Internet Explorer\loadie.exe
C:\PROGRA~1\Internet Explorer\realplayerp.exe
C:\PROGRA~1\klog.dat
C:\PROGRA~1\login.scr
C:\PROGRA~1\Logun.exe
C:\PROGRA~1\mdll.exe
C:\PROGRA~1\messenger.exe
C:\PROGRA~1\Messenger\msmsg.exe
C:\PROGRA~1\Messenger\Msnmsgr.exe
C:\PROGRA~1\Microsoft Office Update\file.exe
C:\PROGRA~1\Microsoft Studio Files\file.exe
C:\PROGRA~1\Microsoft Studio Files\Winlsass32.exe
C:\PROGRA~1\Microsoft\svhost32.exe
C:\PROGRA~1\Movie Maker\ja_era_hehe.exe
C:\PROGRA~1\MSN Messenger Guiños\instalar guiños.exe
C:\PROGRA~1\MSN Messenger\instalar guiños.exe
C:\PROGRA~1\msng.exe
C:\PROGRA~1\msnmsg.exe
C:\PROGRA~1\My_Love.exe
C:\PROGRA~1\Ndtstat.exe
C:\PROGRA~1\NetMeeting\klog.dat
C:\PROGRA~1\NetMeeting\maisumviado.exe
C:\PROGRA~1\orkut.scr
C:\PROGRA~1\outloo~1\express.exe
C:\PROGRA~1\outloo~1\update.exe
C:\PROGRA~1\outlook express\express.exe
C:\PROGRA~1\Outlook Express\inyourface.exe
C:\PROGRA~1\Outlook Express\OutlookEx.exe
C:\PROGRA~1\Outlook Express\setup40.exe
C:\PROGRA~1\Perfect.exe
C:\PROGRA~1\photopaint.exe
C:\PROGRA~1\Real.dll
C:\PROGRA~1\regedti.exe
C:\PROGRA~1\Remove.exe
C:\PROGRA~1\Rg2catbd.exe
C:\PROGRA~1\rm.exe
C:\PROGRA~1\schoty.cmd
C:\PROGRA~1\smss.exe
C:\PROGRA~1\SOUND.exe
C:\PROGRA~1\spiider.exe
C:\PROGRA~1\svchost.exe
C:\PROGRA~1\System\CDRom.exe
C:\PROGRA~1\System\Flash.exe
C:\PROGRA~1\System\Windows32.exe
C:\PROGRA~1\Tasks.exe
C:\PROGRA~1\Temporary\wininstall.exe
C:\PROGRA~1\udll.exe
C:\PROGRA~1\update.exe
C:\PROGRA~1\VTTimers.exe
C:\PROGRA~1\Wapp.exe
C:\PROGRA~1\Widows.exe
C:\PROGRA~1\WinAble\winable.exe
C:\PROGRA~1\Windows32.exe
C:\PROGRA~1\winINI.exe
C:\PROGRA~1\winpop\uninstall.exe
C:\PROGRA~1\WinPop\UnInstall.exe.lzma
C:\PROGRA~1\winpop\winpop.exe
C:\PROGRA~1\WinPop\winpop.exe.lzma
C:\PROGRA~1\Wm2emt.exe
C:\PROGRA~1\wmplay.exe
C:\PROGRA~1\yong.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\ashDisp.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\ashServ.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\avgccc.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\bios.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\bsyys.scr
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\ccssrss.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\cmd.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\Computador.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\dll.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\eixdrv.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\ExAlien.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\fbguad.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\firefoxx.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\Flash.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\InstallHelp.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\javsu.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\juchek.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\klpp.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\logon.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\lsssas.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\messengerr.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\messgrr.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\msm.cmd
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\msnmsgr.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\My_Love.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\norton32.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\ntvvm.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\pdvsym.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\qtapp.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\qupdate.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\regfixxsx.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\registtry.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\remote.cmd
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\repara_ae.bat
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\rundl32.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\rxnetq.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\smss.scr
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\svchost.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\svchostss.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\svhost.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\sxrork.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\sxrsym.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\system32.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\task.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\taskmgrrr.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\Tasks.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\voieup.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\voiork.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\wepaint.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\Win XP.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\Windows Update.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\Windows32.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\windowsupdate.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\Winhost.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\winupdbc.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\WMedPlayer.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\wrloginpro.exe
C:\DOCUME~1\julie\MENUDÉ~1\PROGRA~1\DÉMARR~1\wuaucltt.exe
C:\111z.exe
C:\2.exe
C:\521785.txt
C:\8e3y4u4a9t9.exe
C:\a.bat
C:\adv.exe
C:\Amigos.exe
C:\amor.exe
C:\animacao.scr
C:\Annoying crazy frog getting killed.pif
C:\Arquivos de programas\rem.exe
C:\Arquivos de programas\Wapp.exe
C:\arquivos de programas\Windows32.exe
C:\audise.exe
C:\auto1.exe
C:\auto2.exe
C:\auto3.exe
C:\autorun.inf
C:\AVG\Tools\csrss.scr
C:\AVG\Tools\svchost.exe
C:\AVG\Tools\taskmgr.exe
C:\AVG_BETA\DB\arquivo.txt
C:\AVG_BETA\Tools\csrss.scr
C:\AVG_BETA\Tools\msnmsgr.exe
C:\bedroom-thongs.pif
C:\British National Party.jpg
C:\btpaxole.dll
C:\Call.exe
C:\cartao.scr
C:\certmsje.dll
C:\claro.exe
C:\cmd.exe
C:\Conf\13.bmp
C:\Conf\15.bmp
C:\Conf\3.jpg
C:\Conf\cax2.jpg
C:\Conf\info.gif
C:\Conf\logo.jpg
C:\Conf\ms.exe
C:\Conf\msm.cmd
C:\Conf\msm.exe
C:\Conf\msmFF.cmd
C:\Conf\msmho.cmd
C:\Conf\nc.gif
C:\Conf\nd.gif
C:\Conf\nn.gif
C:\Conf\NOVOBB.gif
C:\Conf\novobb.jpg
C:\Conf\novobb2.jpg
C:\Conf\novoSB.gif
C:\Conf\ork.cmd
C:\Conf\tec.jpg
C:\Conf\win.scr
C:\contato.exe
C:\Crazy-Frog.Html
C:\Crazy frog gets killed by train!.pif
C:\Crazy frog gets killed by train!.pif Fat Elvis! lol.pif
C:\csrs.txt
C:\csrss.exe
C:\ctl3diac.exe
C:\DB\arquivo.txt
C:\diy.EXE
C:\dkotyrxbb.exe
C:\dll.exe
C:\dllwin.exe
C:\dnsajobe.dat
C:\dnsajobe.dll
C:\dnsajobe.exe
C:\download1591.exe
C:\dpl1npwm.dat
C:\dpl1npwm.dll
C:\dpl1npwm.exe
C:\dpv1bidi.dll
C:\Drunk_lol.pif
C:\dydhcp.exe
C:\emai.exe
C:\email.inf
C:\Enviado.123
C:\Fat Elvis! lol.pif
C:\fFa4vV0rR170S5S2.exe
C:\File.exe
C:\FLIPART.EXE
C:\flw334.dll
C:\Foto.exe
C:\Foto_celular.scr
C:\Foto_celular.scr
C:\Foto_Celular.zip
C:\fotomensagem.exe
C:\fotos_posse.zip
C:\funny_pic.scr
C:\g5c5i4x6e4h2.exe
C:\g7n4l2o4i4.exe
C:\g7n4l2o4i4v4.exe
C:\GETDRIVE.EXE
C:\h1b9i6h4u6j1.exe
C:\hellmsn.exe
C:\Hot.pif
C:\How a Blonde Eats a Banana...pif
C:\hptzb02.exe
C:\hy.exe
C:\i.exe
C:\icone.exe
C:\IE.exe
C:\ierro.exe
C:\iexplorer.exe
C:\image001.exe
C:\img0012-www.photostorage.com
C:\instalador de guiños y emoticonos.exe
C:\Install\Ghost.exe
C:\Install\install.exe
C:\Install_Messenger.exe
C:\inupdbc.exe
C:\is77.exe
C:\Isass.scr
C:\j7q1c4v1i6s4.exe
C:\Jennifer Lopez.scr
C:\jkrguy.exe
C:\jpb.exe
C:\jshxw.exe
C:\k3d3t4t8n7l.exe
C:\k3d3t4t8n7l8.exe
C:\kao.reg
C:\kbdnmfc4.dll
C:\KimMakihel.exe
C:\kl.exe
C:\ksmmtq.exe
C:\lauro.exe
C:\Lista.txt
C:\Lixo
C:\llka.exe
C:\LMAO.pif
C:\log.txt
C:\LOL that ur pic!.pif
C:\LOL.scr
C:\love_me.pif
C:\lsass.exe
C:\lspt.exe
C:\m1t4z1h1l7q5.exe
C:\Me on holiday!.pif
C:\megakl.exe
C:\Mensagem.exe
C:\Message to n00b LARISSA.txt
C:\MESSAGE_TO_BROPIA.txt
C:\messenger.exe
C:\Microsoft.exe
C:\mis contactos.txt
C:\Mis imágenes\yo_posse_007.jpg.exe
C:\Mona Lisa Wants Her Smile Back.pif
C:\msm.cmd
C:\msm.exe
C:\msm.exe
C:\msn.exe
C:\MSN_Update1
C:\msnmsg.exe
C:\msnmsgr.exe
C:\msnmsnr.scr
C:\msnsetup.exe
C:\msnsgrsv.exe
C:\msnsgrsv0201.exe
C:\msnsgrszs.exe
C:\MSNWA.exe
C:\mstray.exe
C:\My new photo!.pif
C:\my_photo2005.scr
C:\naked_drunk.pif
C:\naked_party.pif
C:\new_webcam.pif
C:\nmevscrr.exe
C:\nzl.exe
C:\officexp.exe
C:\orkut.exe
C:\orkut.scr
C:\osm.exe
C:\p3h2b3t3q1s9.exe
C:\PastaImagens.exe
C:\pif.exe
C:\psapuman.exe
C:\psnppack.dll
C:\qwere.exe
C:\raizw.exe
C:\rar.exe
C:\rar1.exe
C:\rar2.exe
C:\RECYCLER\msnservice.exe
C:\RECYCLER\nvscvse.exe
C:\RECYCLER\te32.exe
C:\RemotoMSN.txt
C:\review.txt
C:\ROFL.pif
C:\s10w.exe
C:\sadan.avi.exe
C:\sadov.exe
C:\See my lesbian friends.pif
C:\see_this!!.scr
C:\sendwmdm.exe
C:\server.exe
C:\servico.exe
C:\sexy.exe
C:\sexy_bedroom.pif
C:\show.exe
C:\skew.exe
C:\Small.exe
C:\snsstect.exe
C:\so.exe
C:\SOUND32.exe
C:\start.bat
C:\stock.exe
C:\stock.htm
C:\stock2.exe
C:\SVCH0STll.exe
C:\svchost.exe
C:\svchost.scr
C:\svchost32.exe
C:\Svchosts.exe
C:\sys.txt
C:\syshwbx.exe
C:\syssryh.exe
C:\system.exe
C:\System\iexplore.exe
C:\System\plugin.exe
C:\system1591.exe
C:\system1691.exe
C:\system1791.exe
C:\system2.exe
C:\system2525.exe
C:\system3.exe
C:\system32.exe
C:\system4.exe
C:\system5.exe
C:\szsvc.exe
C:\t7b8i6h6t6j13.exe
C:\text.reg
C:\The Cat And The Fan piccy.pif
C:\tim.exe
C:\Tools\csrss.scr
C:\Topless in Mini Skirt! lol.pif
C:\u5g9p7x1h4a3.exe
C:\underware.pif
C:\up.exe
C:\update.exe
C:\updt.exe
C:\video.exe
C:\vonner.exe
C:\w3v6r2r2h3z5.exe
C:\Webcam.pif
C:\winbash.exe
C:\winbbs.exe
C:\windebug.log
C:\Windows Messeger.exe
C:\Windows Messenger.exe
C:\windows.cmd
C:\winfgt.exe
C:\winHelp.exe
C:\winhpi.exe
C:\winhsd.exe
C:\winimage.exe
C:\winlogin.exe
C:\winlongonf.exe
C:\WINNT\ScktSrvr.exe
C:\WINNT\system\kl.dll
C:\WINNT\system\msmsgs.exe
C:\WINNT\system\msn.dat
C:\WINNT\system\msn.dll
C:\WINNT\system\smsc.exe
C:\WINNT\system\svchost.dat
C:\WINNT\system\xsmith.scr
C:\winpga.exe
C:\WinPH.exe
C:\winptz.exe
C:\winsfr.exe
C:\winupdaet.exe
C:\winupdate128.exe
C:\winupdate32.exe
C:\Winupdbc.exe
C:\winuping.exe
C:\winvrc.exe
C:\winXP.exe
C:\wkssmsjt.dll
C:\wldadisp.dat
C:\wldadisp.dll
C:\wldadisp.exe
C:\wnlsos.exe
C:\x.exe
C:\x7g3a8d6u.exe
C:\x7g3a8d6u4c1.exe
C:\x7g3a8d6uc1.exe
C:\Xerr0.exe
C:\xfafasfgx.exe
C:\xso.exe
C:\y8o7w8b4f1q5.exe
C:\zordz.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\??.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\~ip.tmp
C:\DOCUME~1\julie\LOCALS~1\Temp\1.html
C:\DOCUME~1\julie\LOCALS~1\Temp\1.html.$$$
C:\DOCUME~1\julie\LOCALS~1\Temp\2238.EXE
C:\DOCUME~1\julie\LOCALS~1\Temp\800_zip_dump.scr
C:\DOCUME~1\julie\LOCALS~1\Temp\activ.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\ADF.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\allgg.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\anjinhos.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\bifrost.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\carinhos.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\ccAApp.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\csrss.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\DfSLdES
C:\DOCUME~1\julie\LOCALS~1\Temp\drev.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\firefoxx.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\fotos.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\g0ld.com
C:\DOCUME~1\julie\LOCALS~1\Temp\hkxqwfui.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\ibguardr.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\image??.zip
C:\DOCUME~1\julie\LOCALS~1\Temp\is581.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\jjusched.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\koko.cmd
C:\DOCUME~1\julie\LOCALS~1\Temp\llsaass.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\load.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\logs.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\lsasss.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\mensagem.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\MG.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\msnclient.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\nts_000.tmp
C:\DOCUME~1\julie\LOCALS~1\Temp\nts3.tmp
C:\DOCUME~1\julie\LOCALS~1\Temp\nts4.tmp
C:\DOCUME~1\julie\LOCALS~1\Temp\nts5.tmp
C:\DOCUME~1\julie\LOCALS~1\Temp\nts6.tmp
C:\DOCUME~1\julie\LOCALS~1\Temp\ocx.out
C:\DOCUME~1\julie\LOCALS~1\Temp\pa_0105.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\Photo.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\pork.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\pqokfkgksd.cmd
C:\DOCUME~1\julie\LOCALS~1\Temp\realsched.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\removalfile.bat
C:\DOCUME~1\julie\LOCALS~1\Temp\RTHDCPL.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\scs14.tmp
C:\DOCUME~1\julie\LOCALS~1\Temp\scs15.tmp
C:\DOCUME~1\julie\LOCALS~1\Temp\second.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\server.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\serverivy.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\services.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\sistema32.com
C:\DOCUME~1\julie\LOCALS~1\Temp\spoolsv.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\svcchhost.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\svchost.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\tosvid45.vxd
C:\DOCUME~1\julie\LOCALS~1\Temp\tug.php
C:\DOCUME~1\julie\LOCALS~1\Temp\Update.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\w1.txt.$$$
C:\DOCUME~1\julie\LOCALS~1\Temp\win.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\winamp.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\winlogon.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\winnttemp100mr\wmplayers.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\wuaucltt.exe
C:\DOCUME~1\julie\LOCALS~1\Temp\z1.txt
C:\Documents and Settings\julie\ariant.txt
C:\Documents and Settings\julie\auto.txt
C:\Documents and Settings\julie\egos.txt
C:\Documents and Settings\julie\lhaj.txt
C:\Documents and Settings\julie\Local Settings\Application Data\addon.dat
C:\Documents and Settings\julie\msdirectx.sys
C:\Documents and Settings\julie\NETVISION.exe
C:\Documents and Settings\julie\new.txt
C:\Documents and Settings\julie\qbspin.exe
C:\Documents and Settings\julie\winxvc.exe
C:\Documents and Settings\julie\yoaoux.exe
C:\WINDOWS\\Cfreer.exe
C:\WINDOWS\01.exe
C:\WINDOWS\11.exe
C:\WINDOWS\22.exe
C:\WINDOWS\33.exe
C:\WINDOWS\44.exe
C:\WINDOWS\a.bat
C:\WINDOWS\a1.exe
C:\WINDOWS\aas.scr
C:\WINDOWS\abcd.exe
C:\WINDOWS\addins\svchost.exe
C:\WINDOWS\aIg.exe
C:\WINDOWS\aimmsn.exe
C:\WINDOWS\alg.exe
C:\WINDOWS\alggx.exe
C:\WINDOWS\anima.exe
C:\WINDOWS\ansmtp.dll
C:\WINDOWS\ansmtpbuild.dll
C:\WINDOWS\Antivirus32.exe
C:\WINDOWS\Arq.ini
C:\WINDOWS\arqui1.exe
C:\WINDOWS\arquivo.exe
C:\WINDOWS\ashDisp.exe
C:\WINDOWS\Ashdsp.exe
C:\WINDOWS\AshleyHottie.zip
C:\WINDOWS\ashServ.exe
C:\WINDOWS\ashSv.exe
C:\WINDOWS\athycxvvx.exe
C:\WINDOWS\athydxvvx.exe
C:\WINDOWS\athyhxvvx.exe
C:\WINDOWS\athylxvvx.exe
C:\WINDOWS\ati3evx.exe
C:\WINDOWS\ati5vxxx.exe
C:\WINDOWS\atrvmmx.exe
C:\WINDOWS\audi.scr
C:\WINDOWS\audise.exe
C:\WINDOWS\av.exe
C:\WINDOWS\avast.exe
C:\WINDOWS\Avconsol.exe
C:\WINDOWS\avgdos.exe
C:\WINDOWS\avp.exe
C:\WINDOWS\Avsgccs.scr
C:\WINDOWS\b122.exe
C:\WINDOWS\b122.exe.bin
C:\WINDOWS\bak\avconsol.exe
C:\WINDOWS\bak\zap.exe
C:\WINDOWS\bass.exe
C:\WINDOWS\bloggermessenger.exe
C:\WINDOWS\blue.exe
C:\WINDOWS\bmp2jpeg.dll
C:\WINDOWS\bohas.scr
C:\WINDOWS\bootvid.dll
C:\WINDOWS\browseui.exe
C:\WINDOWS\bsyys.temp
C:\WINDOWS\bsyys.tmp
C:\WINDOWS\BushIsDumb!.zip
C:\WINDOWS\BWJLM1334.ZIP
C:\WINDOWS\C005_jpg.zip
C:\WINDOWS\c8iu3h.log
C:\WINDOWS\caixa.exe
C:\WINDOWS\cartaos.exe
C:\WINDOWS\CDSpeed.exe
C:\WINDOWS\Cfreer.exe
C:\WINDOWS\charmmpxp.exe
C:\WINDOWS\chcp.exe
C:\WINDOWS\cmd.exe
C:\WINDOWS\code.exe
C:\WINDOWS\comctl64.dll
C:\WINDOWS\Config\amsn.exe
C:\WINDOWS\config\msnmsgr.exe
C:\WINDOWS\config\sistema.exe
C:\WINDOWS\config\svchost.exe
C:\WINDOWS\Config\ying.exe
C:\WINDOWS\cookies.ini
C:\WINDOWS\crss.exe
C:\WINDOWS\crss7.exe
C:\WINDOWS\csrs.scr
C:\WINDOWS\csrss.exe
C:\WINDOWS\csrss.scr
C:\WINDOWS\ctfmon.exe
C:\WINDOWS\Cursors\GbpSvc.exe
C:\WINDOWS\Cursors\IEXPLORE.EXE
C:\WINDOWS\Cursors\mdll.exe
C:\WINDOWS\Cursors\msng.exe
C:\WINDOWS\Cursors\Ndtstat.exe
C:\WINDOWS\Cursors\Pbrushy.exe
C:\WINDOWS\Cursors\Rg2catbd.exe
C:\WINDOWS\Cursors\udll.exe
C:\WINDOWS\Cursors\yong.exe
C:\WINDOWS\DCS515610.zip
C:\WINDOWS\Debug\javaws.exe
C:\WINDOWS\default.cmd
C:\WINDOWS\demon.zip
C:\WINDOWS\diskdruid.exe
C:\WINDOWS\diskk.exe
C:\WINDOWS\Diup.exe
C:\WINDOWS\dll32
C:\WINDOWS\dllwin.exe
C:\WINDOWS\dllwin.scr
C:\WINDOWS\Downloaded Program Files\Appstart.exe
C:\WINDOWS\dydhcp.exe
C:\WINDOWS\enviafrase.exe
C:\WINDOWS\epwf4q.pif
C:\WINDOWS\Expert_Corp.exe
C:\WINDOWS\exploere.scr
C:\WINDOWS\explorer_.exe
C:\WINDOWS\F0538_jpg.zip
C:\WINDOWS\F0563_jpg.zip
C:\WINDOWS\fechamalintencionado.exe
C:\WINDOWS\fer.exe
C:\WINDOWS\fggwkl.exe
C:\WINDOWS\fggwok.exe
C:\WINDOWS\fgrpkc.exe
C:\WINDOWS\findx.exe
C:\WINDOWS\fire.scr
C:\WINDOWS\firefoxpgm.exe
C:\WINDOWS\folder.exe
C:\WINDOWS\fonts\AUNZIP32.dll
C:\WINDOWS\fonts\AZIP32.dll
C:\WINDOWS\fonts\inetinfo.exe
C:\WINDOWS\fonts\msnmsgr.exe
C:\WINDOWS\fonts\mulherachada.exe
C:\WINDOWS\Fonts\nxzero1.exe
C:\WINDOWS\fonts\OSSMTP.dll
C:\WINDOWS\fonts\taskmgr.exe
C:\WINDOWS\formatsys.exe
C:\WINDOWS\foto.exe
C:\WINDOWS\fotos.exe
C:\WINDOWS\fotos.scr
C:\WINDOWS\fotos2.exe
C:\WINDOWS\freshphotos.zip
C:\WINDOWS\fuckin-around.zip
C:\WINDOWS\funny.zip
C:\WINDOWS\G038_jpg.rar
C:\WINDOWS\G038_jpg.zip
C:\WINDOWS\g7n4l2o4i4v4.exe
C:\WINDOWS\GbpSvc.exe
C:\WINDOWS\gdk.exe
C:\WINDOWS\getps.exe
C:\WINDOWS\gets.exe
C:\WINDOWS\gl0b0.exe
C:\WINDOWS\gordo1.exe
C:\WINDOWS\gsmutx.exe
C:\WINDOWS\hahahha.zip
C:\WINDOWS\Help.exe
C:\WINDOWS\help.scr
C:\WINDOWS\help\Isass.exe
C:\WINDOWS\help\Issas.exe
C:\WINDOWS\Help\korn.scr
C:\WINDOWS\help\msnm.scr
C:\WINDOWS\Help\orgut.scr
C:\WINDOWS\help\svchost.exe
C:\WINDOWS\Help\svhost.exe
C:\WINDOWS\Help\systemb.exe
C:\WINDOWS\helppo.exe
C:\WINDOWS\Hide32.exe
C:\WINDOWS\hork.exe
C:\WINDOWS\hostdll.exe
C:\WINDOWS\Hostren.exe
C:\WINDOWS\hot.exe
C:\WINDOWS\hptzb02.exe
C:\WINDOWS\hpztsb02.exe
C:\WINDOWS\i.exe
C:\WINDOWS\i5fslg.scf
C:\WINDOWS\ie.exe
C:\WINDOWS\iexplore.exe
C:\WINDOWS\iexplorer.exe
C:\WINDOWS\iexplorer6.exe
C:\WINDOWS\iexplorer7.exe
C:\WINDOWS\IFinst27.exe
C:\WINDOWS\imag091307.zip
C:\WINDOWS\images.zip
C:\WINDOWS\ime\mssng.cmd
C:\WINDOWS\ime\PIC30052007.JPEG
C:\WINDOWS\ime\smxs.cmd
C:\WINDOWS\IMG-0012.zip
C:\WINDOWS\IMG-0024.zip
C:\WINDOWS\IMG-3443.zip
C:\WINDOWS\IMG-9404.zip
C:\WINDOWS\IMG0024.zip
C:\WINDOWS\img317.zip
C:\WINDOWS\img4851.zip
C:\WINDOWS\imgac157.zip
C:\WINDOWS\inf\dllhost.exe
C:\WINDOWS\inf\infw.com
C:\WINDOWS\inf\LSAS.exe
C:\WINDOWS\inf\rdshost32.exe
C:\WINDOWS\inf\system1591.exe
C:\WINDOWS\infowshb.dll
C:\WINDOWS\install.exe
C:\WINDOWS\instr32.exe
C:\WINDOWS\instr64.exe
C:\WINDOWS\internt.exe
C:\WINDOWS\Isass.exe
C:\WINDOWS\java\expllorer.exe
C:\WINDOWS\java\msgmsn.exe
C:\WINDOWS\java\msmmsn.exe
C:\WINDOWS\java\mw.exe
C:\WINDOWS\java\Packages.cmd
C:\WINDOWS\java\svchost.exe
C:\WINDOWS\jdbgmgrnt.exe
C:\WINDOWS\jpb.exe
C:\WINDOWS\jshxw.exe
C:\WINDOWS\junchep.exe
C:\WINDOWS\juscheds.exe
C:\WINDOWS\jusjava.exe
C:\WINDOWS\justchd.exe
C:\WINDOWS\jvms.exe
C:\WINDOWS\kernel.exe
C:\WINDOWS\ko6bn9.bmp
C:\WINDOWS\lastnight.zip
C:\WINDOWS\LBTWiz.exe
C:\WINDOWS\Lexplorer.exe
C:\WINDOWS\lg.scr
C:\WINDOWS\linuxxp32.exe
C:\WINDOWS\log46.txt
C:\WINDOWS\loggon.exe
C:\WINDOWS\login.dll
C:\WINDOWS\logo1.gif
C:\WINDOWS\Logun.exe
C:\WINDOWS\lsas32.exe
C:\WINDOWS\lsass.exe
C:\WINDOWS\lsasss.exe
C:\WINDOWS\lsnas.exe
C:\WINDOWS\lspt.exe
C:\WINDOWS\lssman.exe
C:\WINDOWS\mac1.com
C:\WINDOWS\mag091307.zip
C:\WINDOWS\malhaazul.exe
C:\WINDOWS\mdfg4v.ge
C:\WINDOWS\mdll.exe
C:\WINDOWS\media\arquivo.exe
C:\WINDOWS\Media\Call32.exe
C:\WINDOWS\Media\ExP.exe
C:\WINDOWS\MEDIA\hp32.exe
C:\WINDOWS\Media\hptools.exe
C:\WINDOWS\media\messenger.exe
C:\WINDOWS\MEDIA\microsoft.exe
C:\WINDOWS\Media\microsoftware.exe
C:\WINDOWS\Media\rundII32.exe
C:\WINDOWS\Media\w7zip.exe
C:\WINDOWS\Media\WinetWork.exe
C:\WINDOWS\Media\WineWork.exe
C:\WINDOWS\Media\WriteWork.exe
C:\WINDOWS\Mensagem.exe
C:\WINDOWS\mess -.exe
C:\WINDOWS\messenger.exe
C:\WINDOWS\messengerapp.exe
C:\WINDOWS\mfvq4.e
C:\WINDOWS\mfvq5.e
C:\WINDOWS\mgrs.exe
C:\WINDOWS\Microsoft.exe
C:\WINDOWS\mjhor.exe
C:\WINDOWS\mnsns.scr
C:\WINDOWS\monitor1a.exe
C:\WINDOWS\mono.exe
C:\WINDOWS\mono.exe
C:\WINDOWS\mouse32.vxd
C:\WINDOWS\ms.exe
C:\WINDOWS\msapp\bifserver.exe
C:\WINDOWS\msapps\bifserver.exe
C:\WINDOWS\msapps\modulo3.txt
C:\WINDOWS\msapps\msinfo\msappts32.exe
C:\WINDOWS\msconfig.exe
C:\WINDOWS\msdnwin.exe
C:\WINDOWS\msg.exe
C:\WINDOWS\msgr.exe
C:\WINDOWS\msmbw.exe
C:\WINDOWS\MsmMsgr.exe
C:\WINDOWS\msmsg.exe
C:\WINDOWS\msmsgr.exe
C:\WINDOWS\msn.exe
C:\WINDOWS\msn.vbs
C:\WINDOWS\msn_profile.zip
C:\WINDOWS\msnappm.exe
C:\WINDOWS\msnbr.exe
C:\WINDOWS\msng.exe
C:\WINDOWS\msngr.exe
C:\WINDOWS\msnimport.exe
C:\WINDOWS\msnlogm.exe
C:\WINDOWS\msnlogs.exe
C:\WINDOWS\msnmsg.exe
C:\WINDOWS\msnmsgr.exe
C:\WINDOWS\msnmsgr1.exe
C:\WINDOWS\msnmsgr2.exe
C:\WINDOWS\msnmsgs.exe
C:\WINDOWS\msnmsngr.exe
C:\WINDOWS\msnmsnr.scr
C:\WINDOWS\msnmsnr.tmp
C:\WINDOWS\msnmssgr2.exe
C:\WINDOWS\msnnsggr2.exe
C:\WINDOWS\msnnsgrl.exe
C:\WINDOWS\MSNP.exe
C:\WINDOWS\msnupdate.zip
C:\WINDOWS\MsnValue.exe
C:\WINDOWS\mssoffice.tmp
C:\WINDOWS\mssq.exe
C:\WINDOWS\mstray.exe
C:\WINDOWS\msync.exe
C:\WINDOWS\Mwsx.exe
C:\WINDOWS\mxjxde.exe
C:\WINDOWS\My-Pictures.zip
C:\WINDOWS\My_Pictures2007
C:\WINDOWS\My_Pictures2007.zip
C:\WINDOWS\myspace-facebook.zip
C:\WINDOWS\myspace.zip
C:\WINDOWS\N039_jpg.zip
C:\WINDOWS\N5881.zip
C:\WINDOWS\Ndtstat.exe
C:\WINDOWS\new.exe
C:\WINDOWS\nod32.exe
C:\WINDOWS\Nokia_19_jpg.zip
C:\WINDOWS\nomedoprograma.exe
C:\WINDOWS\Norton.exe
C:\WINDOWS\NOTEEPAD.exe
C:\WINDOWS\ntrmv.exe
C:\WINDOWS\nts.exe
C:\WINDOWS\NvCpl.exe
C:\WINDOWS\Nzil.exe
C:\WINDOWS\okuta.exe
C:\WINDOWS\orkut.scr
C:\WINDOWS\ot8q4cp.bmp
C:\WINDOWS\Outlook.exe
C:\WINDOWS\p0017_jpg.zip
C:\WINDOWS\passt.scr
C:\WINDOWS\patchxp21.exe
C:\WINDOWS\PCHEALTER.exe
C:\WINDOWS\pegalista.exe
C:\WINDOWS\perfmon.exe
C:\WINDOWS\photo album 2007.zip
C:\WINDOWS\photo album.zip
C:\WINDOWS\photo.zip
C:\WINDOWS\photo_album 2007.zip
C:\WINDOWS\photo_album2007.zip
C:\WINDOWS\photos-webcam2007.zip
C:\WINDOWS\photos.zip
C:\WINDOWS\PIC20052007.JPEG
C:\WINDOWS\pic48174.zip
C:\WINDOWS\pics.zip
C:\WINDOWS\PictureAlbum2007.zip
C:\WINDOWS\pif.exe
C:\WINDOWS\plick.exe
C:\WINDOWS\ponto.DLL
C:\WINDOWS\practivea.exe
C:\WINDOWS\pruas.exe
C:\WINDOWS\pss\Flash.exe
C:\WINDOWS\pss\Widows.exe
C:\WINDOWS\ptrms.exe
C:\WINDOWS\rcimlby.exe
C:\WINDOWS\rdfhost.dll
C:\WINDOWS\rdihost.dll
C:\WINDOWS\rds.exe
C:\WINDOWS\rdshost.dll
C:\WINDOWS\regcleaner.exe
C:\WINDOWS\regedti.exe
C:\WINDOWS\regserve.cmd
C:\WINDOWS\regserve.exe
C:\WINDOWS\regservee.exe
C:\WINDOWS\regsvr.exe
C:\WINDOWS\retadpu.exe
C:\WINDOWS\retadpu.exe.bin
C:\WINDOWS\retadpu420.exe
C:\WINDOWS\revali.exe
C:\WINDOWS\Rg2catbd.exe
C:\WINDOWS\ributeslideshow.zip
C:\WINDOWS\rica.exe
C:\WINDOWS\rispac.exe
C:\WINDOWS\rnxntup.exe
C:\WINDOWS\rqqsnd.exe
C:\WINDOWS\rtf.bat
C:\WINDOWS\rtutvb5d.dll
C:\WINDOWS\rundl132.exe
C:\WINDOWS\Rundll.exe
C:\WINDOWS\rw.dlt
C:\WINDOWS\s.scr
C:\WINDOWS\S_00305_jpg.zip
C:\WINDOWS\S04_jpg.zip
C:\WINDOWS\s1.exe
C:\WINDOWS\sampaerio.exe
C:\WINDOWS\scanisk.exe
C:\WINDOWS\schost32.exe
C:\WINDOWS\ScktSrvr.exe
C:\WINDOWS\screenwin.scr
C:\WINDOWS\scvhost.exe
C:\WINDOWS\Secs2006.exe
C:\WINDOWS\sendwmdm.exe
C:\WINDOWS\September11thTribute.zip
C:\WINDOWS\serbw.exe
C:\WINDOWS\sercivo.exe
C:\WINDOWS\server.exe
C:\WINDOWS\serverletwindows.exe
C:\WINDOWS\serverletwindowsl.exe
C:\WINDOWS\service.exe
C:\WINDOWS\service.scr
C:\WINDOWS\service2.scr
C:\WINDOWS\service32.exe
C:\WINDOWS\servicee.exe
C:\WINDOWS\servicejava.scr
C:\WINDOWS\servicejava2.scr
C:\WINDOWS\services.dll
C:\WINDOWS\services.exe
C:\WINDOWS\servico.exe
C:\WINDOWS\setdebugnt.exe
C:\WINDOWS\SetPoint.exe
C:\WINDOWS\shDisp.exe
C:\WINDOWS\shdosbei.dat
C:\WINDOWS\shdosbei.dll
C:\WINDOWS\shdosbei.exe
C:\WINDOWS\siswin.exe
C:\WINDOWS\sk.exe
C:\WINDOWS\sk070725.exe
C:\WINDOWS\smss.exe
C:\WINDOWS\smss.scr
C:\WINDOWS\smsss.exe
C:\WINDOWS\sndrec32.exe
C:\WINDOWS\softdwind.exe
C:\WINDOWS\sokctes.dll
C:\WINDOWS\sokctes.zip
C:\WINDOWS\spiderpig.zip
C:\WINDOWS\spooldr.exe
C:\WINDOWS\spoolsv.exe
C:\WINDOWS\srsmsn.exe
C:\WINDOWS\srsttn.exe
C:\WINDOWS\ssssm.exe
C:\WINDOWS\stDebug.exe
C:\WINDOWS\Strad.exe
C:\WINDOWS\super.exe
C:\WINDOWS\SVCH0STll.EXE
C:\WINDOWS\svchosk.exe
C:\WINDOWS\svchost
C:\WINDOWS\svchost.com
C:\WINDOWS\svchost.dll
C:\WINDOWS\svchost.exe
C:\WINDOWS\svchost.scr
C:\WINDOWS\svchost32.exe
C:\WINDOWS\svchosta.exe
C:\WINDOWS\svchostd.exe
C:\WINDOWS\svchosts.dll
C:\WINDOWS\svchosts.exe
C:\WINDOWS\svchosts.scr
C:\WINDOWS\svchosts.tmp
C:\WINDOWS\svcr.exe
C:\WINDOWS\svcupdate.exe
C:\WINDOWS\svhost.temp
C:\WINDOWS\svhost.tmp
C:\WINDOWS\svhost32.exe
C:\WINDOWS\svschost.sys
C:\WINDOWS\svxh.exe
C:\WINDOWS\sys1.exe
C:\WINDOWS\SysArc.exe
C:\WINDOWS\SYSHOST.DLL
C:\WINDOWS\sysnet32.exe
C:\WINDOWS\System.exe
C:\WINDOWS\system\ashDisp.exe
C:\WINDOWS\system\ashServ.exe
C:\WINDOWS\system\ashSv.exe
C:\WINDOWS\System\AVG.clean.cmd
C:\WINDOWS\SYSTEM\bios.exe
C:\WINDOWS\System\BomDia.com
C:\WINDOWS\SYSTEM\CMRSS.EXE
C:\WINDOWS\system\down32.cmd
C:\WINDOWS\System\drk.exe
C:\WINDOWS\system\ehSched.exe
C:\WINDOWS\system\explorer.exe
C:\WINDOWS\system\ExplorerXP.exe
C:\WINDOWS\System\firefox.exe
C:\WINDOWS\SYSTEM\ICPLDRVX.EXE
C:\WINDOWS\system\iexplore.exe
C:\WINDOWS\system\IMG024.JPG.zip
C:\WINDOWS\system\kl.dll
C:\WINDOWS\system\lsass.exe
C:\WINDOWS\SYSTEM\lsass32.exe
C:\WINDOWS\SYSTEM\mpeg4dec0.dll
C:\WINDOWS\SYSTEM\msbcs.exe
C:\WINDOWS\system\msmnsgr.exe
C:\WINDOWS\System\msmsgc.cmd
C:\WINDOWS\system\msmsgs.exe
C:\WINDOWS\system\msn.dat
C:\WINDOWS\system\msn.dll
C:\WINDOWS\System\msnmsg.exe
C:\WINDOWS\System\msnmsgr.cmd
C:\WINDOWS\system\msnmsgr.exe
C:\WINDOWS\System\msnmsgs.exe
C:\WINDOWS\System\msnmsngrss.exe
C:\WINDOWS\system\NOTEPAD.exe
C:\WINDOWS\System\nppagent.exe
C:\WINDOWS\system\plugin.exe
C:\WINDOWS\System\regclean.cmd
C:\WINDOWS\SYSTEM\remote.cmd
C:\WINDOWS\System\servelet.exe
C:\WINDOWS\system\services.exe
C:\WINDOWS\System\smsc.exe
C:\WINDOWS\System\Sound.scr
C:\WINDOWS\system\svchost.dat
C:\WINDOWS\system\svchost.exe
C:\WINDOWS\system\svhost.exe
C:\WINDOWS\System\syslogon.exe
C:\WINDOWS\System\taskgr.exe
C:\WINDOWS\system\taskmam.exe
C:\WINDOWS\System\taskngr.exe
C:\WINDOWS\System\WF.exe
C:\WINDOWS\System\winlogon.exe
C:\WINDOWS\System\worm.exe
C:\WINDOWS\SYSTEM\wsass32.exe
C:\WINDOWS\SYSTEM\wzip32.exe
C:\WINDOWS\System\xsmith.scr
C:\WINDOWS\system32.exe
C:\WINDOWS\System32apoa.scr
C:\WINDOWS\System32fpoa.scr
C:\WINDOWS\System32msn.scr
C:\WINDOWS\System32xpoa.scr
C:\WINDOWS\System32zpoa.scr
C:\WINDOWS\system64.exe
C:\WINDOWS\systemos1.exe
C:\WINDOWS\systemrun32.exe
C:\WINDOWS\systen291.exe
C:\WINDOWS\systen299.exe
C:\WINDOWS\systraicon.exe
C:\WINDOWS\sysuatch.exe
C:\WINDOWS\sysuatch.zip
C:\WINDOWS\sysuphatch.exe
C:\WINDOWS\szsvc.exe
C:\WINDOWS\talk32.exe
C:\WINDOWS\tasklist32.exe
C:\WINDOWS\TASKMAN-.exe
C:\WINDOWS\taskmgr.exe
C:\WINDOWS\taskmsgs.exe
C:\WINDOWS\Tasks\derrubabagbd.job
C:\WINDOWS\Tasks\startt.job
C:\WINDOWS\Temp\rundll32.exe
C:\WINDOWS\Temp\taskngr.exe
C:\WINDOWS\tggwkl.exe
C:\WINDOWS\tggwok.exe
C:\WINDOWS\tgrpkc.exe
C:\WINDOWS\thunderbird.exe
C:\WINDOWS\traysssw.exe
C:\WINDOWS\tsitra.exe
C:\WINDOWS\udll.exe
C:\WINDOWS\updt.scr
C:\WINDOWS\userinit.exe
C:\WINDOWS\usnsvc.exe
C:\WINDOWS\valentine_card.zip
C:\WINDOWS\verify.exe
C:\WINDOWS\video.exe
C:\WINDOWS\virtualdisk.exe
C:\WINDOWS\virtualmsif.exe
C:\WINDOWS\vmnreg32.exe
C:\WINDOWS\vpcrtf.exe
C:\WINDOWS\vpgr.exe
C:\WINDOWS\W139_jpg.zip
C:\WINDOWS\wab.exe
C:\WINDOWS\wcvs.exe
C:\WINDOWS\wdfmgr.exe
C:\WINDOWS\webdesign.zip
C:\WINDOWS\webshots.scr
C:\WINDOWS\wfgwkl.exe
C:\WINDOWS\wfgwok.exe
C:\WINDOWS\wfrpkc.exe
C:\WINDOWS\win32api.scr
C:\WINDOWS\win32dll.exe
C:\WINDOWS\winamp.exe
C:\WINDOWS\WinBool32.exe
C:\WINDOWS\wind.exe
C:\WINDOWS\windll.exe
C:\WINDOWS\windows.cmd
C:\WINDOWS\windows.exe
C:\WINDOWS\Windows32.exe
C:\WINDOWS\Windows32.scr
C:\WINDOWS\Windows64.scr
C:\WINDOWS\WindowsSp2.exe
C:\WINDOWS\windowsupdate.exe
C:\WINDOWS\WindowsXp2.exe
C:\WINDOWS\WindowsXPdll.exe
C:\WINDOWS\WindowsXPnet.exe
C:\WINDOWS\windrivers.exe
C:\WINDOWS\WinDV.exe
C:\WINDOWS\WinExplor.exe
C:\WINDOWS\WinExplore.exe
C:\WINDOWS\winfp.exe
C:\WINDOWS\winhlp.exe
C:\WINDOWS\winhlp32.dat
C:\WINDOWS\winload.inf
C:\WINDOWS\winlog32.exe
C:\WINDOWS\winlogin.exe
C:\WINDOWS\winlogon.exe
C:\WINDOWS\WinLogT.exe
C:\WINDOWS\winlon.exe
C:\WINDOWS\winn.exe
C:\WINDOWS\winnavegador.exe
C:\WINDOWS\WinNT.exe
C:\WINDOWS\WinNT2.exe
C:\WINDOWS\winnt32.exe
C:\WINDOWS\winpo32.exe
C:\WINDOWS\winpos.exe
C:\WINDOWS\winsrvv.exe
C:\WINDOWS\winstart.exe
C:\WINDOWS\winsxp32.exe
C:\WINDOWS\winsyshp.exe
C:\WINDOWS\wintech.exe
C:\WINDOWS\Winupdbc.exe
C:\WINDOWS\winvhost3.exe
C:\WINDOWS\winvip.exe
C:\WINDOWS\winx.exe
C:\WINDOWS\winxp.exe
C:\WINDOWS\wmdplayer.exe
C:\WINDOWS\wmeiuht.exe
C:\WINDOWS\WNDXP.exe
C:\WINDOWS\wnlsos.exe
C:\WINDOWS\wordpad.pif
C:\WINDOWS\wormlist.exe
C:\WINDOWS\wr.txt
C:\WINDOWS\wrdmgr.exe
C:\WINDOWS\wscty32.exe
C:\WINDOWS\wtflmao.zip
C:\WINDOWS\wxzmsa.gft
C:\WINDOWS\wxzmsa.xft
C:\WINDOWS\wxzmsa.xxt
C:\WINDOWS\wxzoka.gft
C:\WINDOWS\wxzoka.xft
C:\WINDOWS\wxzoka.xxt
C:\WINDOWS\wxzsui.gft
C:\WINDOWS\wxzsui.xft
C:\WINDOWS\wxzsui.xxt
C:\WINDOWS\wxzwok.gft
C:\WINDOWS\wxzwok.xft
C:\WINDOWS\wxzwok.xxt
C:\WINDOWS\X_0005_jpg.zip
C:\WINDOWS\xcodex.exe
C:\WINDOWS\xhntuok.exe
C:\WINDOWS\xisp.exe
C:\WINDOWS\xjmelr.exe
C:\WINDOWS\xpos.exe
C:\WINDOWS\xrapp.exe
C:\WINDOWS\xzmsa.adt
C:\WINDOWS\xzoka.adt
C:\WINDOWS\xzsui.adt
C:\WINDOWS\xzwok.adt
C:\WINDOWS\ydll.exe
C:\WINDOWS\ying.exe
C:\WINDOWS\yong.exe
C:\WINDOWS\Z058_jpg.zip
C:\WINDOWS\Zap.exe
C:\WINDOWS\ZaZ.exe
C:\WINDOWS\Zos.exe
C:\WINDOWS\Zser.exe
C:\WINDOWS\system32\11.exe
C:\WINDOWS\system32\1512.exe
C:\WINDOWS\system32\2007rox.dll
C:\WINDOWS\system32\22.exe
C:\WINDOWS\system32\2934.exe
C:\WINDOWS\system32\33.exe
C:\WINDOWS\system32\44.exe
C:\WINDOWS\system32\6to4seri.dll
C:\WINDOWS\system32\6w5b1ksec.dll
C:\WINDOWS\system32\ACER.exe
C:\WINDOWS\system32\adaware.exe
C:\WINDOWS\system32\ahiclln.exe
C:\WINDOWS\system32\ahr.exe
C:\WINDOWS\system32\ahui32.exe
C:\WINDOWS\system32\aIg.exe
C:\WINDOWS\system32\alf.exe
C:\WINDOWS\system32\alg.scr
C:\WINDOWS\system32\algcs.scr
C:\WINDOWS\system32\algs.exe
C:\WINDOWS\system32\allge.scr
C:\WINDOWS\system32\amsn.exe
C:\WINDOWS\system32\AntiVirus.exe
C:\WINDOWS\system32\Antivirus32.exe
C:\WINDOWS\system32\apoa.scr
C:\WINDOWS\system32\ashDisp.exe
C:\WINDOWS\system32\ashServ.exe
C:\WINDOWS\system32\ashSv.exe
C:\WINDOWS\system32\asrchk.exe
C:\WINDOWS\system32\atraslay.dll
C:\WINDOWS\system32\Atsys.ddd
C:\WINDOWS\system32\Atsys.exe
C:\WINDOWS\system32\Atualizacao.exe
C:\WINDOWS\system32\audiohq.exe
C:\WINDOWS\system32\audise.exe
C:\WINDOWS\system32\authrasm.exe
C:\WINDOWS\system32\Auto.exe
C:\WINDOWS\system32\autoexec.bat
C:\WINDOWS\system32\autorun.ini
C:\WINDOWS\system32\avg64.exe
C:\WINDOWS\system32\azip32.dll
C:\WINDOWS\system32\b35sl2.dll
C:\WINDOWS\system32\bak\hide32.exe
C:\WINDOWS\system32\ban_list.txt
C:\WINDOWS\system32\Bifrost\server.exe
C:\WINDOWS\system32\bios.exe
C:\WINDOWS\system32\black.exe
C:\WINDOWS\system32\blue.exe
C:\WINDOWS\system32\bohe.exe
C:\WINDOWS\system32\BRISA.exe
C:\WINDOWS\system32\bssys.exe
C:\WINDOWS\system32\bsys.exe
C:\WINDOWS\system32\bsys.scr
C:\WINDOWS\system32\bsyys.scr
C:\WINDOWS\system32\btpaxole.dll
C:\WINDOWS\system32\cartao.scr
C:\WINDOWS\system32\cbi.exe
C:\WINDOWS\system32\ccsysup.exe
C:\WINDOWS\system32\ccsysupd.exe
C:\WINDOWS\system32\celcred.scr
C:\WINDOWS\system32\celular.exe
C:\WINDOWS\system32\certmsje.dll
C:\WINDOWS\system32\chmod.exe
C:\WINDOWS\system32\chmod3.exe
C:\WINDOWS\system32\Cica.exe
C:\WINDOWS\system32\cica.scr
C:\WINDOWS\system32\cjavau.exe
C:\WINDOWS\system32\cmrss.dll.exe
C:\WINDOWS\system32\cmrss.exe
C:\WINDOWS\system32\cmrss.scr
C:\WINDOWS\system32\code.exe
C:\WINDOWS\system32\codec.exe
C:\WINDOWS\system32\Com\klog.dat
C:\WINDOWS\system32\Com\lssas.exe
C:\WINDOWS\system32\Com\lssass.exe
C:\WINDOWS\system32\Com\se_fudeu.exe
C:\WINDOWS\system32\Config\svchost.exe
C:\WINDOWS\system32\Config\winlogon.exe
C:\WINDOWS\system32\csrrs.scr
C:\WINDOWS\system32\csrs.exe
C:\WINDOWS\system32\csrs.scr
C:\WINDOWS\system32\csrs.txt
C:\WINDOWS\system32\cssrs.scr
C:\WINDOWS\system32\ctfman.exe
C:\WINDOWS\system32\ctl3diac.exe
C:\WINDOWS\system32\cymdda.dll
C:\WINDOWS\system32\d1.exe
C:\WINDOWS\system32\d3dpwmst.dat
C:\WINDOWS\system32\d3dpwmst.dll
C:\WINDOWS\system32\d3dpwmst.exe
C:\WINDOWS\system32\danilo.exe
C:\WINDOWS\system32\ddcywvt.dll
C:\WINDOWS\system32\ddemwmad.dat
C:\WINDOWS\system32\ddemwmad.dll
C:\WINDOWS\system32\ddemwmad.exe
C:\WINDOWS\system32\Death.exe
C:\WINDOWS\system32\DefLib.sys
C:\WINDOWS\system32\delplme.bat
C:\WINDOWS\system32\delplme.cmd
C:\WINDOWS\system32\delplme.com
C:\WINDOWS\system32\deqq\alial
C:\WINDOWS\system32\deqq\cult.exe
C:\WINDOWS\system32\deqq\dlcl.edp
C:\WINDOWS\system32\deqq\ger.exe
C:\WINDOWS\system32\deqq\gt.x
C:\WINDOWS\system32\deqq\hosts
C:\WINDOWS\system32\deqq\knlps.exe
C:\WINDOWS\system32\deqq\knlps.sys
C:\WINDOWS\system32\deqq\ksat.bat
C:\WINDOWS\system32\deqq\medo.dl
C:\WINDOWS\system32\deqq\orrl.exe
C:\WINDOWS\system32\deqq\palsp.exe
C:\WINDOWS\system32\deqq\repcale.exe
C:\WINDOWS\system32\deqq\riqa
C:\WINDOWS\system32\deqq\w.e
C:\WINDOWS\system32\deqq\zema
C:\WINDOWS\system32\desi.exe
C:\WINDOWS\system32\desktop.exe
C:\WINDOWS\system32\dhcp\formsw.exe
C:\WINDOWS\system32\dhcp\spolsv.exe
C:\WINDOWS\system32\dhcp\spoolsv.exe
C:\WINDOWS\system32\dhcp\spoolsvs.exe
C:\WINDOWS\system32\dhcp\trays.exe
C:\WINDOWS\system32\dhcpkbdh.exe
C:\WINDOWS\system32\diagisr.dll
C:\WINDOWS\system32\didi.exe
C:\WINDOWS\system32\direct3dfx.dll
C:\WINDOWS\system32\direct3dx.dll
C:\WINDOWS\system32\directfxd.exe
C:\WINDOWS\system32\directxd.exe
C:\WINDOWS\system32\disk.exe
C:\WINDOWS\system32\disk10.exe
C:\WINDOWS\system32\Diup.exe
C:\WINDOWS\system32\dl.exe
C:\WINDOWS\system32\dllcache\again.exe
C:\WINDOWS\system32\dllcache\copiandotudo.exe
C:\WINDOWS\system32\dllcache\curioso.exe
C:\WINDOWS\system32\dllcache\denovo_aqui.exe
C:\WINDOWS\system32\dllcache\Flinstone.exe
C:\WINDOWS\system32\dllcache\inside.exe
C:\WINDOWS\system32\dllcache\invadido.exe
C:\WINDOWS\system32\dllcache\inyourface.exe
C:\WINDOWS\system32\dllcache\iron_maiden.exe
C:\WINDOWS\system32\dllcache\ja_era_hehe.exe
C:\WINDOWS\system32\dllcache\jhost.exe
C:\WINDOWS\system32\dllcache\jucheck.exe
C:\WINDOWS\system32\dllcache\jvshost.exe
C:\WINDOWS\system32\dllcache\klog.dat
C:\WINDOWS\system32\dllcache\msnworm.exe
C:\WINDOWS\system32\dllcache\mswan.exe
C:\WINDOWS\system32\dllcache\naoadianta.exe
C:\WINDOWS\system32\dllcache\nirvena.exe
C:\WINDOWS\system32\dllcache\novamente.exe
C:\WINDOWS\system32\dllcache\poisonivy.exe
C:\WINDOWS\system32\dllcache\protweb.exe
C:\WINDOWS\system32\dllcache\qsch0st.exe
C:\WINDOWS\system32\dllcache\Rtsecar.exe
C:\WINDOWS\system32\dllcache\scvhost.exe
C:\WINDOWS\system32\dllcache\se_fudeu.exe
C:\WINDOWS\system32\dllcache\starting.exe
C:\WINDOWS\system32\dllcache\Terror_MSN.exe
C:\WINDOWS\system32\dllcache\testandoA.exe
C:\WINDOWS\system32\dllcache\tsorfib.exe
C:\WINDOWS\system32\dllcache\verme_chato.exe
C:\WINDOWS\system32\dllcache\winmga.exe
C:\WINDOWS\system32\dllcache\winrcn.exe
C:\WINDOWS\system32\dllcache\winsno.exe
C:\WINDOWS\system32\dllcache\winsntp.exe
C:\WINDOWS\system32\dllcache\winsony.exe
C:\WINDOWS\system32\dllcache\ZoneAlarm.exe
C:\WINDOWS\system32\dllhostup.exe
C:\WINDOWS\system32\dllvirtual.dll
C:\WINDOWS\system32\dllvirtual.exe
C:\WINDOWS\system32\dllvirtual.js
C:\WINDOWS\system32\dlssd.exe
C:\WINDOWS\system32\dnsajobe.dat
C:\WINDOWS\system32\dnsajobe.dll
C:\WINDOWS\system32\dnsajobe.exe
C:\WINDOWS\system32\doriot.exe
C:\WINDOWS\system32\dpl1npwm.dat
C:\WINDOWS\system32\dpl1npwm.dll
C:\WINDOWS\system32\dpl1npwm.exe
C:\WINDOWS\system32\dpv1bidi.dll
C:\WINDOWS\system32\dpwsmmfu.dat
C:\WINDOWS\system32\dpwsmmfu.dll
C:\WINDOWS\system32\dpwsmmfu.exe
C:\WINDOWS\system32\dragon.txt
C:\WINDOWS\system32\drift.scr
C:\WINDOWS\system32\drivers\0001.scr
C:\WINDOWS\system32\drivers\8cc342db.sys
C:\WINDOWS\system32\drivers\atapi16.sys
C:\WINDOWS\system32\drivers\backsys.sys
C:\WINDOWS\system32\drivers\Csrs.exe
C:\WINDOWS\system32\drivers\drivers\isapnp.exe
C:\WINDOWS\system32\drivers\drivers\task.exe
C:\WINDOWS\system32\drivers\etc\hosts.exe
C:\WINDOWS\system32\drivers\etc\services.exe
C:\WINDOWS\system32\drivers\etc\svchosts.exe
C:\WINDOWS\system32\drivers\isapnp.exe
C:\WINDOWS\system32\drivers\oreans32.sys
C:\WINDOWS\system32\drivers\privada.exe
C:\WINDOWS\system32\drivers\root\system
C:\WINDOWS\system32\drivers\services.exe
C:\WINDOWS\system32\drivers\sndrec32.exe
C:\WINDOWS\system32\drivers\Sndrec64.exe
C:\WINDOWS\system32\drivers\sys.exe
C:\WINDOWS\system32\drivers\System.exe
C:\WINDOWS\system32\drivers\taskmgr.exe
C:\WINDOWS\system32\drivers\winlogon.exe
C:\WINDOWS\system32\drsmartload1135a.exe
C:\WINDOWS\system32\Drunk_lol.pif
C:\WINDOWS\system32\dsys.scr
C:\WINDOWS\system32\dxdll\svchost.exe
C:\WINDOWS\system32\dxovx.dll
C:\WINDOWS\system32\dydhcp.exe
C:\WINDOWS\system32\ehSched.exe
C:\WINDOWS\system32\epson.scr
C:\WINDOWS\system32\ersvsync.dat
C:\WINDOWS\system32\ersvsync.dll
C:\WINDOWS\system32\ersvsync.exe
C:\WINDOWS\system32\Estra.exe
C:\WINDOWS\system32\ExCorp.exe
C:\WINDOWS\system32\Exec32.exe
C:\WINDOWS\system32\explore.exe
C:\WINDOWS\system32\EXPLORER.EXE
C:\WINDOWS\system32\explori.exe
C:\WINDOWS\system32\f1.exe
C:\WINDOWS\system32\faate32.exe
C:\WINDOWS\system32\faT.exe
C:\WINDOWS\system32\file.exe
C:\WINDOWS\system32\firewall.exe
C:\WINDOWS\system32\firewallav.dll
C:\WINDOWS\system32\flw334.dll
C:\WINDOWS\system32\formatsys.exe
C:\WINDOWS\system32\foto_celular.scr
C:\WINDOWS\system32\fotos
C:\WINDOWS\system32\fotos04102006.exe
C:\WINDOWS\system32\fpoa.scr
C:\WINDOWS\system32\game.rar
C:\WINDOWS\system32\game.zip
C:\WINDOWS\system32\gbiehh.exe
C:\WINDOWS\system32\gmail.exe
C:\WINDOWS\system32\gmilogon.exe
C:\WINDOWS\system32\grana.scr
C:\WINDOWS\system32\gray.exe
C:\WINDOWS\system32\green.exe
C:\WINDOWS\system32\gsmutx.exe
C:\WINDOWS\system32\gsx2.exe
C:\WINDOWS\system32\h435adlc.dll
C:\WINDOWS\system32\haha.exe
C:\WINDOWS\system32\hanonvt.ini
C:\WINDOWS\system32\help.scr
C:\WINDOWS\system32\Hide32.exe
C:\WINDOWS\system32\hidekit.exe
C:\WINDOWS\system32\hiholl.com
C:\WINDOWS\system32\hlpsrv.exe
C:\WINDOWS\system32\hork.exe
C:\WINDOWS\system32\hostfast.cmd
C:\WINDOWS\system32\hosts.exe
C:\WINDOWS\system32\hosts.scr
C:\WINDOWS\system32\hosts.txt
C:\WINDOWS\system32\hosts2.scr
C:\WINDOWS\system32\hptzb02.exe
C:\WINDOWS\system32\hs.exe
C:\WINDOWS\system32\hsvwer4.dll
C:\WINDOWS\system32\hsvwer9.dll
C:\WINDOWS\system32\html.txt
C:\WINDOWS\system32\htssv.exe
C:\WINDOWS\system32\i.exe
C:\WINDOWS\system32\i32yyc.exe
C:\WINDOWS\system32\i5iphe.exe
C:\WINDOWS\system32\icone.exe
C:\WINDOWS\system32\icpldrv.exe
C:\WINDOWS\system32\icpldrvx.exe
C:\WINDOWS\system32\icpldrvx.js
C:\WINDOWS\system32\icwpslbi.exe
C:\WINDOWS\system32\ie.exe
C:\WINDOWS\system32\iefav
C:\WINDOWS\system32\iefav\tools\SpyWinWb.dll
C:\WINDOWS\system32\iefav\tools4\SpyWinWb.dll
C:\WINDOWS\system32\iefav\toolz\SpyWinWb.dll
C:\WINDOWS\system32\iewq32.exe
C:\WINDOWS\system32\IEXPLORE.exe
C:\WINDOWS\system32\iexplore.scr
C:\WINDOWS\system32\iexplorer.dll.exe
C:\WINDOWS\system32\iexplorer.exe
C:\WINDOWS\system32\iissmspb.dll
C:\WINDOWS\system32\img.cmd
C:\WINDOWS\system32\IMG0007.rar
C:\WINDOWS\system32\IMG0007.zip
C:\WINDOWS\system32\imglog.scr
C:\WINDOWS\system32\imglong.exe
C:\WINDOWS\system32\imglong.pif
C:\WINDOWS\system32\ImgPaint.exe
C:\WINDOWS\system32\imgrb.scr
C:\WINDOWS\system32\imgrbs.scr
C:\WINDOWS\system32\imgrd.scr
C:\WINDOWS\system32\imgrt.scr
C:\WINDOWS\system32\imstcallback.exe
C:\WINDOWS\system32\inetlibx.exe
C:\WINDOWS\system32\infowshb.dll
C:\WINDOWS\system32\InternetAccsess532.dll
C:\WINDOWS\system32\intlprinters.exe
C:\WINDOWS\system32\invadido.exe
C:\WINDOWS\system32\ipprbatm.dll
C:\WINDOWS\system32\irpf.exe
C:\WINDOWS\system32\Isass.exe
C:\WINDOWS\system32\Isass.scr
C:\WINDOWS\system32\isass32.exe
C:\WINDOWS\system32\isrprf32.dll
C:\WINDOWS\system32\isrprov.exe
C:\WINDOWS\system32\issas0x.scr
C:\WINDOWS\system32\j6w5b1ksec.dll
C:\WINDOWS\system32\jamaica.exe
C:\WINDOWS\system32\java.cmd
C:\WINDOWS\system32\java.scr
C:\WINDOWS\system32\javajrk.exe
C:\WINDOWS\system32\javas.exe
C:\WINDOWS\system32\jpb.exe
C:\WINDOWS\system32\jshxw.exe
C:\WINDOWS\system32\jubswwe
C:\WINDOWS\system32\jucshed.cmd
C:\WINDOWS\system32\Juegs.exe
C:\WINDOWS\system32\jusched.exe
C:\WINDOWS\system32\JVM.exe
C:\WINDOWS\system32\JVM0.exe
C:\WINDOWS\system32\JVMa.exe
C:\WINDOWS\system32\kavsvc32.exe
C:\WINDOWS\system32\kbdemsdm.dat
C:\WINDOWS\system32\kbdemsdm.dll
C:\WINDOWS\system32\kbdemsdm.dll
C:\WINDOWS\system32\kbdemsdm.exe
C:\WINDOWS\system32\kbdnmfc4.dll
C:\WINDOWS\system32\kerlupa.exe
C:\WINDOWS\system32\kernels32.exe
C:\WINDOWS\system32\killdesig.exe
C:\WINDOWS\system32\kimhelpmak.exe
C:\WINDOWS\system32\klpp.exe
C:\WINDOWS\system32\kmsklx.exe
C:\WINDOWS\system32\kyfffo.exe
C:\WINDOWS\system32\le.exe
C:\WINDOWS\system32\leetch32.exe
C:\WINDOWS\system32\lexplore.exe
C:\WINDOWS\system32\Lexplorer.exe
C:\WINDOWS\system32\libcinet.exe
C:\WINDOWS\system32\libcintle.dll
C:\WINDOWS\system32\libcintle2.dll
C:\WINDOWS\system32\libcintles3.dll
C:\WINDOWS\system32\libhelps.dll
C:\WINDOWS\system32\libinets.dll
C:\WINDOWS\system32\libmsns.dll
C:\WINDOWS\system32\libweb.dll
C:\WINDOWS\system32\libwinets.dll
C:\WINDOWS\system32\list.exe
C:\WINDOWS\system32\locadx3j.dll
C:\WINDOWS\system32\login.dll
C:\WINDOWS\system32\logon.com
C:\WINDOWS\system32\logon.exe
C:\WINDOWS\system32\logon1.scr
C:\WINDOWS\system32\logon2.scr
C:\WINDOWS\system32\logunit.sys
C:\WINDOWS\system32\lookatme.exe
C:\WINDOWS\system32\love_me.pif
C:\WINDOWS\system32\lprhwinn.exe
C:\WINDOWS\system32\lsass2.exe
C:\WINDOWS\system32\lsass32.exe
C:\WINDOWS\system32\lsass47.exe
C:\WINDOWS\system32\lsasss.exe
C:\WINDOWS\system32\lsassss.exe
C:\WINDOWS\system32\lssas.exe
C:\WINDOWS\system32\lvss.exe
C:\WINDOWS\system32\mag_cscd.dat
C:\WINDOWS\system32\mag_cscd.dll
C:\WINDOWS\system32\mag_cscd.exe
C:\WINDOWS\system32\malware.exe
C:\WINDOWS\system32\mangal.exe
C:\WINDOWS\system32\mdn.exe
C:\WINDOWS\system32\MEGATRON.ini
C:\WINDOWS\system32\Mensagem.exe
C:\WINDOWS\system32\mess.scr
C:\WINDOWS\system32\messenger.exe
C:\WINDOWS\system32\messenger.scr
C:\WINDOWS\system32\messenger32.scr
C:\WINDOWS\system32\mgmsgr.exe
C:\WINDOWS\system32\Microsoft.exe
C:\WINDOWS\system32\microsoft\backup.ftp
C:\WINDOWS\system32\microsoft\backup.tftp
C:\WINDOWS\system32\mkdrxz.exe
C:\WINDOWS\system32\mkrshcx.exe
C:\WINDOWS\system32\modulo1.exe
C:\WINDOWS\system32\modulo2.exe
C:\WINDOWS\system32\modulo3.exe
C:\WINDOWS\system32\mpeg4dec0.dll
C:\WINDOWS\system32\mrjaskr.exe
C:\WINDOWS\system32\mrjasmr.exe
C:\WINDOWS\system32\msbcs.exe
C:\WINDOWS\system32\msbcs.scr
C:\WINDOWS\system32\msbiwmip.dll
C:\WINDOWS\system32\mscheldbnp.scr
C:\WINDOWS\system32\Mscheldncx.scr
C:\WINDOWS\system32\Mscheldork.scr
C:\WINDOWS\system32\mscmippr.dat
C:\WINDOWS\system32\mscmippr.dll
C:\WINDOWS\system32\mscmippr.exe
C:\WINDOWS\system32\msconf.exe
C:\WINDOWS\system32\msftmssw.exe
C:\WINDOWS\system32\MsgPlus.exe
C:\WINDOWS\system32\msgraphics.exe
C:\WINDOWS\system32\msgrcg32.scr
C:\WINDOWS\system32\mshtmldat32.exe
C:\WINDOWS\system32\mshtmsdt.dll
C:\WINDOWS\system32\msihlprm.exe
C:\WINDOWS\system32\msload.exe
C:\WINDOWS\system32\msmgsr.exe
C:\WINDOWS\system32\msmsgr.exe
C:\WINDOWS\system32\MSMSN32.EXE
C:\WINDOWS\system32\msn.dll
C:\WINDOWS\system32\msn.exe
C:\WINDOWS\system32\msn.scr
C:\WINDOWS\system32\MSN_ENVIA.exe
C:\WINDOWS\system32\MSN_MSS.exe
C:\WINDOWS\system32\msn32.exe
C:\WINDOWS\system32\msn6.3.exe
C:\WINDOWS\system32\msnconf.exe
C:\WINDOWS\system32\MSNENVIA.exe
C:\WINDOWS\system32\msnfile.exe
C:\WINDOWS\system32\msnfix.exe
C:\WINDOWS\system32\msng.exe
C:\WINDOWS\system32\msngr.exe
C:\WINDOWS\system32\msngrn.exe
C:\WINDOWS\system32\msninet.exe
C:\WINDOWS\system32\msnix.scr
C:\WINDOWS\system32\MSNMGS1.exe
C:\WINDOWS\system32\msnms.exe
C:\WINDOWS\system32\msnmsegr.exe
C:\WINDOWS\system32\msnmsg.exe
C:\WINDOWS\system32\msnmsgr.exe
C:\WINDOWS\system32\msnmsgs.exe
C:\WINDOWS\system32\msnmsnr.exe
C:\WINDOWS\system32\msnmsnr.scr
C:\WINDOWS\system32\msnmssgr.exe
C:\WINDOWS\system32\msnn.exe
C:\WINDOWS\system32\msnnsgr.exe
C:\WINDOWS\system32\msnplus.exe
C:\WINDOWS\system32\msnpop.exe
C:\WINDOWS\system32\msnsgs.exe
C:\WINDOWS\system32\msnsupport.exe
C:\WINDOWS\system32\msnus.exe
C:\WINDOWS\system32\MSNWA.exe
C:\WINDOWS\system32\msnwisterd.exe
C:\WINDOWS\system32\msnworm.exe
C:\WINDOWS\system32\MSOffice.exe
C:\WINDOWS\system32\msout.exe
C:\WINDOWS\system32\msprwinn.dat
C:\WINDOWS\system32\msprwinn.dll
C:\WINDOWS\system32\msprwinn.exe
C:\WINDOWS\system32\msreg.exe
C:\WINDOWS\system32\msscdpnm.exe
C:\WINDOWS\system32\mssend.exe
C:\WINDOWS\system32\mssnn.exe
C:\WINDOWS\system32\msssn.exe
C:\WINDOWS\system32\mstrust32.dll
C:\WINDOWS\system32\mswxvz.exe
C:\WINDOWS\system32\msxml32.exe
C:\WINDOWS\system32\mw.exe
C:\WINDOWS\system32\naked_party.pif
C:\WINDOWS\system32\naoadianta.exe
C:\WINDOWS\system32\Navaps.scr
C:\WINDOWS\system32\navy.exe
C:\WINDOWS\system32\Negdo.exe
C:\WINDOWS\system32\netburn.scr
C:\WINDOWS\system32\netepade.scr
C:\WINDOWS\system32\netlocca.dat
C:\WINDOWS\system32\netlocca.dll
C:\WINDOWS\system32\netlocca.exe
C:\WINDOWS\system32\NetMeeting.exe
C:\WINDOWS\system32\netsupp.dll
C:\WINDOWS\system32\newsystem25.dll
C:\WINDOWS\system32\nfw32.exe
C:\WINDOWS\system32\nmevscrr.exe
C:\WINDOWS\system32\nostd.scr
C:\WINDOWS\system32\not_uno.exe
C:\WINDOWS\system32\notepadd.exe
C:\WINDOWS\system32\notice.dll
C:\WINDOWS\system32\notiffy.dll
C:\WINDOWS\system32\NSecurity.exe
C:\WINDOWS\system32\nsnmsgr.exe
C:\WINDOWS\system32\nsstd.scr
C:\WINDOWS\system32\ntssv.exe
C:\WINDOWS\system32\nvcpll.exe
C:\WINDOWS\system32\nvsvc64.exe
C:\WINDOWS\system32\oddysee.exe
C:\WINDOWS\system32\office.exe
C:\WINDOWS\system32\oi.exe
C:\WINDOWS\system32\okt.exe
C:\WINDOWS\system32\opengll.exe
C:\WINDOWS\system32\openglx.exe
C:\WINDOWS\system32\orgut.exe
C:\WINDOWS\system32\orgut.scr
C:\WINDOWS\system32\ork.exe
C:\WINDOWS\system32\orkut.scr
C:\WINDOWS\system32\orkut_jptsky.exe
C:\WINDOWS\system32\OSSMTP.DLL
C:\WINDOWS\system32\Outlook Express.exe
C:\WINDOWS\system32\partner.log
C:\WINDOWS\system32\perfdisp.dat
C:\WINDOWS\system32\perfdisp.dll
C:\WINDOWS\system32\perfdisp.exe
C:\WINDOWS\system32\PerfStringV4.9.dll
C:\WINDOWS\system32\photoalbum.rar
C:\WINDOWS\system32\photoalbum.zip
C:\WINDOWS\system32\photopaint.exe
C:\WINDOWS\system32\photopoint.exe
C:\WINDOWS\system32\photos.rar
C:\WINDOWS\system32\plugim.exe
C:\WINDOWS\system32\plugin.exe
C:\WINDOWS\system32\plugin.scr
C:\WINDOWS\system32\plugin.txt
C:\WINDOWS\system32\Plugin1.dat
C:\WINDOWS\system32\pluginx.exe
C:\WINDOWS\system32\poison.sys
C:\WINDOWS\system32\Principal.exe
C:\WINDOWS\system32\printers.exe
C:\WINDOWS\system32\prodigy323.dll
C:\WINDOWS\system32\prodigys323.dll
C:\WINDOWS\system32\program1.exe
C:\WINDOWS\system32\pruas.exe
C:\WINDOWS\system32\psapuman.exe
C:\WINDOWS\system32\psnppack.dll
C:\WINDOWS\system32\quegrilo.scr
C:\WINDOWS\system32\querdgne.dat
C:\WINDOWS\system32\querdgne.dll
C:\WINDOWS\system32\querdgne.exe
C:\WINDOWS\system32\rafba.dll
C:\WINDOWS\system32\Raid_N.exe
C:\WINDOWS\system32\rdcshost32.exe
C:\WINDOWS\system32\rdfhost.dll
C:\WINDOWS\system32\rdihost.dll
C:\WINDOWS\system32\rdpszipf.dll
C:\WINDOWS\system32\rdshost.dll
C:\WINDOWS\system32\rdshost32.exe
C:\WINDOWS\system32\red.exe
C:\WINDOWS\system32\reg_0001.txt
C:\WINDOWS\system32\regcleaner.exe
C:\WINDOWS\system32\regserve.exe
C:\WINDOWS\system32\remote.cmd
C:\WINDOWS\system32\Restore\restore.exe
C:\WINDOWS\system32\reterx.exe
C:\WINDOWS\system32\revolution.exe
C:\WINDOWS\system32\robin.exe
C:\WINDOWS\system32\rpcnqasf.dll
C:\WINDOWS\system32\rpmsvc.exe
C:\WINDOWS\system32\rstwa.ini
C:\WINDOWS\system32\rstwa.tmp
C:\WINDOWS\system32\rtutvb5d.dll
C:\WINDOWS\system32\rundl132.exe
C:\WINDOWS\system32\s2.exe
C:\WINDOWS\system32\sarcaz.scr
C:\WINDOWS\system32\scamdisk.exe
C:\WINDOWS\system32\scammdisk.exe
C:\WINDOWS\system32\scbs.scr
C:\WINDOWS\system32\scfvost.exe
C:\WINDOWS\system32\schostt.exe
C:\WINDOWS\system32\schoty.cmd
C:\WINDOWS\system32\scp3wiav.dll
C:\WINDOWS\system32\sdrivew32.exe
C:\WINDOWS\system32\seclkbdn.dll
C:\WINDOWS\system32\Security\Firewall.exe
C:\WINDOWS\system32\Security\klog.dat
C:\WINDOWS\system32\Security\WinUpdate.exe
C:\WINDOWS\system32\segder32.exe
C:\WINDOWS\system32\segtem32.exe
C:\WINDOWS\system32\segtem332.exe
C:\WINDOWS\system32\sender32.exe
C:\WINDOWS\system32\sendwmdm.exe
C:\WINDOWS\system32\serbw.exe
C:\WINDOWS\system32\server.exe
C:\WINDOWS\system32\service.exe
C:\WINDOWS\system32\service\navupdt.exe
C:\WINDOWS\system32\service\navupdt2.exe
C:\WINDOWS\system32\service\service.dll
C:\WINDOWS\system32\service\service.dll*
C:\WINDOWS\system32\service\service2.dll
C:\WINDOWS\system32\service\services.exe
C:\WINDOWS\system32\servico.exe
C:\WINDOWS\system32\servics.exe
C:\WINDOWS\system32\setting.ini
C:\WINDOWS\system32\setupx32.exe
C:\WINDOWS\system32\sever32.exe
C:\WINDOWS\system32\sevicess.scr
C:\WINDOWS\system32\sexy_bedroom.pif
C:\WINDOWS\system32\shdosbei.dat
C:\WINDOWS\system32\shdosbei.dll
C:\WINDOWS\system32\shdosbei.exe
C:\WINDOWS\system32\shell32dll.exe
C:\WINDOWS\system32\SICB.exe
C:\WINDOWS\system32\SICB.scr
C:\WINDOWS\system32\simdataconf.dll
C:\WINDOWS\system32\sistema.exe
C:\WINDOWS\system32\sistrat.scr
C:\WINDOWS\system32\skcvhost.exe
C:\WINDOWS\system32\skcvhosthk.dll
C:\WINDOWS\system32\skcvhostr.exe
C:\WINDOWS\system32\Sk -
AUTRE RAPPORT msnFIX
MSNFix 1.551
C:\MSNFix
Fix exécuté le 19/10/2007 - 1:24:49,65 By julie
mode normal
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Fichiers suspects
Aucun Fichier trouvé
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
SUIS ENTRAIN DE FAIRE AVG
a TOUTE SUITE
MERCI ENCORE
Elchichador -
VOICI LE RAPPORT AVG:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 08:22:54 19/10/2007
+ Résultat de l'analyse:
C:\Documents and Settings\clara\Cookies\clara@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@247realmedia[3].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@gettyimages.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@msnaccountservices.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@112.2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@autoscout24.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@canalplus.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@clubmed.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@cmpmedica.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@divx.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@eurostar.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hertz.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hotelopia.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hotelscom.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@maxis.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@mistergooddeal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@roomsnet.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@voyagescarrefour.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@4.adbrite[3].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adjuggler[2].txt -> TrackingCookie.Adjuggler : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@www.adobe[1].txt -> TrackingCookie.Adobe : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@advertising[3].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adviva[3].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@com[1].txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@com[1].txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@doubleclick[3].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@estat[3].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@fastclick[3].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@media.fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-futurepub.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-quiksilver.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-shoppersdrugmart.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-telecomitalia.hitbox[3].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-vivacances.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-youtube.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-youtube.hitbox[3].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@search.live[3].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@search.live[4].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@search.live[2].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@mediaplex[3].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@france.real[1].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@france.real[3].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@bs.serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@sexlist[1].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@counter11.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@counter12.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@counter9.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@smartadserver[3].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@statcounter[3].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@web-stat[2].txt -> TrackingCookie.Web-stat : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@statse.webtrendslive[3].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@c5.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
MERCI DE M'INDIQUER LES AUTRES ETAPES A SUIVRE
Elchichador -
Bonjour
Télécharger sur le bureau
MSNcleaner.zip http://www.clubic.com/lancer-le-telechargement-53800-0-msncleaner.html
=> Clic-Droit sur MSNcleaner_ms
=> Extraire ici ( ou extraire sans confirmation ou tout ou unzip)
=> Double-Clic sur le dossier MSNcleaner qui vient de se créer
=> Double-Clic Analyze
=> Si infection trouvée => clic Delete
=> Un rapport Msncleaner => dans C:\ -
Probléme: lorsque je veux dezippé MSNcleaner il s'affiche:WinRaR Messages de diagnostic "Impossible d'ouvrir MSNcleaner.exe Le processus ne peut pas acceder au fichier car ce fichier est utilisé par un autre processus".
J'ai redemarer mon pc, idem. j'ai alors telecharger MSNcleaner depuis un autre site: idem.
Que faire?
Merci de vos reponse -
j'ai fait MSN fix qui ne retrouve rien, AVG puis HiJackthis mais le virus n'est pas parti
Voici les 3 rapports:
MSNFix 1.551
C:\MSNFix
Fix exécuté le 19/10/2007 - 11:21:10,82 By julie
mode normal
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Fichiers suspects
Aucun Fichier trouvé
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 08:22:54 19/10/2007
+ Résultat de l'analyse:
C:\Documents and Settings\clara\Cookies\clara@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@247realmedia[3].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@gettyimages.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@msnaccountservices.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@112.2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@autoscout24.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@canalplus.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@clubmed.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@cmpmedica.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@divx.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@eurostar.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hertz.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hotelopia.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hotelscom.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@maxis.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@mistergooddeal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@roomsnet.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@voyagescarrefour.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@4.adbrite[3].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adjuggler[2].txt -> TrackingCookie.Adjuggler : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@www.adobe[1].txt -> TrackingCookie.Adobe : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@advertising[3].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adviva[3].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@com[1].txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@com[1].txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@doubleclick[3].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@estat[3].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@fastclick[3].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@media.fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-futurepub.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-quiksilver.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-shoppersdrugmart.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-telecomitalia.hitbox[3].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-vivacances.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-youtube.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-youtube.hitbox[3].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@search.live[3].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@search.live[4].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@search.live[2].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@mediaplex[3].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@france.real[1].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@france.real[3].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@bs.serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@sexlist[1].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@counter11.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@counter12.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@counter9.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@smartadserver[3].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@statcounter[3].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@web-stat[2].txt -> TrackingCookie.Web-stat : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@statse.webtrendslive[3].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@c5.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:36:32, on 19/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\julie\Bureau\test.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Zshutdown] c:\sysprep\patch\sysprep.cmd
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
End of file-9564 bytes
Que faire? Virus toujours present!! -
j'ai fait MSN fix qui ne retrouve rien, AVG puis HiJackthis mais le virus n'est pas parti
Voici les 3 rapports:
MSNFix 1.551
C:\MSNFix
Fix exécuté le 19/10/2007 - 11:21:10,82 By julie
mode normal
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Fichiers suspects
Aucun Fichier trouvé
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: https://www.ionos.fr/
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 08:22:54 19/10/2007
+ Résultat de l'analyse:
C:\Documents and Settings\clara\Cookies\clara@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@247realmedia[3].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@gettyimages.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@msnaccountservices.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@112.2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@2o7[3].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@autoscout24.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@canalplus.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@clubmed.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@cmpmedica.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@divx.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@eurostar.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hertz.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hotelopia.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hotelscom.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@maxis.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@mistergooddeal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@roomsnet.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@voyagescarrefour.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@4.adbrite[3].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adjuggler[2].txt -> TrackingCookie.Adjuggler : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@www.adobe[1].txt -> TrackingCookie.Adobe : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@advertising[3].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adviva[3].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@com[1].txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@com[1].txt -> TrackingCookie.Com : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@doubleclick[3].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@estat[3].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@fastclick[3].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@media.fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-futurepub.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-nokiafin.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-quiksilver.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-shoppersdrugmart.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-telecomitalia.hitbox[3].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-vivacances.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-youtube.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ehg-youtube.hitbox[3].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@searchportal.information[1].txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@search.live[3].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@search.live[4].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@search.live[2].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@mediaplex[3].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@stat.onestat[2].txt -> TrackingCookie.Onestat : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ads.planetactive[1].txt -> TrackingCookie.Planetactive : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@questionmarket[2].txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@france.real[1].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@france.real[3].txt -> TrackingCookie.Real : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@bs.serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@sexlist[1].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@counter11.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@counter12.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@counter9.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@smartadserver[3].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@statcounter[3].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@tacoda[1].txt -> TrackingCookie.Tacoda : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@tribalfusion[2].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@web-stat[2].txt -> TrackingCookie.Web-stat : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@statse.webtrendslive[3].txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\clara\Cookies\clara@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\tom\Cookies\tom@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@c5.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\julie\Cookies\julie@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:36:32, on 19/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\WINDOWS\system32\ASWLSVC.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
C:\Program Files\Network Associates\VirusScan\Mcshield.exe
C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\sm56hlpr.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\ASUS\ASUS Live Update\ALU.exe
C:\Program Files\Wireless Console 2\wcourier.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe
C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\eMule\emule.exe
C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mim.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\MMDiag.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\julie\Bureau\test.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ASUS Live Update] C:\Program Files\ASUS\ASUS Live Update\ALU.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Zshutdown] c:\sysprep\patch\sysprep.cmd
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [Control Center] C:\Program Files\ASUS\WLAN Card Utilities\Center.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [ShStatEXE] "C:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: ASUS ChkMail.lnk = C:\Program Files\ASUS\Asus ChkMail\ChkMail.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=https://www.asus.com/fr/
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://signin3.valueactive.com/Register/Branding/olr3313/OCX/flashax.cab
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Fichiers communs\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASWLSVC - Unknown owner - C:\WINDOWS\system32\ASWLSVC.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: Service Framework McAfee (McAfeeFramework) - Network Associates, Inc. - C:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\Mcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - C:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
End of file-9564 bytes
Que faire? Virus toujours present!! -
Bonjour
Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix, Il va te poser une question, réponds par la touche 1 et entrée pour valider.
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport. -
VOICI LE RAPPORT DE COMBOFIX:
ComboFix 07-10-20.6 - julie 2007-10-20 12:37:55.1 - [color=red][b]FAT32[/b][/color]x86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.1360 [GMT 2:00]
Running from: C:\Documents and Settings\julie\Bureau\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((( Fichiers créés 2007-09-20 to 2007-10-20 ))))))))))))))))))))))))))))))))))))
.
2007-10-20 12:37 51,200 --a------ C:\WINDOWS\NirCmd.exe
2007-10-20 01:15 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-10-20 01:10 <REP> d--hs---- C:\FOUND.012
2007-10-20 00:02 <REP> d-------- C:\BackUpMSNCleaner
2007-10-19 19:44 <REP> d-------- C:\Documents and Settings\clara\Application Data\Grisoft
2007-10-19 01:59 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-10-19 01:39 <REP> d-------- C:\Documents and Settings\julie\Application Data\Grisoft
2007-10-19 01:39 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-10-19 01:39 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-10-19 00:39 <REP> d-------- C:\MSNFix
2007-10-18 19:32 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-10-18 19:32 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-10-14 13:16 <REP> d-------- C:\quarantine
2007-10-14 13:07 <REP> d-------- C:\Documents and Settings\All Users\Application Data\QuickTime
2007-10-10 16:01 <REP> d--hs---- C:\FOUND.011
2007-10-07 12:43 <REP> d-------- C:\WINDOWS\system32\FlashAX
2007-10-07 12:42 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MGS
2007-10-02 21:55 <REP> d-------- C:\Documents and Settings\julie\Application Data\DivX
2007-10-02 21:55 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-10-02 21:54 <REP> d-------- C:\Program Files\DivX
2007-10-01 22:39 <REP> d-------- C:\MicroGaming
2007-09-24 21:47 <REP> d-------- C:\Program Files\iTunes
2007-09-24 21:47 <REP> d-------- C:\Program Files\iPod
2007-09-23 13:25 <REP> d-------- C:\Documents and Settings\clara\Application Data\Apple Computer
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-09-18 15:38 --------- d-----w C:\Documents and Settings\tom\Application Data\Apple Computer
2007-09-17 20:30 --------- d-----w C:\Documents and Settings\julie\Application Data\Apple Computer
2007-09-17 20:29 --------- d-----w C:\Program Files\QuickTime
2007-09-17 20:29 --------- d-----w C:\Program Files\Apple Software Update
2007-09-17 20:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-09-17 20:28 --------- d-----w C:\Program Files\Fichiers communs\Apple
2007-09-17 20:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-09-11 23:14 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-09-06 11:28 30,336 ----a-w C:\WINDOWS\system32\drivers\usbaapl.sys
2007-08-31 21:36 --------- d-----w C:\Program Files\Fire International
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-08-21 06:17 683,520 ----a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-08-20 09:59 824,832 ----a-w C:\WINDOWS\system32\dllcache\wininet.dll
2007-08-20 09:59 671,232 ----a-w C:\WINDOWS\system32\dllcache\mstime.dll
2007-08-20 09:59 63,488 ------w C:\WINDOWS\system32\dllcache\icardie.dll
2007-08-20 09:59 6,058,496 ------w C:\WINDOWS\system32\dllcache\ieframe.dll
2007-08-20 09:59 52,224 ------w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-08-20 09:59 477,696 ----a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-08-20 09:59 459,264 ------w C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-08-20 09:59 44,544 ----a-w C:\WINDOWS\system32\dllcache\iernonce.dll
2007-08-20 09:59 384,512 ----a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-08-20 09:59 383,488 ------w C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-08-20 09:59 3,584,512 ----a-w C:\WINDOWS\system32\dllcache\mshtml.dll
2007-08-20 09:59 27,648 ----a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-08-20 09:59 267,776 ------w C:\WINDOWS\system32\dllcache\iertutil.dll
2007-08-20 09:59 232,960 ----a-w C:\WINDOWS\system32\dllcache\webcheck.dll
2007-08-20 09:59 230,400 ----a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-08-20 09:59 214,528 ----a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
2007-08-20 09:59 193,024 ----a-w C:\WINDOWS\system32\dllcache\msrating.dll
2007-08-20 09:59 153,088 ----a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-08-20 09:59 132,608 ----a-w C:\WINDOWS\system32\dllcache\extmgr.dll
2007-08-20 09:59 124,928 ----a-w C:\WINDOWS\system32\dllcache\advpack.dll
2007-08-20 09:59 105,984 ----a-w C:\WINDOWS\system32\dllcache\url.dll
2007-08-20 09:59 102,400 ----a-w C:\WINDOWS\system32\dllcache\occache.dll
2007-08-20 09:59 1,152,000 ----a-w C:\WINDOWS\system32\dllcache\urlmon.dll
2007-08-17 10:22 63,488 ----a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-08-17 10:22 625,152 ----a-w C:\WINDOWS\system32\dllcache\iexplore.exe
2007-08-17 10:22 13,824 ------w C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-08-17 07:34 161,792 ----a-w C:\WINDOWS\system32\dllcache\ieakui.dll
2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 17:19 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-07-30 17:19 549,720 ----a-w C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-07-30 17:19 53,080 ----a-w C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 17:19 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-07-30 17:19 325,976 ----a-w C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-07-30 17:19 203,096 ----a-w C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-07-30 17:19 1,712,984 ----a-w C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-07-30 17:18 33,624 ----a-w C:\WINDOWS\system32\dllcache\wups.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HControl"="C:\WINDOWS\ATK0100\HControl.exe" [2006-04-17 02:24]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-04-27 09:47]
"nwiz"="nwiz.exe" [2006-04-27 09:47 C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2006-04-27 09:47]
"SMSERIAL"="sm56hlpr.exe" [2006-01-19 21:34 C:\WINDOWS\sm56hlpr.exe]
"RTHDCPL"="RTHDCPL.EXE" [2005-12-18 23:52 C:\WINDOWS\RTHDCPL.exe]
"ASUS Live Update"="C:\Program Files\ASUS\ASUS Live Update\ALU.exe" [2006-02-21 15:20]
"Wireless Console 2"="C:\Program Files\Wireless Console 2\wcourier.exe" [2005-10-17 17:09]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2005-10-20 23:26]
"Zshutdown"="c:\sysprep\patch\sysprep.cmd" []
"Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2006-03-06 17:13]
"Control Center"="C:\Program Files\ASUS\WLAN Card Utilities\Center.exe" [2005-06-15 15:50]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"RemoteControl"="C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe" [2005-01-12 03:01]
"WinampAgent"="C:\Program Files\Winamp\Winampa.exe" [2002-04-29 21:20]
"MimBoot"="C:\PROGRA~1\MUSICM~1\MUSICM~1\mimboot.exe" [2005-05-10 16:04]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-06-29 06:24]
"ShStatEXE"="C:\Program Files\Network Associates\VirusScan\SHSTAT.exe" [2004-09-22 20:00]
"McAfeeUpdaterUI"="C:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" [2004-08-06 03:50]
"Network Associates Error Reporting Service"="C:\Program Files\Fichiers communs\Network Associates\TalkBack\TBMon.exe" [2003-10-07 09:48]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-09-14 10:00]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 11:25]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00]
"updateMgr"="c:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2006-03-30 16:45]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-28 15:35]
"SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [2007-08-31 16:46]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [2007-05-13 16:57]
R1 NaiAvTdi1;NaiAvTdi1;C:\WINDOWS\system32\drivers\mvstdi5x.sys
R3 ASNDIS5;ASNDIS5 Protocol Driver;\??\C:\WINDOWS\system32\ASNDIS5.SYS
R3 nvsmu;nvsmu;C:\WINDOWS\system32\DRIVERS\nvsmu.sys
R3 SynMini;USB2.0 1.3M Web Cam;C:\WINDOWS\system32\Drivers\SynMini.sys
R3 SynScan;USB2.0 1.3M Web Cam Still Image;C:\WINDOWS\system32\Drivers\SynScan.sys
S3 USBAAPL;Apple Mobile USB Driver;C:\WINDOWS\system32\Drivers\usbaapl.sys
*Newly Created Service* - CATCHME
.
**************************************************************************
catchme 0.3.1232 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-10-20 12:39:17
Windows 5.1.2600 Service Pack 2 FAT NTAPI
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-10-20 12:40:11
.
--- E O F ---
le virus est toujours present mais ne semble pas etre detecté, j'ai également scanné avec spybot et corrigé les erreurs mais sans resultats sur les effets du virus.
Merci de m'indiquer quoi faire -
maintenant faire ceci
Télécharger sur le bureau : [url=http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe]navilog.exe[/url]
= Double-Clic navilog1.zip
= Extraire tout ( ou extraire sans confirmation ou unzip)
= Double-Clic navilog1 qui est sur le bureau
= Appuyer sur une touche jusqu' arriver aux options
= Choisir option 1 ( = taper 1 )
ne pas utiliser les autres sans avis , il peut y avoir des processus légitimes
le rapport se trouve dans c: fixnavi.txt
tu postes ce rapport.
---------------------
2°) Télecharger [url=http://www.malekal.com/download/clean.zip]clean.zip[/url] sur le bureau
Dézipper sur le bureau.
= ouvrir le dossier clean
= cliquer sur le symbole roue dentée avec le nom clean
= choisir l'option 1 et laisser clean travailler jusqu'à l'apparition du texte "appuyer sur une touche pour continuer"
= ensuite colle le rapport -
Voici le rapport de Navilog:
Search Navipromo version 3.3.0 commencé le 20/10/2007 à 13:30:16,32
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 17.10.2007 à 20h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\julie\Application Data ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDÉ~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun fichier trouvé dans :
- C:\WINDOWS\system32
- C:\DOCUME~1\JULIE\LOCALS~1\APPLIC~1
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
Fichiers suspects :
* Recherche dans C:\DOCUME~1\JULIE\LOCALS~1\APPLIC~1 *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
3)Recherche Certificats :
Certificat Egroup absent !
*** Analyse terminée le 20/10/2007 à 13:30:32,15 ***
Je fais malekal et je te le poste, merci pour ton aide -
Voici le rappoert de clean:
20/10/2007 a 13:35:24,76
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
*** Recherche des fichiers dans C:\Program Files
*** Fin du rapport !
Que faire maintenant? -
c'est deux rapports n'indique aucune infections
as tu ccleaner, adaware,
si non
tu peut télécharger ceci
et utiliser réguliérement
CCleaner
https://www.01net.com/telecharger/windows/Utilitaire/nettoyeurs_et_installeurs/fiches/32599.html
un tuto pour l'aide
https://forums.cnetfrance.fr
Ad-Aware
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/11643.html
un tuto pour l’aide
http://www.kachouri.com/tuto/tuto-327-ad-aware-2007--detecter-et-retirer-les-spywares.html
-
Je les telecharge et les applique puis te tiens au courant.
Merci -
ok une fois que tu les appliquer
fait aussi spybot
ensuite
fais un scan avec bitdefender et colle le rapport regarde avant le tuto pour l'aide
https://www.bitdefender.fr/
un tuto (merci Balltrap34)
http://pageperso.aol.fr/rginformatique/mapage/defender.htm -
Bonjour,
J'ai le même problème : j'ai 2 virus à savoir back door win 32 sdbot.bzy et trojan downloader win 32 agent ( grace à msn)!
J'ai effectué les manip recommandées telles un sacn de kapersky (après avoir désactivé avast), j'ai téléchargé msn fix zip et fait le nettoyage, et demander un rapport sur hijackthis.
Le voici
ogfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:32:34, on 27/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Wanadoo\Watch.exe
C:\PROGRA~1\Wanadoo\WOOBrowser\WOOBrowser.exe
C:\PROGRA~1\Wanadoo\WOOBRO~1\DownloadManager.exe
C:\DOCUME~1\Yasmine\LOCALS~1\Temp\Répertoire temporaire 1 pour HiJackThis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.orange.fr/portail
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://C:\APPS\IE\offline\fr.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O1 - Hosts: 212.150.54.250 dv-networks.com
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Program Files\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing)
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-90F0-F66AB581A933} - (no file)
O2 - BHO: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll (file missing)
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: PBFRV2 - {4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} - C:\WINDOWS\system32\pbfrv2.dll (file missing)
O3 - Toolbar: RX Toolbar - {25D8BACF-3DE2-4B48-AE22-D659B8D835B0} - C:\Program Files\RXToolBar\RXToolBar.dll (file missing)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll (file missing)
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Raccourci vers la page des propriétés de High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program Files\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Fichiers communs\AOL\ACS\AOLDial.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?43dbaf820284418ca61f9e35f2fb3660
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?43dbaf820284418ca61f9e35f2fb3660
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - https://www.kaspersky.fr/?domain=webscanner.kaspersky.fr
O16 - DPF: {87AF076E-D86D-4E87-ADDD-F05804E1F150} - https://www.vm-wl.com/DownloadManager/Release/Prod/DownMan.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Filter hijack: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Service de l'iPod (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing)
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
