Win32 bho kd trj
Résolu/Fermé
Mab24
Messages postés
15
Date d'inscription
mercredi 2 janvier 2008
Statut
Membre
Dernière intervention
22 janvier 2008
-
2 janv. 2008 à 20:45
Auudrey - 13 mars 2008 à 21:28
Auudrey - 13 mars 2008 à 21:28
34 réponses
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
2 janv. 2008 à 20:55
2 janv. 2008 à 20:55
Bonsoir
commence par ceci
Télécharge sur le bureau
ftp://ftp.commentcamarche.com/download/HJTInstall.exe
=> Double-clic dessus
=> installe
=> Clic Do a system scan and save the log
=> coller le rapport
si problème voir l'aide
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
@+
commence par ceci
Télécharge sur le bureau
ftp://ftp.commentcamarche.com/download/HJTInstall.exe
=> Double-clic dessus
=> installe
=> Clic Do a system scan and save the log
=> coller le rapport
si problème voir l'aide
http://perso.orange.fr/rginformatique/section%20virus/demohijack.htm
@+
Mab24
Messages postés
15
Date d'inscription
mercredi 2 janvier 2008
Statut
Membre
Dernière intervention
22 janvier 2008
2 janv. 2008 à 23:04
2 janv. 2008 à 23:04
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:33:23, on 02/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\System32\sstray.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\BeClean\bca.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\WinPortrait\floater.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PowerArchiver\POWERARC.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fr.netscape.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.fr.netscape.com/fr/home/winsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.fr.netscape.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N1 - Netscape 4: user_pref("browser.startup.homepage", ""); (C:\Program Files\Netscape\Users\jluc\prefs.js)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {49C1BF4E-99D8-4B5F-B58D-C4B3E48B9C69} - c:\windows\system32\ekfpixguide.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {A58292AC-4B5C-4808-AC1D-72B6ED98ECB0} - C:\WINDOWS\System32\avwavh.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BeClean Start-Up Clean] C:\Program Files\BeClean\BeClean.exe /s
O4 - HKLM\..\Run: [BeClean Agent] C:\Program Files\BeClean\bca.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/2328ee0e86968d964622/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O20 - Winlogon Notify: dmcepizw - C:\WINDOWS\SYSTEM32\ekfpixguide.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/dubos/LOCALS~1/Temp/msohtml1/01/clip_image003.gif
Scan saved at 22:33:23, on 02/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\System32\sstray.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\BeClean\bca.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\WinPortrait\floater.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PowerArchiver\POWERARC.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fr.netscape.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.fr.netscape.com/fr/home/winsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.fr.netscape.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N1 - Netscape 4: user_pref("browser.startup.homepage", ""); (C:\Program Files\Netscape\Users\jluc\prefs.js)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {49C1BF4E-99D8-4B5F-B58D-C4B3E48B9C69} - c:\windows\system32\ekfpixguide.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {A58292AC-4B5C-4808-AC1D-72B6ED98ECB0} - C:\WINDOWS\System32\avwavh.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BeClean Start-Up Clean] C:\Program Files\BeClean\BeClean.exe /s
O4 - HKLM\..\Run: [BeClean Agent] C:\Program Files\BeClean\bca.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/2328ee0e86968d964622/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O20 - Winlogon Notify: dmcepizw - C:\WINDOWS\SYSTEM32\ekfpixguide.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/dubos/LOCALS~1/Temp/msohtml1/01/clip_image003.gif
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
2 janv. 2008 à 23:07
2 janv. 2008 à 23:07
Télécharge sur le Bureau.
http://www.atribune.org/ccount/click.php?id=4
=> Double-clic VundoFix.exe.
=> Clic OK
=> Attendre le redemarrage de Vundofix
=> Clic Scan for Vundo
=> Le scan est assez long , à la fin
=> Clic Remove Vundo
=> Puis yes
=> Le Bureau disparaît un moment lors de la suppression des fichiers.
=> Message shutdown
=> clic OK
=> Redémarrage auto
=> copier le rapport qui est dans C:vundofix.txt
-------------
ensuite
Télécharge sur le bureau
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
=> Double clic sur VirtumundoBeGone.exe
=> Clic Continue ==> clic Start
=> Clic Oui
=> A la fin si Vundo est présent , le PC s’éteint et redémarre
=> Si Ecran bleu et message : Erreur fatale .. pas de problème
=> Poster le rapport VBG.TXT qui est sur le bureau
ensuite une fois ceci fait refais un rapport hijack
@+
http://www.atribune.org/ccount/click.php?id=4
=> Double-clic VundoFix.exe.
=> Clic OK
=> Attendre le redemarrage de Vundofix
=> Clic Scan for Vundo
=> Le scan est assez long , à la fin
=> Clic Remove Vundo
=> Puis yes
=> Le Bureau disparaît un moment lors de la suppression des fichiers.
=> Message shutdown
=> clic OK
=> Redémarrage auto
=> copier le rapport qui est dans C:vundofix.txt
-------------
ensuite
Télécharge sur le bureau
http://secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
=> Double clic sur VirtumundoBeGone.exe
=> Clic Continue ==> clic Start
=> Clic Oui
=> A la fin si Vundo est présent , le PC s’éteint et redémarre
=> Si Ecran bleu et message : Erreur fatale .. pas de problème
=> Poster le rapport VBG.TXT qui est sur le bureau
ensuite une fois ceci fait refais un rapport hijack
@+
Mab24
Messages postés
15
Date d'inscription
mercredi 2 janvier 2008
Statut
Membre
Dernière intervention
22 janvier 2008
3 janv. 2008 à 01:02
3 janv. 2008 à 01:02
[01/03/2008, 1:03:48] - VirtumundoBeGone v1.5 ( "F:\Downloads\applications\VirtumundoBeGone.exe" )
[01/03/2008, 1:03:54] - Detected System Information:
[01/03/2008, 1:03:54] - Windows Version: 5.1.2600, Service Pack 1
[01/03/2008, 1:03:54] - Current Username: xxxxx (Admin)
[01/03/2008, 1:03:54] - Windows is in NORMAL mode.
[01/03/2008, 1:03:54] - Searching for Browser Helper Objects:
[01/03/2008, 1:03:54] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[01/03/2008, 1:03:54] - BHO 2: {49C1BF4E-99D8-4B5F-B58D-C4B3E48B9C69} ()
[01/03/2008, 1:03:54] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/03/2008, 1:03:54] - Checking for HKLM\...\Winlogon\Notify\ekfpixguide
[01/03/2008, 1:03:54] - Key not found: HKLM\...\Winlogon\Notify\ekfpixguide, continuing.
[01/03/2008, 1:03:54] - BHO 3: {A5366673-E8CA-11D3-9CD9-0090271D075B} ()
[01/03/2008, 1:03:54] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/03/2008, 1:03:54] - No filename found. Continuing.
[01/03/2008, 1:03:54] - BHO 4: {A58292AC-4B5C-4808-AC1D-72B6ED98ECB0} ()
[01/03/2008, 1:03:54] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/03/2008, 1:03:54] - Checking for HKLM\...\Winlogon\Notify\avwavh
[01/03/2008, 1:03:54] - Key not found: HKLM\...\Winlogon\Notify\avwavh, continuing.
[01/03/2008, 1:03:54] - Finished Searching Browser Helper Objects
[01/03/2008, 1:03:54] - Finishing up...
[01/03/2008, 1:03:55] - Nothing found! Exiting...
[01/03/2008, 1:03:54] - Detected System Information:
[01/03/2008, 1:03:54] - Windows Version: 5.1.2600, Service Pack 1
[01/03/2008, 1:03:54] - Current Username: xxxxx (Admin)
[01/03/2008, 1:03:54] - Windows is in NORMAL mode.
[01/03/2008, 1:03:54] - Searching for Browser Helper Objects:
[01/03/2008, 1:03:54] - BHO 1: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} (Aide pour le lien d'Adobe PDF Reader)
[01/03/2008, 1:03:54] - BHO 2: {49C1BF4E-99D8-4B5F-B58D-C4B3E48B9C69} ()
[01/03/2008, 1:03:54] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/03/2008, 1:03:54] - Checking for HKLM\...\Winlogon\Notify\ekfpixguide
[01/03/2008, 1:03:54] - Key not found: HKLM\...\Winlogon\Notify\ekfpixguide, continuing.
[01/03/2008, 1:03:54] - BHO 3: {A5366673-E8CA-11D3-9CD9-0090271D075B} ()
[01/03/2008, 1:03:54] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/03/2008, 1:03:54] - No filename found. Continuing.
[01/03/2008, 1:03:54] - BHO 4: {A58292AC-4B5C-4808-AC1D-72B6ED98ECB0} ()
[01/03/2008, 1:03:54] - WARNING: BHO has no default name. Checking for Winlogon reference.
[01/03/2008, 1:03:54] - Checking for HKLM\...\Winlogon\Notify\avwavh
[01/03/2008, 1:03:54] - Key not found: HKLM\...\Winlogon\Notify\avwavh, continuing.
[01/03/2008, 1:03:54] - Finished Searching Browser Helper Objects
[01/03/2008, 1:03:54] - Finishing up...
[01/03/2008, 1:03:55] - Nothing found! Exiting...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Mab24
Messages postés
15
Date d'inscription
mercredi 2 janvier 2008
Statut
Membre
Dernière intervention
22 janvier 2008
3 janv. 2008 à 01:04
3 janv. 2008 à 01:04
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 01:06:39, on 03/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\System32\sstray.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\BeClean\bca.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\WinPortrait\floater.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fr.netscape.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.fr.netscape.com/fr/home/winsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.fr.netscape.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N1 - Netscape 4: user_pref("browser.startup.homepage", ""); (C:\Program Files\Netscape\Users\jluc\prefs.js)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {49C1BF4E-99D8-4B5F-B58D-C4B3E48B9C69} - c:\windows\system32\ekfpixguide.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {A58292AC-4B5C-4808-AC1D-72B6ED98ECB0} - C:\WINDOWS\System32\avwavh.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BeClean Start-Up Clean] C:\Program Files\BeClean\BeClean.exe /s
O4 - HKLM\..\Run: [BeClean Agent] C:\Program Files\BeClean\bca.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/2328ee0e86968d964622/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O20 - Winlogon Notify: dmcepizw - C:\WINDOWS\SYSTEM32\ekfpixguide.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/dubos/LOCALS~1/Temp/msohtml1/01/clip_image003.gif
Scan saved at 01:06:39, on 03/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\System32\sstray.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\BeClean\bca.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\WinPortrait\floater.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fr.netscape.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.fr.netscape.com/fr/home/winsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.fr.netscape.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N1 - Netscape 4: user_pref("browser.startup.homepage", ""); (C:\Program Files\Netscape\Users\jluc\prefs.js)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {49C1BF4E-99D8-4B5F-B58D-C4B3E48B9C69} - c:\windows\system32\ekfpixguide.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)
O2 - BHO: (no name) - {A58292AC-4B5C-4808-AC1D-72B6ED98ECB0} - C:\WINDOWS\System32\avwavh.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BeClean Start-Up Clean] C:\Program Files\BeClean\BeClean.exe /s
O4 - HKLM\..\Run: [BeClean Agent] C:\Program Files\BeClean\bca.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/2328ee0e86968d964622/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O20 - Winlogon Notify: dmcepizw - C:\WINDOWS\SYSTEM32\ekfpixguide.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/dubos/LOCALS~1/Temp/msohtml1/01/clip_image003.gif
Mab24
Messages postés
15
Date d'inscription
mercredi 2 janvier 2008
Statut
Membre
Dernière intervention
22 janvier 2008
3 janv. 2008 à 11:46
3 janv. 2008 à 11:46
Bonjour,
Avast me détecte toujours le même trojan.
Ai je fait une mauvaise manip ?
Avast me détecte toujours le même trojan.
Ai je fait une mauvaise manip ?
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
3 janv. 2008 à 20:28
3 janv. 2008 à 20:28
Bonsoir
non mais la bête résiste ;-)
Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix,
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
@+
Ai je fait une mauvaise manip ?
non mais la bête résiste ;-)
Télécharge Combofix sUBs : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
et sauvegarde le sur ton bureau et pas ailleurs!
Double-clic sur combofix,
Attends que combofix ait terminé, un rapport sera créé. Poste le rapport.
@+
j ai le meme probleme apres avoir installe zonne alarm spyware teminator avoir installe adware spybot unlocker le trojan est toujours j ai esaye sous dos de detruire le fichier de faire une copie de fichier avec le meme nom rien a faire
que peut on faire pour le detruire
merci
que peut on faire pour le detruire
merci
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
3 janv. 2008 à 20:59
3 janv. 2008 à 20:59
Salut il faut créer ton propre sujet
http://perso.orange.fr/rginformatique/section%20virus/demofairesontmessage.htm
merci
@+
http://perso.orange.fr/rginformatique/section%20virus/demofairesontmessage.htm
merci
@+
Mab24
Messages postés
15
Date d'inscription
mercredi 2 janvier 2008
Statut
Membre
Dernière intervention
22 janvier 2008
3 janv. 2008 à 23:20
3 janv. 2008 à 23:20
Voici le rapport.
Je crains que le résultat ne soit guère concluant.
Je précise que j'ai effectué les premières manip
ComboFix 08-01-04.1 - dubos 2008-01-04 23:05:42.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.1.1252.1.1036.18.1649 [GMT 1:00]
Running from: C:\Documents and Settings\xxxxx\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\drivers\symavc32.sys
C:\WINDOWS\system32\drivers\XPOF43.sys
C:\WINDOWS\system32\winsys.exe
C:\WINDOWS\system32\ekfpixguide.dll . . . . Echec de suppression
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_XPOF43
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-04 to 2008-01-04 ))))))))))))))))))))))))))))))))))))
.
2008-01-04 23:10 . 2008-01-04 23:10 456 --a------ C:\WINDOWS\system32\miniPortInfo.dat
2008-01-03 22:52 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-03 00:50 . 2008-01-03 00:50 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2008-01-03 00:27 . 2008-01-03 00:50 <REP> d-------- C:\VundoFix Backups
2008-01-02 20:32 . 2008-01-02 20:32 <REP> d-------- C:\Program Files\Trend Micro
2008-01-02 18:44 . 2008-01-02 18:44 <REP> d-------- C:\part2
2008-01-01 20:46 . 2001-08-10 07:00 1,262,956 --------- C:\WINDOWS\system32\XMNT2001.EXE
2007-12-25 19:09 . 2007-12-25 19:09 <REP> d-------- C:\Documents and Settings\dubos\Application Data\Lavasoft
2007-12-25 14:59 . 2007-12-25 16:13 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-12-24 02:02 . 2007-12-24 02:02 1,188,375 --a------ C:\WINDOWS\system32\libeay32.dll
2007-12-24 02:02 . 2007-12-24 02:02 741,632 --a------ C:\WINDOWS\system32\wpxekrqr.dat
2007-12-24 02:02 . 2007-12-24 02:02 246,545 --a------ C:\WINDOWS\system32\libssl32.dll
2007-12-24 02:02 . 2007-12-24 02:02 42,240 --a------ C:\WINDOWS\system32\pnwbfdhn.dat
2007-12-24 02:02 . 2007-12-24 02:02 36,096 --a------ C:\WINDOWS\system32\msdrgcyo.dat
2007-12-24 02:02 . 2007-12-24 02:02 35,072 --a------ C:\WINDOWS\system32\gvziiuby.dat
2007-12-23 21:35 . 2007-12-23 21:35 <REP> d-------- C:\Language-pack 2
2007-12-23 12:47 . 2007-12-25 19:09 <REP> d-------- C:\Program Files\Lavasoft
2007-12-23 01:57 . 2007-12-26 02:21 120,576 --a------ C:\WINDOWS\system32\vdvmzugh.dat
2007-12-23 01:50 . 2007-12-24 02:02 84,992 --a------ C:\WINDOWS\system32\ekfpixguide.dll
2007-12-23 01:50 . 1999-05-07 20:38 84,480 --a------ C:\WINDOWS\system32\ekfpixguide.dll.bak
2007-12-23 01:50 . 19,584 C:\WINDOWS\system32\drivers\lwzosdpg.dat
2007-12-23 01:50 . 2007-12-23 01:50 29 --a------ C:\WINDOWS\system32\rfqwpias.tmp
2007-12-23 01:49 . 2001-08-28 13:00 84,992 --a------ C:\WINDOWS\system32\avwavh.dll
2007-12-20 23:54 . 2007-12-23 21:20 22 --a------ C:\Spanned001.zip
2007-12-20 11:44 . 2007-12-23 01:49 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-20 11:44 . 2007-12-20 11:44 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-19 22:54 . 2008-01-03 03:16 <REP> d-------- C:\Mes Sites Web
2007-12-19 22:51 . 2007-12-19 22:51 <REP> d-------- C:\Program Files\WinHTTrack
2007-12-18 22:43 . 2007-12-18 22:43 <REP> d-------- C:\Program Files\Google
2007-12-18 22:43 . 2006-10-05 03:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-12-18 22:43 . 2006-10-05 03:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-12-16 18:37 . 2007-12-16 20:50 <REP> d-------- C:\Documents and Settings\dubos\Application Data\gtk-2.0
2007-12-16 15:38 . 2007-12-16 15:38 <REP> d-------- C:\Documents and Settings\dubos\Application Data\Inkscape
2007-12-16 15:37 . 2007-12-16 15:37 <REP> d-------- C:\Program Files\Inkscape
2007-12-09 21:52 . 2007-12-09 21:52 <REP> d-------- C:\Program Files\LightWork Design
2007-12-09 21:10 . 2007-12-09 21:10 <REP> d-------- C:\Program Files\Epson
2007-12-09 20:38 . 2007-12-09 22:30 <REP> d-------- C:\Program Files\Adobe Type Manager
2007-12-09 20:36 . 2007-12-09 22:30 <REP> d-------- C:\Program Files\PhotoDeluxe HE 3(2).1
2007-12-09 19:26 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Microsoft Picture It!(2)
2007-12-09 19:11 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Picture Page
2007-12-09 13:42 . 2007-12-09 14:47 5,210 --a------ C:\logfile
2007-12-09 12:50 . 2007-12-09 12:56 <REP> d-------- C:\Program Files\Kodak(2)
2007-12-09 11:31 . 2007-12-09 11:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kodak
2007-12-09 02:56 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\PACard
2007-12-09 02:52 . 2007-12-09 22:32 <REP> d-------- C:\pmw
2007-12-09 02:50 . 2007-12-09 02:50 <REP> d-------- C:\SIERRA
2007-12-09 02:44 . 2007-12-09 22:32 <REP> d-------- C:\WINDOWS\COREL
2007-12-09 02:44 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Corel(2)
2007-12-08 22:02 . 2007-12-09 02:35 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\PhotoParade
2007-12-08 20:58 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Scribus 1.3.4
2007-12-08 20:58 . 2007-12-09 22:32 <REP> d-------- C:\Documents and Settings\dubos\Application Data\Scribus
2007-12-08 13:16 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\gs
2007-12-07 22:33 . 2007-12-18 22:45 <REP> d-------- C:\Program Files\Picasa2
2007-12-06 23:22 . 2008-01-02 18:59 <REP> d-------- C:\Program Files\PhotoFiltre
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-04 22:11 --------- d-----w C:\Program Files\BeClean
2008-01-03 02:06 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-01-02 11:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-02 11:52 --------- d-----w C:\Program Files\PowerQuest
2008-01-02 11:19 --------- d-----w C:\Program Files\eMule
2007-12-09 21:33 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-09 21:29 --------- d-----w C:\Program Files\Fichiers communs\FotoNation
2007-12-06 21:47 --------- d-----w C:\Documents and Settings\dubos\Application Data\ZoomBrowser EX
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-12-01 20:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2007-11-25 21:33 --------- d-----w C:\Documents and Settings\dubos\Application Data\Canon
2007-11-25 21:15 --------- d-----w C:\Program Files\Canon
2007-11-25 21:01 --------- d-----w C:\Program Files\Fichiers communs\Canon
2007-11-18 20:06 --------- d-----w C:\Program Files\Anuman Interactive
2007-11-18 13:56 --------- d-----w C:\Program Files\Common Files
2007-11-18 12:35 540 ---ha-w C:\os062307.bin
2007-11-18 12:27 --------- d-----w C:\Program Files\IMSI
2007-11-18 12:25 --------- d-----w C:\Program Files\FloorPlan 3D v7 Setup
2007-11-18 11:21 --------- d-----w C:\Program Files\D-Tools
2007-11-17 23:53 --------- d-----w C:\Program Files\QuickTime
2007-11-17 23:53 --------- d-----w C:\Program Files\Apple Software Update
2007-11-17 23:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-17 23:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-11-17 22:30 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
2007-11-17 22:14 60,968 ----a-w C:\WINDOWS\system32\wpfb_nv4_disp.dll
2007-11-17 22:14 16,384 ----a-w C:\WINDOWS\system32\WINKRNME.DLL
2007-11-17 22:14 --------- d-----w C:\Program Files\WinPortrait
2007-11-17 21:48 --------- d-----w C:\Program Files\Mozilla Firefox(2)
2007-11-17 21:25 --------- d-----w C:\Program Files\Micro Application
2007-11-16 21:53 --------- d-----w C:\Program Files\Western Digital
2007-11-16 21:34 --------- d-----w C:\Documents and Settings\dubos\Application Data\Leadertech
2007-11-14 23:29 --------- d-----w C:\Program Files\Setup Files
2007-11-14 23:01 --------- d-----w C:\Program Files\MSI
2007-11-14 18:35 --------- d-----w C:\Documents and Settings\dubos\Application Data\Qualcomm
2007-11-14 18:31 --------- d-----w C:\Program Files\Qualcomm
2007-11-14 18:30 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-11-14 17:05 --------- d-----w C:\Documents and Settings\dubos\Application Data\Thunderbird
2007-11-14 12:22 --------- d-----w C:\Program Files\Symantec
2007-11-14 12:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-11-14 09:55 --------- d-----w C:\Program Files\Alwil Software
2003-12-21 09:04 809 ------w C:\Program Files\INSTALL.LOG
2002-03-31 10:36 2,749 -c----w C:\Program Files\readme.txt
2000-04-24 20:15 3,500 -c----w C:\Program Files\cOuGaR-zOnE.nfo
1999-08-18 14:36 135,168 ------w C:\WINDOWS\inf\AGFA\message.exe
1999-08-16 20:05 14,336 ------w C:\Program Files\mod.dll
1995-09-20 15:16 456,976 ----a-w C:\Program Files\Fichiers communs\dao3032.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{49C1BF4E-99D8-4B5F-B58D-C4B3E48B9C69}]
2007-12-24 02:02 84992 --a------ c:\windows\system32\ekfpixguide.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A58292AC-4B5C-4808-AC1D-72B6ED98ECB0}]
2001-08-28 13:00 84992 --a------ C:\WINDOWS\System32\avwavh.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 10:45 13312]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2002-08-20 15:08 1511453]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ptipbmf"="ptipbmf.dll" [2003-06-05 14:49 118784 C:\WINDOWS\system32\ptipbmf.dll]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2007-06-29 00:43 8466432]
"nwiz"="nwiz.exe" [2007-06-29 00:43 1626112 C:\WINDOWS\system32\nwiz.exe]
"WinampAgent"="C:\Program Files\Winamp3\winampa.exe" [2003-12-21 10:06 12288]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32 53248]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-19 20:16 286720]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"CloneCDTray"="C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe" [2002-12-02 15:17 73728]
"CloneCDElbyCDFL"="C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" [2002-11-02 07:33 45056]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 01:02 919280]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2007-01-17 17:01 496640]
"nForce Tray Options"="sstray.exe" [2003-10-24 13:13 73728 C:\WINDOWS\system32\sstray.exe]
"WinSys2"="C:\WINDOWS\System32\winsys2.exe" [2006-04-29 11:36 208896]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2007-06-29 00:43 81920]
"PivotSoftware"="C:\Program Files\WinPortrait\wpctrl.exe" [2003-07-02 23:57 692008]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-08-22 17:05 81920]
"BeClean Start-Up Clean"="C:\Program Files\BeClean\BeClean.exe" [2003-12-01 07:00 249856]
"BeClean Agent"="C:\Program Files\BeClean\bca.exe" [2003-12-01 07:00 36864]
"combofix"="C:\WINDOWS\system32\cmd.exe" [2001-08-28 13:00 388096]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 10:45 13312]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dmcepizw]
ekfpixguide.dll 2007-12-24 02:02 84992 C:\WINDOWS\system32\ekfpixguide.dll
R0 axwhisky;axwhisky;C:\WINDOWS\System32\DRIVERS\axwhisky.sys [2003-07-02 17:41]
R0 axwskbus;axwskbus;C:\WINDOWS\System32\DRIVERS\axwskbus.sys [2003-07-02 16:49]
R0 ElbyVCD;ElbyVCD;C:\WINDOWS\System32\DRIVERS\ElbyVCD.sys [2002-11-28 11:43]
R0 taoebowt;taoebowt;C:\WINDOWS\System32\drivers\lwzosdpg.dat []
R1 pivot;pivot;C:\WINDOWS\System32\drivers\pivot.sys [2003-07-02 23:56]
R3 fhlppppoe;PPPOE/ADSL miniport;C:\WINDOWS\System32\DRIVERS\fhlpppoe.sys [2002-11-21 18:35]
R3 pivotmou;Pivot Mouse/Pointers Filter Driver;C:\WINDOWS\system32\drivers\pivotmou.sys [2003-07-02 23:56]
S2 wxpwwvql;AGP Bus g201a Controller;C:\WINDOWS\System32\svchost.exe [2001-08-28 13:00]
S3 Ip6FwHlp;Pare-feu de connexion Internet IPv6;C:\WINDOWS\System32\svchost.exe [2001-08-28 13:00]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\System32\DRIVERS\usbscan.sys [2002-08-29 01:48]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 01:32]
S4 WEBNTACCESS;WEBNTACCESS;C:\WINDOWS\System32\NTACCESS.SYS [2006-05-18 13:14]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
wxpwwvql
*Newly Created Service* - WEBNTACCESS
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-12-28 07:16:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-14 22:23:52 C:\WINDOWS\Tasks\Gestionnaire d'utilitaires.job"
- C:\WINDOWS\system32\utilman.exe./start
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 23:11:28
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\System32\NavLogon.dll
.
Completion time: 2008-01-04 23:13:42 - machine was rebooted [dubos]
ComboFix-quarantined-files.txt 2008-01-04 22:13:38
Je crains que le résultat ne soit guère concluant.
Je précise que j'ai effectué les premières manip
ComboFix 08-01-04.1 - dubos 2008-01-04 23:05:42.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.1.1252.1.1036.18.1649 [GMT 1:00]
Running from: C:\Documents and Settings\xxxxx\Bureau\ComboFix.exe
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\drivers\symavc32.sys
C:\WINDOWS\system32\drivers\XPOF43.sys
C:\WINDOWS\system32\winsys.exe
C:\WINDOWS\system32\ekfpixguide.dll . . . . Echec de suppression
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\LEGACY_XPOF43
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-04 to 2008-01-04 ))))))))))))))))))))))))))))))))))))
.
2008-01-04 23:10 . 2008-01-04 23:10 456 --a------ C:\WINDOWS\system32\miniPortInfo.dat
2008-01-03 22:52 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-03 00:50 . 2008-01-03 00:50 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2008-01-03 00:27 . 2008-01-03 00:50 <REP> d-------- C:\VundoFix Backups
2008-01-02 20:32 . 2008-01-02 20:32 <REP> d-------- C:\Program Files\Trend Micro
2008-01-02 18:44 . 2008-01-02 18:44 <REP> d-------- C:\part2
2008-01-01 20:46 . 2001-08-10 07:00 1,262,956 --------- C:\WINDOWS\system32\XMNT2001.EXE
2007-12-25 19:09 . 2007-12-25 19:09 <REP> d-------- C:\Documents and Settings\dubos\Application Data\Lavasoft
2007-12-25 14:59 . 2007-12-25 16:13 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-12-24 02:02 . 2007-12-24 02:02 1,188,375 --a------ C:\WINDOWS\system32\libeay32.dll
2007-12-24 02:02 . 2007-12-24 02:02 741,632 --a------ C:\WINDOWS\system32\wpxekrqr.dat
2007-12-24 02:02 . 2007-12-24 02:02 246,545 --a------ C:\WINDOWS\system32\libssl32.dll
2007-12-24 02:02 . 2007-12-24 02:02 42,240 --a------ C:\WINDOWS\system32\pnwbfdhn.dat
2007-12-24 02:02 . 2007-12-24 02:02 36,096 --a------ C:\WINDOWS\system32\msdrgcyo.dat
2007-12-24 02:02 . 2007-12-24 02:02 35,072 --a------ C:\WINDOWS\system32\gvziiuby.dat
2007-12-23 21:35 . 2007-12-23 21:35 <REP> d-------- C:\Language-pack 2
2007-12-23 12:47 . 2007-12-25 19:09 <REP> d-------- C:\Program Files\Lavasoft
2007-12-23 01:57 . 2007-12-26 02:21 120,576 --a------ C:\WINDOWS\system32\vdvmzugh.dat
2007-12-23 01:50 . 2007-12-24 02:02 84,992 --a------ C:\WINDOWS\system32\ekfpixguide.dll
2007-12-23 01:50 . 1999-05-07 20:38 84,480 --a------ C:\WINDOWS\system32\ekfpixguide.dll.bak
2007-12-23 01:50 . 19,584 C:\WINDOWS\system32\drivers\lwzosdpg.dat
2007-12-23 01:50 . 2007-12-23 01:50 29 --a------ C:\WINDOWS\system32\rfqwpias.tmp
2007-12-23 01:49 . 2001-08-28 13:00 84,992 --a------ C:\WINDOWS\system32\avwavh.dll
2007-12-20 23:54 . 2007-12-23 21:20 22 --a------ C:\Spanned001.zip
2007-12-20 11:44 . 2007-12-23 01:49 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-20 11:44 . 2007-12-20 11:44 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-19 22:54 . 2008-01-03 03:16 <REP> d-------- C:\Mes Sites Web
2007-12-19 22:51 . 2007-12-19 22:51 <REP> d-------- C:\Program Files\WinHTTrack
2007-12-18 22:43 . 2007-12-18 22:43 <REP> d-------- C:\Program Files\Google
2007-12-18 22:43 . 2006-10-05 03:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-12-18 22:43 . 2006-10-05 03:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-12-16 18:37 . 2007-12-16 20:50 <REP> d-------- C:\Documents and Settings\dubos\Application Data\gtk-2.0
2007-12-16 15:38 . 2007-12-16 15:38 <REP> d-------- C:\Documents and Settings\dubos\Application Data\Inkscape
2007-12-16 15:37 . 2007-12-16 15:37 <REP> d-------- C:\Program Files\Inkscape
2007-12-09 21:52 . 2007-12-09 21:52 <REP> d-------- C:\Program Files\LightWork Design
2007-12-09 21:10 . 2007-12-09 21:10 <REP> d-------- C:\Program Files\Epson
2007-12-09 20:38 . 2007-12-09 22:30 <REP> d-------- C:\Program Files\Adobe Type Manager
2007-12-09 20:36 . 2007-12-09 22:30 <REP> d-------- C:\Program Files\PhotoDeluxe HE 3(2).1
2007-12-09 19:26 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Microsoft Picture It!(2)
2007-12-09 19:11 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Picture Page
2007-12-09 13:42 . 2007-12-09 14:47 5,210 --a------ C:\logfile
2007-12-09 12:50 . 2007-12-09 12:56 <REP> d-------- C:\Program Files\Kodak(2)
2007-12-09 11:31 . 2007-12-09 11:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kodak
2007-12-09 02:56 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\PACard
2007-12-09 02:52 . 2007-12-09 22:32 <REP> d-------- C:\pmw
2007-12-09 02:50 . 2007-12-09 02:50 <REP> d-------- C:\SIERRA
2007-12-09 02:44 . 2007-12-09 22:32 <REP> d-------- C:\WINDOWS\COREL
2007-12-09 02:44 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Corel(2)
2007-12-08 22:02 . 2007-12-09 02:35 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\PhotoParade
2007-12-08 20:58 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Scribus 1.3.4
2007-12-08 20:58 . 2007-12-09 22:32 <REP> d-------- C:\Documents and Settings\dubos\Application Data\Scribus
2007-12-08 13:16 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\gs
2007-12-07 22:33 . 2007-12-18 22:45 <REP> d-------- C:\Program Files\Picasa2
2007-12-06 23:22 . 2008-01-02 18:59 <REP> d-------- C:\Program Files\PhotoFiltre
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-04 22:11 --------- d-----w C:\Program Files\BeClean
2008-01-03 02:06 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-01-02 11:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-02 11:52 --------- d-----w C:\Program Files\PowerQuest
2008-01-02 11:19 --------- d-----w C:\Program Files\eMule
2007-12-09 21:33 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-09 21:29 --------- d-----w C:\Program Files\Fichiers communs\FotoNation
2007-12-06 21:47 --------- d-----w C:\Documents and Settings\dubos\Application Data\ZoomBrowser EX
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-04 13:04 837,496 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-12-04 12:54 95,608 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-12-01 20:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2007-11-25 21:33 --------- d-----w C:\Documents and Settings\dubos\Application Data\Canon
2007-11-25 21:15 --------- d-----w C:\Program Files\Canon
2007-11-25 21:01 --------- d-----w C:\Program Files\Fichiers communs\Canon
2007-11-18 20:06 --------- d-----w C:\Program Files\Anuman Interactive
2007-11-18 13:56 --------- d-----w C:\Program Files\Common Files
2007-11-18 12:35 540 ---ha-w C:\os062307.bin
2007-11-18 12:27 --------- d-----w C:\Program Files\IMSI
2007-11-18 12:25 --------- d-----w C:\Program Files\FloorPlan 3D v7 Setup
2007-11-18 11:21 --------- d-----w C:\Program Files\D-Tools
2007-11-17 23:53 --------- d-----w C:\Program Files\QuickTime
2007-11-17 23:53 --------- d-----w C:\Program Files\Apple Software Update
2007-11-17 23:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-17 23:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-11-17 22:30 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
2007-11-17 22:14 60,968 ----a-w C:\WINDOWS\system32\wpfb_nv4_disp.dll
2007-11-17 22:14 16,384 ----a-w C:\WINDOWS\system32\WINKRNME.DLL
2007-11-17 22:14 --------- d-----w C:\Program Files\WinPortrait
2007-11-17 21:48 --------- d-----w C:\Program Files\Mozilla Firefox(2)
2007-11-17 21:25 --------- d-----w C:\Program Files\Micro Application
2007-11-16 21:53 --------- d-----w C:\Program Files\Western Digital
2007-11-16 21:34 --------- d-----w C:\Documents and Settings\dubos\Application Data\Leadertech
2007-11-14 23:29 --------- d-----w C:\Program Files\Setup Files
2007-11-14 23:01 --------- d-----w C:\Program Files\MSI
2007-11-14 18:35 --------- d-----w C:\Documents and Settings\dubos\Application Data\Qualcomm
2007-11-14 18:31 --------- d-----w C:\Program Files\Qualcomm
2007-11-14 18:30 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-11-14 17:05 --------- d-----w C:\Documents and Settings\dubos\Application Data\Thunderbird
2007-11-14 12:22 --------- d-----w C:\Program Files\Symantec
2007-11-14 12:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-11-14 09:55 --------- d-----w C:\Program Files\Alwil Software
2003-12-21 09:04 809 ------w C:\Program Files\INSTALL.LOG
2002-03-31 10:36 2,749 -c----w C:\Program Files\readme.txt
2000-04-24 20:15 3,500 -c----w C:\Program Files\cOuGaR-zOnE.nfo
1999-08-18 14:36 135,168 ------w C:\WINDOWS\inf\AGFA\message.exe
1999-08-16 20:05 14,336 ------w C:\Program Files\mod.dll
1995-09-20 15:16 456,976 ----a-w C:\Program Files\Fichiers communs\dao3032.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{49C1BF4E-99D8-4B5F-B58D-C4B3E48B9C69}]
2007-12-24 02:02 84992 --a------ c:\windows\system32\ekfpixguide.dll
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A58292AC-4B5C-4808-AC1D-72B6ED98ECB0}]
2001-08-28 13:00 84992 --a------ C:\WINDOWS\System32\avwavh.dll
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\ctfmon.exe" [2002-08-29 10:45 13312]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2002-08-20 15:08 1511453]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ptipbmf"="ptipbmf.dll" [2003-06-05 14:49 118784 C:\WINDOWS\system32\ptipbmf.dll]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [2007-06-29 00:43 8466432]
"nwiz"="nwiz.exe" [2007-06-29 00:43 1626112 C:\WINDOWS\system32\nwiz.exe]
"WinampAgent"="C:\Program Files\Winamp3\winampa.exe" [2003-12-21 10:06 12288]
"REGSHAVE"="C:\Program Files\REGSHAVE\REGSHAVE.exe" [2002-02-04 22:32 53248]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-10-19 20:16 286720]
"NeroCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
"CloneCDTray"="C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe" [2002-12-02 15:17 73728]
"CloneCDElbyCDFL"="C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" [2002-11-02 07:33 45056]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-03-09 01:02 919280]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 14:00 79224]
"LiveMonitor"="C:\Program Files\MSI\Live Update 3\LMonitor.exe" [2007-01-17 17:01 496640]
"nForce Tray Options"="sstray.exe" [2003-10-24 13:13 73728 C:\WINDOWS\system32\sstray.exe]
"WinSys2"="C:\WINDOWS\System32\winsys2.exe" [2006-04-29 11:36 208896]
"NvMediaCenter"="C:\WINDOWS\System32\NvMcTray.dll" [2007-06-29 00:43 81920]
"PivotSoftware"="C:\Program Files\WinPortrait\wpctrl.exe" [2003-07-02 23:57 692008]
"DAEMON Tools-1033"="C:\Program Files\D-Tools\daemon.exe" [2004-08-22 17:05 81920]
"BeClean Start-Up Clean"="C:\Program Files\BeClean\BeClean.exe" [2003-12-01 07:00 249856]
"BeClean Agent"="C:\Program Files\BeClean\bca.exe" [2003-12-01 07:00 36864]
"combofix"="C:\WINDOWS\system32\cmd.exe" [2001-08-28 13:00 388096]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2002-08-29 10:45 13312]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-10-23 22:18 443968]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dmcepizw]
ekfpixguide.dll 2007-12-24 02:02 84992 C:\WINDOWS\system32\ekfpixguide.dll
R0 axwhisky;axwhisky;C:\WINDOWS\System32\DRIVERS\axwhisky.sys [2003-07-02 17:41]
R0 axwskbus;axwskbus;C:\WINDOWS\System32\DRIVERS\axwskbus.sys [2003-07-02 16:49]
R0 ElbyVCD;ElbyVCD;C:\WINDOWS\System32\DRIVERS\ElbyVCD.sys [2002-11-28 11:43]
R0 taoebowt;taoebowt;C:\WINDOWS\System32\drivers\lwzosdpg.dat []
R1 pivot;pivot;C:\WINDOWS\System32\drivers\pivot.sys [2003-07-02 23:56]
R3 fhlppppoe;PPPOE/ADSL miniport;C:\WINDOWS\System32\DRIVERS\fhlpppoe.sys [2002-11-21 18:35]
R3 pivotmou;Pivot Mouse/Pointers Filter Driver;C:\WINDOWS\system32\drivers\pivotmou.sys [2003-07-02 23:56]
S2 wxpwwvql;AGP Bus g201a Controller;C:\WINDOWS\System32\svchost.exe [2001-08-28 13:00]
S3 Ip6FwHlp;Pare-feu de connexion Internet IPv6;C:\WINDOWS\System32\svchost.exe [2001-08-28 13:00]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\System32\DRIVERS\usbscan.sys [2002-08-29 01:48]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2002-08-29 01:32]
S4 WEBNTACCESS;WEBNTACCESS;C:\WINDOWS\System32\NTACCESS.SYS [2006-05-18 13:14]
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
wxpwwvql
*Newly Created Service* - WEBNTACCESS
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-12-28 07:16:05 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2007-11-14 22:23:52 C:\WINDOWS\Tasks\Gestionnaire d'utilitaires.job"
- C:\WINDOWS\system32\utilman.exe./start
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-04 23:11:28
Windows 5.1.2600 Service Pack 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------
PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\WINDOWS\System32\NavLogon.dll
.
Completion time: 2008-01-04 23:13:42 - machine was rebooted [dubos]
ComboFix-quarantined-files.txt 2008-01-04 22:13:38
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
3 janv. 2008 à 23:49
3 janv. 2008 à 23:49
selectionne ceci
registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{49C1BF4E-99D8-4B5F-B58D-C4B3E48B9C69}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A58292AC-4B5C-4808-AC1D-72B6ED98ECB0}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dmcepizw]
File::
C:\WINDOWS\system32\wpxekrqr.dat
C:\WINDOWS\system32\libeay32.dll
C:\WINDOWS\system32\libssl32.dll
C:\WINDOWS\system32\pnwbfdhn.dat
C:\WINDOWS\system32\msdrgcyo.dat
C:\WINDOWS\system32\gvziiuby.dat
C:\WINDOWS\system32\vdvmzugh.dat
C:\WINDOWS\system32\ekfpixguide.dll
C:\WINDOWS\system32\ekfpixguide.dll.bak
C:\WINDOWS\system32\drivers\lwzosdpg.dat
C:\WINDOWS\system32\rfqwpias.tmp
C:\WINDOWS\system32\avwavh.dll
=> Copie le texte sélectionné (CTRL+C).
=> Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
=> Colle le texte copié dans ce bloc-notes (CTRL+V).
=> Sauvegarde ce fichier sous le nom de CFScript.txt
=> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe
=> Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
=> Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
=> Une fois le scan achevé, un rapport va s'afficher : Poste son contenu.
=> Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
@+
registry::
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{49C1BF4E-99D8-4B5F-B58D-C4B3E48B9C69}]
[-HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A58292AC-4B5C-4808-AC1D-72B6ED98ECB0}]
[-HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dmcepizw]
File::
C:\WINDOWS\system32\wpxekrqr.dat
C:\WINDOWS\system32\libeay32.dll
C:\WINDOWS\system32\libssl32.dll
C:\WINDOWS\system32\pnwbfdhn.dat
C:\WINDOWS\system32\msdrgcyo.dat
C:\WINDOWS\system32\gvziiuby.dat
C:\WINDOWS\system32\vdvmzugh.dat
C:\WINDOWS\system32\ekfpixguide.dll
C:\WINDOWS\system32\ekfpixguide.dll.bak
C:\WINDOWS\system32\drivers\lwzosdpg.dat
C:\WINDOWS\system32\rfqwpias.tmp
C:\WINDOWS\system32\avwavh.dll
=> Copie le texte sélectionné (CTRL+C).
=> Ouvre le bloc-notes (programme>Accessoires >bloc-notes).
=> Colle le texte copié dans ce bloc-notes (CTRL+V).
=> Sauvegarde ce fichier sous le nom de CFScript.txt
=> Fais un glisser/déposer de ce fichier CFScript sur le fichier ComboFix.exe
=> Une fenêtre bleue va apparaître: au message qui apparaît ( Type 1 to continue, or 2 to abort) , tape 1 puis valide.
=> Patiente le temps du scan. Le bureau va disparaître à plusieurs reprises : c'est normal!
Ne touche à rien tant que le scan n'est pas terminé.
=> Une fois le scan achevé, un rapport va s'afficher : Poste son contenu.
=> Si le fichier ne s'ouvre pas, il se trouve ici > C:\ComboFix.txt
@+
Mab24
Messages postés
15
Date d'inscription
mercredi 2 janvier 2008
Statut
Membre
Dernière intervention
22 janvier 2008
4 janv. 2008 à 12:26
4 janv. 2008 à 12:26
Voici le rapport.
Les fichiers système supprimés doivent ils être réintroduits ? De quelle façon ?
Merci encore.
ComboFix 08-01-04.1 - xxxxx 2008-01-05 1:26:22.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.1.1252.1.1036.18.1591 [GMT 1:00]
Running from: C:\Documents and Settings\xxxxx\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\dubos\Bureau\CFScript.txt
* Created a new restore point
FILE
C:\WINDOWS\system32\avwavh.dll
C:\WINDOWS\system32\drivers\lwzosdpg.dat
C:\WINDOWS\system32\ekfpixguide.dll
C:\WINDOWS\system32\ekfpixguide.dll.bak
C:\WINDOWS\system32\gvziiuby.dat
C:\WINDOWS\system32\libeay32.dll
C:\WINDOWS\system32\libssl32.dll
C:\WINDOWS\system32\msdrgcyo.dat
C:\WINDOWS\system32\pnwbfdhn.dat
C:\WINDOWS\system32\rfqwpias.tmp
C:\WINDOWS\system32\vdvmzugh.dat
C:\WINDOWS\system32\wpxekrqr.dat
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\avwavh.dll
C:\WINDOWS\system32\drivers\lwzosdpg.dat
C:\WINDOWS\system32\ekfpixguide.dll
C:\WINDOWS\system32\ekfpixguide.dll.bak
C:\WINDOWS\system32\gvziiuby.dat
C:\WINDOWS\system32\libeay32.dll
C:\WINDOWS\system32\libssl32.dll
C:\WINDOWS\system32\msdrgcyo.dat
C:\WINDOWS\system32\pnwbfdhn.dat
C:\WINDOWS\system32\rfqwpias.tmp
C:\WINDOWS\system32\vdvmzugh.dat
C:\WINDOWS\system32\wpxekrqr.dat
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-05 to 2008-01-05 ))))))))))))))))))))))))))))))))))))
.
2008-01-05 01:29 . 2008-01-05 01:29 456 --a------ C:\WINDOWS\system32\miniPortInfo.dat
2008-01-03 22:52 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-03 00:50 . 2008-01-03 00:50 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2008-01-03 00:27 . 2008-01-03 00:50 <REP> d-------- C:\VundoFix Backups
2008-01-02 20:32 . 2008-01-02 20:32 <REP> d-------- C:\Program Files\Trend Micro
2008-01-02 18:44 . 2008-01-02 18:44 <REP> d-------- C:\part2
2008-01-01 20:46 . 2001-08-10 07:00 1,262,956 --------- C:\WINDOWS\system32\XMNT2001.EXE
2007-12-25 19:09 . 2007-12-25 19:09 <REP> d-------- C:\Documents and Settings\dubos\Application Data\Lavasoft
2007-12-25 14:59 . 2007-12-25 16:13 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-12-23 21:35 . 2007-12-23 21:35 <REP> d-------- C:\Language-pack 2
2007-12-23 12:47 . 2007-12-25 19:09 <REP> d-------- C:\Program Files\Lavasoft
2007-12-20 23:54 . 2007-12-23 21:20 22 --a------ C:\Spanned001.zip
2007-12-20 11:44 . 2007-12-23 01:49 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-20 11:44 . 2007-12-20 11:44 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-19 22:54 . 2008-01-03 03:16 <REP> d-------- C:\Mes Sites Web
2007-12-19 22:51 . 2007-12-19 22:51 <REP> d-------- C:\Program Files\WinHTTrack
2007-12-18 22:43 . 2007-12-18 22:43 <REP> d-------- C:\Program Files\Google
2007-12-18 22:43 . 2006-10-05 03:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-12-18 22:43 . 2006-10-05 03:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-12-16 18:37 . 2007-12-16 20:50 <REP> d-------- C:\Documents and Settings\dubos\Application Data\gtk-2.0
2007-12-16 15:38 . 2007-12-16 15:38 <REP> d-------- C:\Documents and Settings\dubos\Application Data\Inkscape
2007-12-16 15:37 . 2007-12-16 15:37 <REP> d-------- C:\Program Files\Inkscape
2007-12-09 21:52 . 2007-12-09 21:52 <REP> d-------- C:\Program Files\LightWork Design
2007-12-09 21:10 . 2007-12-09 21:10 <REP> d-------- C:\Program Files\Epson
2007-12-09 20:38 . 2007-12-09 22:30 <REP> d-------- C:\Program Files\Adobe Type Manager
2007-12-09 20:36 . 2007-12-09 22:30 <REP> d-------- C:\Program Files\PhotoDeluxe HE 3(2).1
2007-12-09 19:26 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Microsoft Picture It!(2)
2007-12-09 19:11 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Picture Page
2007-12-09 13:42 . 2007-12-09 14:47 5,210 --a------ C:\logfile
2007-12-09 12:50 . 2007-12-09 12:56 <REP> d-------- C:\Program Files\Kodak(2)
2007-12-09 11:31 . 2007-12-09 11:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kodak
2007-12-09 02:56 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\PACard
2007-12-09 02:52 . 2007-12-09 22:32 <REP> d-------- C:\pmw
2007-12-09 02:50 . 2007-12-09 02:50 <REP> d-------- C:\SIERRA
2007-12-09 02:44 . 2007-12-09 22:32 <REP> d-------- C:\WINDOWS\COREL
2007-12-09 02:44 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Corel(2)
2007-12-08 22:02 . 2007-12-09 02:35 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\PhotoParade
2007-12-08 20:58 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Scribus 1.3.4
2007-12-08 20:58 . 2007-12-09 22:32 <REP> d-------- C:\Documents and Settings\dubos\Application Data\Scribus
2007-12-08 13:16 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\gs
2007-12-07 22:33 . 2007-12-18 22:45 <REP> d-------- C:\Program Files\Picasa2
2007-12-06 23:22 . 2008-01-02 18:59 <REP> d-------- C:\Program Files\PhotoFiltre
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-05 00:30 --------- d-----w C:\Program Files\BeClean
2008-01-04 22:31 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-01-02 11:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-02 11:52 --------- d-----w C:\Program Files\PowerQuest
2008-01-02 11:19 --------- d-----w C:\Program Files\eMule
2007-12-09 21:33 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-09 21:29 --------- d-----w C:\Program Files\Fichiers communs\FotoNation
2007-12-06 21:47 --------- d-----w C:\Documents and Settings\dubos\Application Data\ZoomBrowser EX
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-01 20:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2007-11-25 21:33 --------- d-----w C:\Documents and Settings\dubos\Application Data\Canon
2007-11-25 21:15 --------- d-----w C:\Program Files\Canon
2007-11-25 21:01 --------- d-----w C:\Program Files\Fichiers communs\Canon
2007-11-18 20:06 --------- d-----w C:\Program Files\Anuman Interactive
2007-11-18 13:56 --------- d-----w C:\Program Files\Common Files
2007-11-18 12:35 540 ---ha-w C:\os062307.bin
2007-11-18 12:27 --------- d-----w C:\Program Files\IMSI
2007-11-18 12:25 --------- d-----w C:\Program Files\FloorPlan 3D v7 Setup
2007-11-18 11:21 --------- d-----w C:\Program Files\D-Tools
2007-11-17 23:53 --------- d-----w C:\Program Files\QuickTime
2007-11-17 23:53 --------- d-----w C:\Program Files\Apple Software Update
2007-11-17 23:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-17 23:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-11-17 22:30 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
2007-11-17 22:14 --------- d-----w C:\Program Files\WinPortrait
2007-11-17 21:48 --------- d-----w C:\Program Files\Mozilla Firefox(2)
2007-11-17 21:25 --------- d-----w C:\Program Files\Micro Application
2007-11-16 21:53 --------- d-----w C:\Program Files\Western Digital
2007-11-16 21:34 --------- d-----w C:\Documents and Settings\dubos\Application Data\Leadertech
2007-11-14 23:29 --------- d-----w C:\Program Files\Setup Files
2007-11-14 23:01 --------- d-----w C:\Program Files\MSI
2007-11-14 18:35 --------- d-----w C:\Documents and Settings\dubos\Application Data\Qualcomm
2007-11-14 18:31 --------- d-----w C:\Program Files\Qualcomm
2007-11-14 18:30 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-11-14 17:05 --------- d-----w C:\Documents and Settings\dubos\Application Data\Thunderbird
2007-11-14 12:22 --------- d-----w C:\Program Files\Symantec
2007-11-14 12:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-11-14 09:55 --------- d-----w C:\Program Files\Alwil Software
2003-12-21 09:04 809 ------w C:\Program Files\INSTALL.LOG
2002-03-31 10:36 2,749 -c----w C:\Program Files\readme.txt
2000-04-24 20:15 3,500 -c----w C:\Program Files\cOuGaR-zOnE.nfo
1999-08-18 14:36 135,168 ------w C:\WINDOWS\inf\AGFA\message.exe
1999-08-16 20:05 14,336 ------w C:\Program Files\mod.dll
1995-09-20 15:16 456,976 ----a-w C:\Program Files\Fichiers communs\dao3032.dll
.
((((((((((((((((((((((((((((( snapshot@2008-01-04_23.13.16.01 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-04 21:57:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-01-04 22:10:20 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-01-04 21:57:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-01-04 22:10:20 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2008-01-04 21:57:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-01-04 22:10:20 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-01-04 22:05:35 245,760 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
+ 2008-01-05 00:26:09 245,760 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
+ 2008-01-05 00:29:42 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_6a4.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
Les fichiers système supprimés doivent ils être réintroduits ? De quelle façon ?
Merci encore.
ComboFix 08-01-04.1 - xxxxx 2008-01-05 1:26:22.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.1.1252.1.1036.18.1591 [GMT 1:00]
Running from: C:\Documents and Settings\xxxxx\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\dubos\Bureau\CFScript.txt
* Created a new restore point
FILE
C:\WINDOWS\system32\avwavh.dll
C:\WINDOWS\system32\drivers\lwzosdpg.dat
C:\WINDOWS\system32\ekfpixguide.dll
C:\WINDOWS\system32\ekfpixguide.dll.bak
C:\WINDOWS\system32\gvziiuby.dat
C:\WINDOWS\system32\libeay32.dll
C:\WINDOWS\system32\libssl32.dll
C:\WINDOWS\system32\msdrgcyo.dat
C:\WINDOWS\system32\pnwbfdhn.dat
C:\WINDOWS\system32\rfqwpias.tmp
C:\WINDOWS\system32\vdvmzugh.dat
C:\WINDOWS\system32\wpxekrqr.dat
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\WINDOWS\system32\avwavh.dll
C:\WINDOWS\system32\drivers\lwzosdpg.dat
C:\WINDOWS\system32\ekfpixguide.dll
C:\WINDOWS\system32\ekfpixguide.dll.bak
C:\WINDOWS\system32\gvziiuby.dat
C:\WINDOWS\system32\libeay32.dll
C:\WINDOWS\system32\libssl32.dll
C:\WINDOWS\system32\msdrgcyo.dat
C:\WINDOWS\system32\pnwbfdhn.dat
C:\WINDOWS\system32\rfqwpias.tmp
C:\WINDOWS\system32\vdvmzugh.dat
C:\WINDOWS\system32\wpxekrqr.dat
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-12-05 to 2008-01-05 ))))))))))))))))))))))))))))))))))))
.
2008-01-05 01:29 . 2008-01-05 01:29 456 --a------ C:\WINDOWS\system32\miniPortInfo.dat
2008-01-03 22:52 . 2000-08-31 08:00 51,200 --a------ C:\WINDOWS\NirCmd.exe
2008-01-03 00:50 . 2008-01-03 00:50 24,576 --a------ C:\WINDOWS\system32\VundoFixSVC.exe
2008-01-03 00:27 . 2008-01-03 00:50 <REP> d-------- C:\VundoFix Backups
2008-01-02 20:32 . 2008-01-02 20:32 <REP> d-------- C:\Program Files\Trend Micro
2008-01-02 18:44 . 2008-01-02 18:44 <REP> d-------- C:\part2
2008-01-01 20:46 . 2001-08-10 07:00 1,262,956 --------- C:\WINDOWS\system32\XMNT2001.EXE
2007-12-25 19:09 . 2007-12-25 19:09 <REP> d-------- C:\Documents and Settings\dubos\Application Data\Lavasoft
2007-12-25 14:59 . 2007-12-25 16:13 <REP> d-------- C:\WINDOWS\BDOSCAN8
2007-12-23 21:35 . 2007-12-23 21:35 <REP> d-------- C:\Language-pack 2
2007-12-23 12:47 . 2007-12-25 19:09 <REP> d-------- C:\Program Files\Lavasoft
2007-12-20 23:54 . 2007-12-23 21:20 22 --a------ C:\Spanned001.zip
2007-12-20 11:44 . 2007-12-23 01:49 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-20 11:44 . 2007-12-20 11:44 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-19 22:54 . 2008-01-03 03:16 <REP> d-------- C:\Mes Sites Web
2007-12-19 22:51 . 2007-12-19 22:51 <REP> d-------- C:\Program Files\WinHTTrack
2007-12-18 22:43 . 2007-12-18 22:43 <REP> d-------- C:\Program Files\Google
2007-12-18 22:43 . 2006-10-05 03:42 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-12-18 22:43 . 2006-10-05 03:42 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-12-16 18:37 . 2007-12-16 20:50 <REP> d-------- C:\Documents and Settings\dubos\Application Data\gtk-2.0
2007-12-16 15:38 . 2007-12-16 15:38 <REP> d-------- C:\Documents and Settings\dubos\Application Data\Inkscape
2007-12-16 15:37 . 2007-12-16 15:37 <REP> d-------- C:\Program Files\Inkscape
2007-12-09 21:52 . 2007-12-09 21:52 <REP> d-------- C:\Program Files\LightWork Design
2007-12-09 21:10 . 2007-12-09 21:10 <REP> d-------- C:\Program Files\Epson
2007-12-09 20:38 . 2007-12-09 22:30 <REP> d-------- C:\Program Files\Adobe Type Manager
2007-12-09 20:36 . 2007-12-09 22:30 <REP> d-------- C:\Program Files\PhotoDeluxe HE 3(2).1
2007-12-09 19:26 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Microsoft Picture It!(2)
2007-12-09 19:11 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Picture Page
2007-12-09 13:42 . 2007-12-09 14:47 5,210 --a------ C:\logfile
2007-12-09 12:50 . 2007-12-09 12:56 <REP> d-------- C:\Program Files\Kodak(2)
2007-12-09 11:31 . 2007-12-09 11:33 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kodak
2007-12-09 02:56 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\PACard
2007-12-09 02:52 . 2007-12-09 22:32 <REP> d-------- C:\pmw
2007-12-09 02:50 . 2007-12-09 02:50 <REP> d-------- C:\SIERRA
2007-12-09 02:44 . 2007-12-09 22:32 <REP> d-------- C:\WINDOWS\COREL
2007-12-09 02:44 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Corel(2)
2007-12-08 22:02 . 2007-12-09 02:35 <REP> d-------- C:\WINDOWS\system32\config\systemprofile\Application Data\PhotoParade
2007-12-08 20:58 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\Scribus 1.3.4
2007-12-08 20:58 . 2007-12-09 22:32 <REP> d-------- C:\Documents and Settings\dubos\Application Data\Scribus
2007-12-08 13:16 . 2007-12-09 22:32 <REP> d-------- C:\Program Files\gs
2007-12-07 22:33 . 2007-12-18 22:45 <REP> d-------- C:\Program Files\Picasa2
2007-12-06 23:22 . 2008-01-02 18:59 <REP> d-------- C:\Program Files\PhotoFiltre
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-05 00:30 --------- d-----w C:\Program Files\BeClean
2008-01-04 22:31 --------- d-----w C:\Program Files\Mozilla Thunderbird
2008-01-02 11:59 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-02 11:52 --------- d-----w C:\Program Files\PowerQuest
2008-01-02 11:19 --------- d-----w C:\Program Files\eMule
2007-12-09 21:33 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2007-12-09 21:29 --------- d-----w C:\Program Files\Fichiers communs\FotoNation
2007-12-06 21:47 --------- d-----w C:\Documents and Settings\dubos\Application Data\ZoomBrowser EX
2007-12-04 14:56 93,264 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-12-04 14:55 94,544 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-12-04 14:53 23,152 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-12-04 14:51 42,912 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-12-04 14:49 26,624 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-12-01 20:42 --------- d-----w C:\Documents and Settings\All Users\Application Data\ZoomBrowser
2007-11-25 21:33 --------- d-----w C:\Documents and Settings\dubos\Application Data\Canon
2007-11-25 21:15 --------- d-----w C:\Program Files\Canon
2007-11-25 21:01 --------- d-----w C:\Program Files\Fichiers communs\Canon
2007-11-18 20:06 --------- d-----w C:\Program Files\Anuman Interactive
2007-11-18 13:56 --------- d-----w C:\Program Files\Common Files
2007-11-18 12:35 540 ---ha-w C:\os062307.bin
2007-11-18 12:27 --------- d-----w C:\Program Files\IMSI
2007-11-18 12:25 --------- d-----w C:\Program Files\FloorPlan 3D v7 Setup
2007-11-18 11:21 --------- d-----w C:\Program Files\D-Tools
2007-11-17 23:53 --------- d-----w C:\Program Files\QuickTime
2007-11-17 23:53 --------- d-----w C:\Program Files\Apple Software Update
2007-11-17 23:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple Computer
2007-11-17 23:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2007-11-17 22:30 8,192 --sha-w C:\WINDOWS\o2cLicStore.bin
2007-11-17 22:14 --------- d-----w C:\Program Files\WinPortrait
2007-11-17 21:48 --------- d-----w C:\Program Files\Mozilla Firefox(2)
2007-11-17 21:25 --------- d-----w C:\Program Files\Micro Application
2007-11-16 21:53 --------- d-----w C:\Program Files\Western Digital
2007-11-16 21:34 --------- d-----w C:\Documents and Settings\dubos\Application Data\Leadertech
2007-11-14 23:29 --------- d-----w C:\Program Files\Setup Files
2007-11-14 23:01 --------- d-----w C:\Program Files\MSI
2007-11-14 18:35 --------- d-----w C:\Documents and Settings\dubos\Application Data\Qualcomm
2007-11-14 18:31 --------- d-----w C:\Program Files\Qualcomm
2007-11-14 18:30 --------- d-----w C:\Program Files\Fichiers communs\InstallShield
2007-11-14 17:05 --------- d-----w C:\Documents and Settings\dubos\Application Data\Thunderbird
2007-11-14 12:22 --------- d-----w C:\Program Files\Symantec
2007-11-14 12:22 --------- d-----w C:\Documents and Settings\All Users\Application Data\Symantec
2007-11-14 09:55 --------- d-----w C:\Program Files\Alwil Software
2003-12-21 09:04 809 ------w C:\Program Files\INSTALL.LOG
2002-03-31 10:36 2,749 -c----w C:\Program Files\readme.txt
2000-04-24 20:15 3,500 -c----w C:\Program Files\cOuGaR-zOnE.nfo
1999-08-18 14:36 135,168 ------w C:\WINDOWS\inf\AGFA\message.exe
1999-08-16 20:05 14,336 ------w C:\Program Files\mod.dll
1995-09-20 15:16 456,976 ----a-w C:\Program Files\Fichiers communs\dao3032.dll
.
((((((((((((((((((((((((((((( snapshot@2008-01-04_23.13.16.01 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-01-04 21:57:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-01-04 22:10:20 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-01-04 21:57:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
+ 2008-01-04 22:10:20 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Historique\History.IE5\index.dat
- 2008-01-04 21:57:57 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-01-04 22:10:20 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-01-04 22:05:35 245,760 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
+ 2008-01-05 00:26:09 245,760 ----a-w C:\WINDOWS\system32\config\systemprofile\ntuser.dat
+ 2008-01-05 00:29:42 16,384 ----atw C:\WINDOWS\Temp\Perflib_Perfdata_6a4.dat
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:40:07, on 04/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\atievxx.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\BlueSynchroManager\BlueSynchroManager.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\OdHost.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54Cfg.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9F4AF0A8-D602-4BC7-9BBE-8ACC13454A06} - C:\WINDOWS\system32\btse.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: BlueSynchroManager.lnk = C:\Program Files\BlueSynchroManager\BlueSynchroManager.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Moniteur de réseau sans fil G.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\Startup.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?e0aac62f1ba24a7795ed30465788df80
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?e0aac62f1ba24a7795ed30465788df80
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NICSer_WPC54G - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
Scan saved at 12:40:07, on 04/01/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\atievxx.exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\WIDCOMM\Logiciel Bluetooth\BTTray.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\BlueSynchroManager\BlueSynchroManager.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\OdHost.exe
C:\Program Files\Linksys\Wireless-G Notebook Adapter\WPC54Cfg.exe
C:\PROGRA~1\WIDCOMM\LOGICI~1\BTSTAC~1.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.fr/toolbar/ie8/sidebar.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://home.sweetim.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://www.google.fr/?gws_rd=ssl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {9F4AF0A8-D602-4BC7-9BBE-8ACC13454A06} - C:\WINDOWS\system32\btse.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.615.5858\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [nlsf] cmd.exe /C move /Y "%SystemRoot%\System32\syssetub.dll" "%SystemRoot%\System32\syssetup.dll" (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [Config] %systemroot%\system32\run.cmd (User 'Default user')
O4 - Startup: BlueSynchroManager.lnk = C:\Program Files\BlueSynchroManager\BlueSynchroManager.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Moniteur de réseau sans fil G.lnk = C:\Program Files\Linksys\Wireless-G Notebook Adapter\Startup.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - https://onedrive.live.com/?id=favorites
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Envoyer à &Bluetooth - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie_ctx.htm
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/229?e0aac62f1ba24a7795ed30465788df80
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\Windows Live Toolbar\Components\fr-fr\msntabres.dll.mui/230?e0aac62f1ba24a7795ed30465788df80
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Logiciel Bluetooth\btsendto_ie.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Logiciel Bluetooth\bin\btwdins.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NICSer_WPC54G - Unknown owner - C:\Program Files\Linksys\Wireless-G Notebook Adapter\NICServ.exe
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
4 janv. 2008 à 18:52
4 janv. 2008 à 18:52
Bonsoir mab24,
les fichiers supprimés sont des infections
pour la suite suit ceci
Télécharge:
http://www.grisoft.cz/filedir/inst/avgas-setup-7.5.1.43.exe AVG-AntiSpyware
=> Installer
=> Le lancer
=> Clic : Mise à jour
------
= Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.
Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
-------
=> Dans ANALYSE ( en forme de loupe )
=> Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine
=> Clic : Analyse complète du système
-------
=> à la fin du scan ( qui est assez long)
=> Clic Appliquer toutes les actions <== ceci Très important
=> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
-------
En mode normal
colle le rapport
ensuite un nouveau rapport hijack
@+
les fichiers supprimés sont des infections
pour la suite suit ceci
Télécharge:
http://www.grisoft.cz/filedir/inst/avgas-setup-7.5.1.43.exe AVG-AntiSpyware
=> Installer
=> Le lancer
=> Clic : Mise à jour
------
= Redémarre en mode Sans Échec (le démarrage peut prendre plusieurs minutes)
Attention, pas d’accès à internet dans ce mode. Enregistre ou imprime les consignes.
Relance le Pc et tapote la touche F8 ( ou F5 pour certains) , jusqu’à l’apparition des inscriptions avec choix de démarrage
Avec les touches « flèches », sélectionne Mode sans échec ==> entrée ==>nom utilisateur habituel
-------
=> Dans ANALYSE ( en forme de loupe )
=> Paramètres ==> sous COMMENT REAGIR==>clic sur Actions recommandées ==>Quarantaine
=> Clic : Analyse complète du système
-------
=> à la fin du scan ( qui est assez long)
=> Clic Appliquer toutes les actions <== ceci Très important
=> Clic Sauvegarder rapport puis Enregistrer sous et choisir bureau
-------
En mode normal
colle le rapport
ensuite un nouveau rapport hijack
@+
Mab24
Messages postés
15
Date d'inscription
mercredi 2 janvier 2008
Statut
Membre
Dernière intervention
22 janvier 2008
5 janv. 2008 à 09:30
5 janv. 2008 à 09:30
Bonjour EP 44
Voici le rapport du scan AVG :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 03:45:41 06/01/2008
+ Résultat de l'analyse:
D:\Downloads\PDA\Jeux pda\[Pocket PC] - Full Cd - Games and Apps\new\StorageCard26.zip/StorageCard26/hpc-StorageCard26.zip/patch.exe -> Backdoor.Theef.111 : Nettoyé.
F:\Downloads\PDA\Jeux pda\[Pocket PC] - Full Cd - Games and Apps\new\StorageCard26.zip/StorageCard26/hpc-StorageCard26.zip/patch.exe -> Backdoor.Theef.111 : Nettoyé.
D:\Downloads\applications\Imsi Floorplan 3D Design Suite v9.0 Incl Keygen-Ssg.rar/setup_pack\keygen.exe -> Heuristic.Win32.Morphine-Crypted : Nettoyé.
F:\Downloads\applications\Imsi Floorplan 3D Design Suite v9.0 Incl Keygen-Ssg.rar/setup_pack\keygen.exe -> Heuristic.Win32.Morphine-Crypted : Nettoyé.
:mozilla.489:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.490:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.858:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.859:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.870:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.871:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.883:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.144:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.145:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.146:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.147:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.148:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.149:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.150:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.151:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.152:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.153:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.154:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.155:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.156:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.157:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.158:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.365:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.369:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.462:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.463:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.464:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.465:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.46:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.532:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.568:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.586:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.609:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.688:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.721:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.865:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.916:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@maxis.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@snapfish.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.520:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.521:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.161:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.162:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.163:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.164:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.165:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.166:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.148:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.45:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.56:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.57:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.122:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.123:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.124:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.125:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.126:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.138:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.139:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.140:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.141:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.26:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.27:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.28:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.29:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.104:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.255:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.864:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@adviva[1].txt -> TrackingCookie.Adviva : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@adviva[1].txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.193:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.198:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.70:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.778:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Bfast : Nettoyé.
:mozilla.849:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Bfast : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@bfast[1].txt -> TrackingCookie.Bfast : Nettoyé.
:mozilla.39:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.52:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.62:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@www.burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.761:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Centrport : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@centrport[1].txt -> TrackingCookie.Centrport : Nettoyé.
:mozilla.201:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.202:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.203:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.625:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.627:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.628:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.639:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.642:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.88:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.90:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.91:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.92:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.93:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.94:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.95:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.787:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@connextra[2].txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.404:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Dealtime : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.142:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.24:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.25:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.20:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.21:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.21:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.687:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@estat[2].txt -> TrackingCookie.Estat : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@www.etracker[1].txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.141:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.466:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.467:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.73:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.75:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.833:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.834:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.232:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.315:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.484:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.501:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.519:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.553:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.583:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.852:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.887:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.896:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.912:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.10:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.11:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.178:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.179:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.180:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.20:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.630:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.668:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.695:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.696:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.712:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-atariinc.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-finaref.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-gamespot.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-upcchellomedia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-warnerbrothers.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-youtube.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-yvesrocher.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@hg1.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.343:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.344:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.707:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.796:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.893:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.894:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.134:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.213:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.25:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
F:\Documents and Settings\xp\Cookies\xp@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.517:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.518:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.519:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.523:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.573:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.575:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.577:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ie.search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.276:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.382:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.115:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.116:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.117:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.37:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.38:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.39:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.71:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.572:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Paycounter : Nettoyé.
:mozilla.427:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Planetactive : Nettoyé.
:mozilla.81:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Planetactive : Nettoyé.
:mozilla.846:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.853:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.854:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.857:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.909:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Pro-market : Nettoyé.
:mozilla.910:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Pro-market : Nettoyé.
:mozilla.441:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.442:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.481:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.482:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.534:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
:mozilla.693:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@france.real[1].txt -> TrackingCookie.Real : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@real[1].txt -> TrackingCookie.Real : Nettoyé.
:mozilla.484:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.486:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.487:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@realmedia[2].txt -> TrackingCookie.Realmedia : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.459:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.483:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.169:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.170:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.171:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.172:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.173:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.174:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.184:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.185:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.186:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.187:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.188:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.189:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.190:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.75:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.76:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.77:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.78:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.79:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.80:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.368:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.609:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.610:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.612:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.807:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.812:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.873:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.875:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.22:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.23:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.24:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.25:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.30:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.31:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.32:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.87:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.89:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.90:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.91:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
F:\Documents and Settings\xp\Cookies\xp@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.135:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.370:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.371:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.372:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.373:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.374:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.375:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.706:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.709:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.710:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.711:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.712:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.713:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.714:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.20:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.212:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.213:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.23:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.24:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.64:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.66:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.67:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.68:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.69:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.377:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Trafic : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@trafic[1].txt -> TrackingCookie.Trafic : Nettoyé.
:mozilla.408:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.335:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.338:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@valueclick[2].txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.129:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.130:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.131:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.27:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.28:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.29:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.47:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.50:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
F:\Documents and Settings\xp\Cookies\xp@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.193:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.206:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.207:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.394:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.546:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.698:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.713:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.832:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.847:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.856:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.867:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.868:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.869:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\QooBox\Quarantine\catchme2008-01-05_ 12949.07.zip/avwavh.dll -> Trojan.BHO.agz : Nettoyé.
D:\WINDOWS\system32\dllcache\hnetmon.dll -> Trojan.Susear.a : Nettoyé.
F:\WINDOWS\WINDOWS\system32\dllcache\hnetmon.dll -> Trojan.Susear.a : Nettoyé.
F:\WINDOWS\system32\dllcache\hnetmon.dll -> Trojan.Susear.a : Nettoyé.
Fin du rapport
Voici le rapport du scan AVG :
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 03:45:41 06/01/2008
+ Résultat de l'analyse:
D:\Downloads\PDA\Jeux pda\[Pocket PC] - Full Cd - Games and Apps\new\StorageCard26.zip/StorageCard26/hpc-StorageCard26.zip/patch.exe -> Backdoor.Theef.111 : Nettoyé.
F:\Downloads\PDA\Jeux pda\[Pocket PC] - Full Cd - Games and Apps\new\StorageCard26.zip/StorageCard26/hpc-StorageCard26.zip/patch.exe -> Backdoor.Theef.111 : Nettoyé.
D:\Downloads\applications\Imsi Floorplan 3D Design Suite v9.0 Incl Keygen-Ssg.rar/setup_pack\keygen.exe -> Heuristic.Win32.Morphine-Crypted : Nettoyé.
F:\Downloads\applications\Imsi Floorplan 3D Design Suite v9.0 Incl Keygen-Ssg.rar/setup_pack\keygen.exe -> Heuristic.Win32.Morphine-Crypted : Nettoyé.
:mozilla.489:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.490:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.858:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.859:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.870:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.871:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.883:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@247realmedia[2].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.144:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.145:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.146:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.147:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.148:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.149:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.150:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.151:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.152:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.153:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.154:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.155:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.156:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.157:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.158:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.365:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.369:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.462:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.463:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.464:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.465:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.46:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.532:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.568:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.586:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.609:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.688:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.721:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.865:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.916:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@karavel.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@maxis.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@snapfish.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.520:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.521:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adjuggler : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Nettoyé.
:mozilla.161:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.162:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.163:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.164:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.165:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.166:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.148:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.45:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.56:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.57:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.122:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.123:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.124:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.125:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.126:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.138:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.139:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.140:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.141:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.26:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.27:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.28:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.29:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.104:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.255:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.864:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@adviva[1].txt -> TrackingCookie.Adviva : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@adviva[1].txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.193:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.198:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.70:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.778:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Bfast : Nettoyé.
:mozilla.849:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Bfast : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@bfast[1].txt -> TrackingCookie.Bfast : Nettoyé.
:mozilla.39:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.52:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.62:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@www.burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.761:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Centrport : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@centrport[1].txt -> TrackingCookie.Centrport : Nettoyé.
:mozilla.201:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.202:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.203:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.625:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.627:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.628:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.639:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.642:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.88:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.90:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.91:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.92:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.93:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.94:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.95:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.787:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Connextra : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@connextra[2].txt -> TrackingCookie.Connextra : Nettoyé.
:mozilla.404:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Dealtime : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.142:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.24:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.25:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.20:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.21:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.21:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.687:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@estat[2].txt -> TrackingCookie.Estat : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@www.etracker[1].txt -> TrackingCookie.Etracker : Nettoyé.
:mozilla.141:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.466:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.467:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.73:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.75:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.833:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.834:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.232:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.315:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.484:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.501:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.519:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.553:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.583:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.852:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.887:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.896:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.912:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.10:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.11:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.178:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.179:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.180:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.20:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.630:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.668:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.695:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.696:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.712:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-atariinc.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-finaref.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-gamespot.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-upcchellomedia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-warnerbrothers.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-youtube.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ehg-yvesrocher.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@hg1.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.343:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.344:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.707:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.796:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.893:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.894:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.134:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.213:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.25:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
F:\Documents and Settings\xp\Cookies\xp@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.517:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.518:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.519:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.523:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.573:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.575:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.577:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Msn : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ie.search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.276:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.382:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.115:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.116:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.117:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.37:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.38:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.39:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.71:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.572:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Paycounter : Nettoyé.
:mozilla.427:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Planetactive : Nettoyé.
:mozilla.81:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Planetactive : Nettoyé.
:mozilla.846:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.853:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.854:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.857:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Pointroll : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.909:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Pro-market : Nettoyé.
:mozilla.910:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Pro-market : Nettoyé.
:mozilla.441:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.442:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.481:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.482:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@questionmarket[1].txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.534:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
:mozilla.693:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Real : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@france.real[1].txt -> TrackingCookie.Real : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@real[1].txt -> TrackingCookie.Real : Nettoyé.
:mozilla.484:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.486:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.487:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@realmedia[2].txt -> TrackingCookie.Realmedia : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.459:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.483:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Revsci : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@revsci[2].txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.169:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.170:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.171:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.172:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.173:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.174:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.184:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.185:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.186:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.187:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.188:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.189:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.190:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.75:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.76:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.77:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.78:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.79:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.80:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.368:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.609:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.610:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.612:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.807:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.812:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.873:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.875:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.22:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.23:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.24:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.25:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.30:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.31:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.32:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.87:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.89:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.90:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.91:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
F:\Documents and Settings\xp\Cookies\xp@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.135:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.370:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.371:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.372:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.373:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.374:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.375:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.706:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.709:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.710:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.711:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.712:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.713:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.714:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.20:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.212:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.213:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.23:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.24:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.64:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.66:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.67:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.68:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.69:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.377:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Trafic : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@trafic[1].txt -> TrackingCookie.Trafic : Nettoyé.
:mozilla.408:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.335:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.338:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Valueclick : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@valueclick[2].txt -> TrackingCookie.Valueclick : Nettoyé.
:mozilla.129:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.130:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.131:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.27:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.28:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.29:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.47:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.50:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
F:\Documents and Settings\xp\Cookies\xp@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.193:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\560rplta.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.206:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.207:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Webtrends : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.394:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.546:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.698:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.713:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\dubos\Cookies\dubos@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.832:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.847:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.856:F:\Disque local (L)\Documents and Settings\xp f\Application Data\Mozilla\Firefox\Profiles\crkx381v.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.867:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.868:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.869:C:\Documents and Settings\dubos\Application Data\Mozilla\Firefox\Profiles\jfdr827e.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
F:\Disque local (L)\Documents and Settings\xp f\Cookies\xp f@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\QooBox\Quarantine\catchme2008-01-05_ 12949.07.zip/avwavh.dll -> Trojan.BHO.agz : Nettoyé.
D:\WINDOWS\system32\dllcache\hnetmon.dll -> Trojan.Susear.a : Nettoyé.
F:\WINDOWS\WINDOWS\system32\dllcache\hnetmon.dll -> Trojan.Susear.a : Nettoyé.
F:\WINDOWS\system32\dllcache\hnetmon.dll -> Trojan.Susear.a : Nettoyé.
Fin du rapport
Mab24
Messages postés
15
Date d'inscription
mercredi 2 janvier 2008
Statut
Membre
Dernière intervention
22 janvier 2008
5 janv. 2008 à 09:31
5 janv. 2008 à 09:31
et celui de hijack :
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:30:12, on 06/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\System32\sstray.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\BeClean\bca.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\WinPortrait\floater.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fr.netscape.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.fr.netscape.com/fr/home/winsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.fr.netscape.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N1 - Netscape 4: user_pref("browser.startup.homepage", ""); (C:\Program Files\Netscape\Users\jluc\prefs.js)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BeClean Start-Up Clean] C:\Program Files\BeClean\BeClean.exe /s
O4 - HKLM\..\Run: [BeClean Agent] C:\Program Files\BeClean\bca.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/2328ee0e86968d964622/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/dubos/LOCALS~1/Temp/msohtml1/01/clip_image003.gif
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:30:12, on 06/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\System32\sstray.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\BeClean\bca.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\WinPortrait\floater.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fr.netscape.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.fr.netscape.com/fr/home/winsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.fr.netscape.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N1 - Netscape 4: user_pref("browser.startup.homepage", ""); (C:\Program Files\Netscape\Users\jluc\prefs.js)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BeClean Start-Up Clean] C:\Program Files\BeClean\BeClean.exe /s
O4 - HKLM\..\Run: [BeClean Agent] C:\Program Files\BeClean\bca.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/2328ee0e86968d964622/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/dubos/LOCALS~1/Temp/msohtml1/01/clip_image003.gif
Mab24
Messages postés
15
Date d'inscription
mercredi 2 janvier 2008
Statut
Membre
Dernière intervention
22 janvier 2008
5 janv. 2008 à 09:48
5 janv. 2008 à 09:48
Avast ne me détecte plus le trojan incriminé mais me trouve celui ci en quatre endroits différents : Win32:Obfuscated-BPP [Trj]
Ep44, je comprends que les fichiers supprimés sont des infections, mais j'imagine que l'on supprime, avec les infections, les fichiers infectés ?
A ce stade, je veux te remercier de ton coaching très efficace.
C'est assez impressionnant toutes ces manips sans forcément tout comprendre, et donc faire le pari de la confiance aveugle ! ;)
Ep44, je comprends que les fichiers supprimés sont des infections, mais j'imagine que l'on supprime, avec les infections, les fichiers infectés ?
A ce stade, je veux te remercier de ton coaching très efficace.
C'est assez impressionnant toutes ces manips sans forcément tout comprendre, et donc faire le pari de la confiance aveugle ! ;)
ep44
Messages postés
7393
Date d'inscription
samedi 10 novembre 2007
Statut
Contributeur
Dernière intervention
11 novembre 2010
3
5 janv. 2008 à 11:52
5 janv. 2008 à 11:52
Bonjour Mab24,
on supprime en effet l'infection, si tu prend ceci par exemple
C:\WINDOWS\system32\wpxekrqr.dat
on supprime que wpxekrqr.dat on supprime aussi les clés de lancement
si ensuite plusieurs fichiers on était infectés des nettoyage en ligne font parfaitement ça
ce que tu vas faire
donc Fais un scan antivirus en ligne avec Internet Explorer
https://www.bitdefender.fr/
=> En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
=> Dans la nouvelle fenêtre, clique sur I agree
=> La fenêtre change encore, clique sur Click here to scan
=> Les signatures se chargent, etc.
=> copie colle le résultat ici
tuto en image
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
et
reposte un nouveau rapport hijackthis
on supprime en effet l'infection, si tu prend ceci par exemple
C:\WINDOWS\system32\wpxekrqr.dat
on supprime que wpxekrqr.dat on supprime aussi les clés de lancement
si ensuite plusieurs fichiers on était infectés des nettoyage en ligne font parfaitement ça
ce que tu vas faire
donc Fais un scan antivirus en ligne avec Internet Explorer
https://www.bitdefender.fr/
=> En bas, à gauche de la fenêtre, clique sur BitDefender SCAN ONLINE
=> Dans la nouvelle fenêtre, clique sur I agree
=> La fenêtre change encore, clique sur Click here to scan
=> Les signatures se chargent, etc.
=> copie colle le résultat ici
tuto en image
http://pageperso.aol.fr/rginformatique/mapage/defender.htm
et
reposte un nouveau rapport hijackthis
Mab24
Messages postés
15
Date d'inscription
mercredi 2 janvier 2008
Statut
Membre
Dernière intervention
22 janvier 2008
6 janv. 2008 à 11:50
6 janv. 2008 à 11:50
Bonjour,
Voici le raaport bit defender :
BitDefender Online Scanner
Rapport d'analyse généré à: Mon, Jan 07, 2008 - 08:51:17
Voie d'analyse: A:\;C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;K:\;M:\;N:\;O:\;P:\;
Statistiques
Temps
18:32:48
Fichiers
2403931
Directoires
39958
Secteurs de boot
6
Archives
401760
Paquets programmes
69558
Résultats
Virus identifiés
91
Fichiers infectés
150
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
0
Info sur les moteurs
Définition virus
885530
Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Analyse des plugins
14
Archive des plugins
38
Unpack des plugins
7
E-mail plugins
6
Système plugins
1
Paramètres d'analyse
Première action
Rapport
Seconde Action
__SECACT__
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
*;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Inbox=>(message 16967)
Infecté par: Generic.Peed.Eml.21C9FF8B
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1792)
Infecté par: Generic.Peed.Eml.4708C3B3
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1794)
Infecté par: Generic.Peed.Eml.460DEBCF
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1797)
Infecté par: Generic.Peed.Eml.CB455CC5
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1802)
Infecté par: Generic.Peed.Eml.F001A4CE
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1806)
Infecté par: Generic.Peed.Eml.CF9EAF80
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1818)
Infecté par: Generic.Peed.Eml.8C0D549E
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1820)
Infecté par: Generic.Peed.Eml.72B1CF21
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1823)
Infecté par: Generic.Peed.Eml.B4081D8C
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1828)
Infecté par: Generic.Peed.Eml.8B65EA36
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1829)
Infecté par: Generic.Peed.Eml.EBE40DC9
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1832)
Infecté par: Generic.Peed.Eml.6864FAB4
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1838)
Infecté par: Generic.Peed.Eml.712BB407
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1846)
Infecté par: Generic.Peed.Eml.56A8FA51
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1849)
Infecté par: Generic.Peed.Eml.27F65588
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1850)
Infecté par: Generic.Peed.Eml.1A7E0A24
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1851)
Infecté par: Generic.Peed.Eml.F12E7CDF
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1852)
Infecté par: Generic.Peed.Eml.0669F95E
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1853)
Infecté par: Generic.Peed.Eml.76A0E38B
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1854)
Infecté par: Generic.Peed.Eml.F49FCDAA
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1855)
Infecté par: Generic.Peed.Eml.225A23AE
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1857)
Infecté par: Generic.Peed.Eml.F2BFA659
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1876)
Infecté par: Generic.Peed.Eml.55379FD5
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1878)
Infecté par: Generic.Peed.Eml.EB539359
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1879)
Infecté par: Generic.Peed.Eml.7F795C67
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1880)
Infecté par: Generic.Peed.Eml.F52BFCA6
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1885)
Infecté par: Generic.Peed.Eml.A9E6DF5A
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1889)
Infecté par: Generic.Peed.Eml.C15A78D2
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Boîte de réception=>(message 7988)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Wed, 21 Jun 2006 04:05:01 +0300]=>(MIME part)=>(MIME part)=>(message body)
Infecté par: Exploit.Iframe.Vulnerability.B
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 897)
Infecté par: Generic.Peed.Eml.4708C3B3
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 899)
Infecté par: Generic.Peed.Eml.460DEBCF
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 902)
Infecté par: Generic.Peed.Eml.CB455CC5
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 907)
Infecté par: Generic.Peed.Eml.F001A4CE
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 911)
Infecté par: Generic.Peed.Eml.CF9EAF80
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 923)
Infecté par: Generic.Peed.Eml.8C0D549E
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 925)
Infecté par: Generic.Peed.Eml.72B1CF21
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 928)
Infecté par: Generic.Peed.Eml.B4081D8C
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 933)
Infecté par: Generic.Peed.Eml.8B65EA36
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 934)
Infecté par: Generic.Peed.Eml.EBE40DC9
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 937)
Infecté par: Generic.Peed.Eml.6864FAB4
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 943)
Infecté par: Generic.Peed.Eml.712BB407
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 951)
Infecté par: Generic.Peed.Eml.56A8FA51
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 954)
Infecté par: Generic.Peed.Eml.27F65588
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 955)
Infecté par: Generic.Peed.Eml.1A7E0A24
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 956)
Infecté par: Generic.Peed.Eml.F12E7CDF
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 957)
Infecté par: Generic.Peed.Eml.0669F95E
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 958)
Infecté par: Generic.Peed.Eml.76A0E38B
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 959)
Infecté par: Generic.Peed.Eml.F49FCDAA
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 960)
Infecté par: Generic.Peed.Eml.225A23AE
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 962)
Infecté par: Generic.Peed.Eml.F2BFA659
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 981)
Infecté par: Generic.Peed.Eml.55379FD5
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 983)
Infecté par: Generic.Peed.Eml.EB539359
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 984)
Infecté par: Generic.Peed.Eml.7F795C67
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 985)
Infecté par: Generic.Peed.Eml.F52BFCA6
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 990)
Infecté par: Generic.Peed.Eml.A9E6DF5A
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 994)
Infecté par: Generic.Peed.Eml.C15A78D2
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Boîte de réception=>(message 7988)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Wed, 21 Jun 2006 04:05:01 +0300]=>(MIME part)=>(MIME part)=>(message body)
Infecté par: Exploit.Iframe.Vulnerability.B
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 897)
Infecté par: Generic.Peed.Eml.4708C3B3
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 899)
Infecté par: Generic.Peed.Eml.460DEBCF
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 902)
Infecté par: Generic.Peed.Eml.CB455CC5
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 907)
Infecté par: Generic.Peed.Eml.F001A4CE
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 911)
Infecté par: Generic.Peed.Eml.CF9EAF80
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 923)
Infecté par: Generic.Peed.Eml.8C0D549E
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 925)
Infecté par: Generic.Peed.Eml.72B1CF21
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 928)
Infecté par: Generic.Peed.Eml.B4081D8C
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 933)
Infecté par: Generic.Peed.Eml.8B65EA36
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 934)
Infecté par: Generic.Peed.Eml.EBE40DC9
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 937)
Infecté par: Generic.Peed.Eml.6864FAB4
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 943)
Infecté par: Generic.Peed.Eml.712BB407
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 951)
Infecté par: Generic.Peed.Eml.56A8FA51
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 954)
Infecté par: Generic.Peed.Eml.27F65588
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 955)
Infecté par: Generic.Peed.Eml.1A7E0A24
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 956)
Infecté par: Generic.Peed.Eml.F12E7CDF
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 957)
Infecté par: Generic.Peed.Eml.0669F95E
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 958)
Infecté par: Generic.Peed.Eml.76A0E38B
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 959)
Infecté par: Generic.Peed.Eml.F49FCDAA
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 960)
Infecté par: Generic.Peed.Eml.225A23AE
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 962)
Infecté par: Generic.Peed.Eml.F2BFA659
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 981)
Infecté par: Generic.Peed.Eml.55379FD5
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 983)
Infecté par: Generic.Peed.Eml.EB539359
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 984)
Infecté par: Generic.Peed.Eml.7F795C67
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 985)
Infecté par: Generic.Peed.Eml.F52BFCA6
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 990)
Infecté par: Generic.Peed.Eml.A9E6DF5A
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 994)
Infecté par: Generic.Peed.Eml.C15A78D2
C:\QooBox\Quarantine\C\WINDOWS\system32\avwavh.dll.vir
Infecté par: Trojan.Spy.Bzub.NGP
C:\System Volume Information\_restore{90FEB88B-5CE9-42F4-BFE3-0D0D3AF97BD4}\RP3\A0000143.dll
Infecté par: Trojan.Spy.Bzub.NGP
D:\Downloads\applications\Alcohol120.v1.4.6.(Build.711)-crack.rar=>REGPATCH.EXE
Infecté par: Trojan.Regpat.A
D:\Downloads\applications\IMSI.FLOORPLAN.3D.DESIGN.SUITE.V9.0-TDA.bin=>CRACK/ssg-fp9.exe
Infecté par: Packer.FSG.A
F:\Documents and Settings\xp\.housecall6.6\Quarantine\Alcatel (Unlock - Débloquer - Programme).rar.bac_a02300=>(Quarantine-4)=>Alcatel\DIVERS\989_alcabe5unleuro.zip=>alcabe5unl.exe
Infecté par: Trojan.Win32.Belocker.A
F:\Documents and Settings\xp\.housecall6.6\Quarantine\Alcatel (Unlock - Débloquer - Programme).rar.bac_a03456=>(Quarantine-4)=>Alcatel\DIVERS\989_alcabe5unleuro.zip=>alcabe5unl.exe
Infecté par: Trojan.Win32.Belocker.A
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Boîte de réception=>(message 7988)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Wed, 21 Jun 2006 04:05:01 +0300]=>(MIME part)=>(MIME part)=>(message body)
Infecté par: Exploit.Iframe.Vulnerability.B
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 897)
Infecté par: Generic.Peed.Eml.4708C3B3
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 899)
Infecté par: Generic.Peed.Eml.460DEBCF
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 902)
Infecté par: Generic.Peed.Eml.CB455CC5
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 907)
Infecté par: Generic.Peed.Eml.F001A4CE
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 911)
Infecté par: Generic.Peed.Eml.CF9EAF80
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 923)
Infecté par: Generic.Peed.Eml.8C0D549E
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 925)
Infecté par: Generic.Peed.Eml.72B1CF21
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 928)
Infecté par: Generic.Peed.Eml.B4081D8C
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 933)
Infecté par: Generic.Peed.Eml.8B65EA36
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 934)
Infecté par: Generic.Peed.Eml.EBE40DC9
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 937)
Infecté par: Generic.Peed.Eml.6864FAB4
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 943)
Infecté par: Generic.Peed.Eml.712BB407
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 951)
Infecté par: Generic.Peed.Eml.56A8FA51
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 954)
Infecté par: Generic.Peed.Eml.27F65588
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 955)
Infecté par: Generic.Peed.Eml.1A7E0A24
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 956)
Infecté par: Generic.Peed.Eml.F12E7CDF
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 957)
Infecté par: Generic.Peed.Eml.0669F95E
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 958)
Infecté par: Generic.Peed.Eml.76A0E38B
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 959)
Infecté par: Generic.Peed.Eml.F49FCDAA
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 960)
Infecté par: Generic.Peed.Eml.225A23AE
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 962)
Infecté par: Generic.Peed.Eml.F2BFA659
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 981)
Infecté par: Generic.Peed.Eml.55379FD5
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 983)
Infecté par: Generic.Peed.Eml.EB539359
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 984)
Infecté par: Generic.Peed.Eml.7F795C67
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 985)
Infecté par: Generic.Peed.Eml.F52BFCA6
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 990)
Infecté par: Generic.Peed.Eml.A9E6DF5A
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 994)
Infecté par: Generic.Peed.Eml.C15A78D2
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{1E85803C-686D-443F-A20D-8A2F6118520D}\Microsoft\Outlook Express\Boîte de réception.dbx=>(message 710)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Wed, 21 Jun 2006 04:05:01 +0300]=>(MIME part)=>(MIME part)=>(message body)
Infecté par: Exploit.Iframe.Vulnerability.B
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Boîte de réception.dbx=>(message 1177)
Infecté par: Generic.Peed.Eml.994272CC
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Boîte de réception.dbx=>(message 9448)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Wed, 21 Jun 2006 04:05:01 +0300]=>(MIME part)=>(MIME part)=>(message body)
Infecté par: Exploit.Iframe.Vulnerability.B
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 443)
Infecté par: Generic.Peed.Eml.7FDDA6E7
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 447)
Infecté par: Generic.Peed.Eml.FE2620C0
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 452)
Infecté par: Generic.Peed.Eml.E75E80BD
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 453)
Infecté par: Generic.Peed.Eml.8EF237FC
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 454)
Infecté par: Generic.Peed.Eml.42813806
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 456)
Infecté par: Generic.Peed.Eml.2827D352
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 474)
Infecté par: Generic.Peed.Eml.0656427A
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 475)
Infecté par: Generic.Peed.Eml.6CA051FD
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 477)
Infecté par: Generic.Peed.Eml.12304A99
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 478)
Infecté par: Generic.Peed.Eml.F3D3AED9
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 479)
Infecté par: Generic.Peed.Eml.B6139B37
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 480)
Infecté par: Generic.Peed.Eml.971334DF
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 481)
Infecté par: Generic.Peed.Eml.04F7A03F
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 482)
Infecté par: Generic.Peed.Eml.BBC52364
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 483)
Infecté par: Generic.Peed.Eml.53E3FBCB
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 486)
Infecté par: Generic.Peed.Eml.24298EFC
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 494)
Infecté par: Generic.Peed.Eml.DD7F637A
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 500)
Infecté par: Generic.Peed.Eml.8CE296A6
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 503)
Infecté par: Generic.Peed.Eml.7066AF07
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 504)
Infecté par: Generic.Peed.Eml.7CF77B69
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 509)
Infecté par: Generic.Peed.Eml.6277048A
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 512)
Infecté par: Generic.Peed.Eml.E473C81A
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 514)
Infecté par: Generic.Peed.Eml.0B96069E
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 530)
Infecté par: Generic.Peed.Eml.0092F140
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 535)
Infecté par: Generic.Peed.Eml.0494A5CB
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 538)
Infecté par: Generic.Peed.Eml.AB0CD9EF
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 540)
Infecté par: Generic.Peed.Eml.3009189A
F:\Downloads\applications\Alcohol120.v1.4.6.(Build.711)-crack.rar=>REGPATCH.EXE
Infecté par: Trojan.Regpat.A
F:\Downloads\applications\IMSI.FLOORPLAN.3D.DESIGN.SUITE.V9.0-TDA.bin=>CRACK/ssg-fp9.exe
Infecté par: Packer.FSG.A
Voici le raaport bit defender :
BitDefender Online Scanner
Rapport d'analyse généré à: Mon, Jan 07, 2008 - 08:51:17
Voie d'analyse: A:\;C:\;D:\;E:\;F:\;G:\;H:\;I:\;J:\;K:\;M:\;N:\;O:\;P:\;
Statistiques
Temps
18:32:48
Fichiers
2403931
Directoires
39958
Secteurs de boot
6
Archives
401760
Paquets programmes
69558
Résultats
Virus identifiés
91
Fichiers infectés
150
Fichiers suspects
0
Avertissements
0
Désinfectés
0
Fichiers effacés
0
Info sur les moteurs
Définition virus
885530
Version des moteurs
AVCORE v1.0 (build 2422) (i386) (Sep 25 2007 08:26:36)
Analyse des plugins
14
Archive des plugins
38
Unpack des plugins
7
E-mail plugins
6
Système plugins
1
Paramètres d'analyse
Première action
Rapport
Seconde Action
__SECACT__
Heuristique
Oui
Acceptez les avertissements
Oui
Extensions analysées
*;
Excludez les extensions
Analyse d'emails
Oui
Analyse des Archives
Oui
Analyser paquets programmes
Oui
Analyse des fichiers
Oui
Analyse de boot
Oui
Fichier analysé
Statut
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Inbox=>(message 16967)
Infecté par: Generic.Peed.Eml.21C9FF8B
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1792)
Infecté par: Generic.Peed.Eml.4708C3B3
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1794)
Infecté par: Generic.Peed.Eml.460DEBCF
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1797)
Infecté par: Generic.Peed.Eml.CB455CC5
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1802)
Infecté par: Generic.Peed.Eml.F001A4CE
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1806)
Infecté par: Generic.Peed.Eml.CF9EAF80
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1818)
Infecté par: Generic.Peed.Eml.8C0D549E
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1820)
Infecté par: Generic.Peed.Eml.72B1CF21
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1823)
Infecté par: Generic.Peed.Eml.B4081D8C
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1828)
Infecté par: Generic.Peed.Eml.8B65EA36
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1829)
Infecté par: Generic.Peed.Eml.EBE40DC9
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1832)
Infecté par: Generic.Peed.Eml.6864FAB4
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1838)
Infecté par: Generic.Peed.Eml.712BB407
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1846)
Infecté par: Generic.Peed.Eml.56A8FA51
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1849)
Infecté par: Generic.Peed.Eml.27F65588
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1850)
Infecté par: Generic.Peed.Eml.1A7E0A24
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1851)
Infecté par: Generic.Peed.Eml.F12E7CDF
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1852)
Infecté par: Generic.Peed.Eml.0669F95E
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1853)
Infecté par: Generic.Peed.Eml.76A0E38B
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1854)
Infecté par: Generic.Peed.Eml.F49FCDAA
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1855)
Infecté par: Generic.Peed.Eml.225A23AE
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1857)
Infecté par: Generic.Peed.Eml.F2BFA659
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1876)
Infecté par: Generic.Peed.Eml.55379FD5
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1878)
Infecté par: Generic.Peed.Eml.EB539359
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1879)
Infecté par: Generic.Peed.Eml.7F795C67
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1880)
Infecté par: Generic.Peed.Eml.F52BFCA6
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1885)
Infecté par: Generic.Peed.Eml.A9E6DF5A
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders\Trash=>(message 1889)
Infecté par: Generic.Peed.Eml.C15A78D2
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Boîte de réception=>(message 7988)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Wed, 21 Jun 2006 04:05:01 +0300]=>(MIME part)=>(MIME part)=>(message body)
Infecté par: Exploit.Iframe.Vulnerability.B
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 897)
Infecté par: Generic.Peed.Eml.4708C3B3
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 899)
Infecté par: Generic.Peed.Eml.460DEBCF
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 902)
Infecté par: Generic.Peed.Eml.CB455CC5
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 907)
Infecté par: Generic.Peed.Eml.F001A4CE
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 911)
Infecté par: Generic.Peed.Eml.CF9EAF80
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 923)
Infecté par: Generic.Peed.Eml.8C0D549E
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 925)
Infecté par: Generic.Peed.Eml.72B1CF21
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 928)
Infecté par: Generic.Peed.Eml.B4081D8C
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 933)
Infecté par: Generic.Peed.Eml.8B65EA36
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 934)
Infecté par: Generic.Peed.Eml.EBE40DC9
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 937)
Infecté par: Generic.Peed.Eml.6864FAB4
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 943)
Infecté par: Generic.Peed.Eml.712BB407
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 951)
Infecté par: Generic.Peed.Eml.56A8FA51
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 954)
Infecté par: Generic.Peed.Eml.27F65588
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 955)
Infecté par: Generic.Peed.Eml.1A7E0A24
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 956)
Infecté par: Generic.Peed.Eml.F12E7CDF
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 957)
Infecté par: Generic.Peed.Eml.0669F95E
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 958)
Infecté par: Generic.Peed.Eml.76A0E38B
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 959)
Infecté par: Generic.Peed.Eml.F49FCDAA
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 960)
Infecté par: Generic.Peed.Eml.225A23AE
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 962)
Infecté par: Generic.Peed.Eml.F2BFA659
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 981)
Infecté par: Generic.Peed.Eml.55379FD5
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 983)
Infecté par: Generic.Peed.Eml.EB539359
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 984)
Infecté par: Generic.Peed.Eml.7F795C67
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 985)
Infecté par: Generic.Peed.Eml.F52BFCA6
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 990)
Infecté par: Generic.Peed.Eml.A9E6DF5A
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\Local Folders2\Éléments supprimés=>(message 994)
Infecté par: Generic.Peed.Eml.C15A78D2
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Boîte de réception=>(message 7988)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Wed, 21 Jun 2006 04:05:01 +0300]=>(MIME part)=>(MIME part)=>(message body)
Infecté par: Exploit.Iframe.Vulnerability.B
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 897)
Infecté par: Generic.Peed.Eml.4708C3B3
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 899)
Infecté par: Generic.Peed.Eml.460DEBCF
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 902)
Infecté par: Generic.Peed.Eml.CB455CC5
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 907)
Infecté par: Generic.Peed.Eml.F001A4CE
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 911)
Infecté par: Generic.Peed.Eml.CF9EAF80
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 923)
Infecté par: Generic.Peed.Eml.8C0D549E
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 925)
Infecté par: Generic.Peed.Eml.72B1CF21
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 928)
Infecté par: Generic.Peed.Eml.B4081D8C
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 933)
Infecté par: Generic.Peed.Eml.8B65EA36
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 934)
Infecté par: Generic.Peed.Eml.EBE40DC9
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 937)
Infecté par: Generic.Peed.Eml.6864FAB4
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 943)
Infecté par: Generic.Peed.Eml.712BB407
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 951)
Infecté par: Generic.Peed.Eml.56A8FA51
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 954)
Infecté par: Generic.Peed.Eml.27F65588
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 955)
Infecté par: Generic.Peed.Eml.1A7E0A24
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 956)
Infecté par: Generic.Peed.Eml.F12E7CDF
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 957)
Infecté par: Generic.Peed.Eml.0669F95E
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 958)
Infecté par: Generic.Peed.Eml.76A0E38B
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 959)
Infecté par: Generic.Peed.Eml.F49FCDAA
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 960)
Infecté par: Generic.Peed.Eml.225A23AE
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 962)
Infecté par: Generic.Peed.Eml.F2BFA659
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 981)
Infecté par: Generic.Peed.Eml.55379FD5
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 983)
Infecté par: Generic.Peed.Eml.EB539359
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 984)
Infecté par: Generic.Peed.Eml.7F795C67
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 985)
Infecté par: Generic.Peed.Eml.F52BFCA6
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 990)
Infecté par: Generic.Peed.Eml.A9E6DF5A
C:\Documents and Settings\dubos\Application Data\Thunderbird\Profiles\kfs6vvyn.default\Mail\pop.tiscali.fr\Éléments supprimés=>(message 994)
Infecté par: Generic.Peed.Eml.C15A78D2
C:\QooBox\Quarantine\C\WINDOWS\system32\avwavh.dll.vir
Infecté par: Trojan.Spy.Bzub.NGP
C:\System Volume Information\_restore{90FEB88B-5CE9-42F4-BFE3-0D0D3AF97BD4}\RP3\A0000143.dll
Infecté par: Trojan.Spy.Bzub.NGP
D:\Downloads\applications\Alcohol120.v1.4.6.(Build.711)-crack.rar=>REGPATCH.EXE
Infecté par: Trojan.Regpat.A
D:\Downloads\applications\IMSI.FLOORPLAN.3D.DESIGN.SUITE.V9.0-TDA.bin=>CRACK/ssg-fp9.exe
Infecté par: Packer.FSG.A
F:\Documents and Settings\xp\.housecall6.6\Quarantine\Alcatel (Unlock - Débloquer - Programme).rar.bac_a02300=>(Quarantine-4)=>Alcatel\DIVERS\989_alcabe5unleuro.zip=>alcabe5unl.exe
Infecté par: Trojan.Win32.Belocker.A
F:\Documents and Settings\xp\.housecall6.6\Quarantine\Alcatel (Unlock - Débloquer - Programme).rar.bac_a03456=>(Quarantine-4)=>Alcatel\DIVERS\989_alcabe5unleuro.zip=>alcabe5unl.exe
Infecté par: Trojan.Win32.Belocker.A
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Boîte de réception=>(message 7988)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Wed, 21 Jun 2006 04:05:01 +0300]=>(MIME part)=>(MIME part)=>(message body)
Infecté par: Exploit.Iframe.Vulnerability.B
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 897)
Infecté par: Generic.Peed.Eml.4708C3B3
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 899)
Infecté par: Generic.Peed.Eml.460DEBCF
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 902)
Infecté par: Generic.Peed.Eml.CB455CC5
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 907)
Infecté par: Generic.Peed.Eml.F001A4CE
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 911)
Infecté par: Generic.Peed.Eml.CF9EAF80
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 923)
Infecté par: Generic.Peed.Eml.8C0D549E
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 925)
Infecté par: Generic.Peed.Eml.72B1CF21
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 928)
Infecté par: Generic.Peed.Eml.B4081D8C
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 933)
Infecté par: Generic.Peed.Eml.8B65EA36
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 934)
Infecté par: Generic.Peed.Eml.EBE40DC9
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 937)
Infecté par: Generic.Peed.Eml.6864FAB4
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 943)
Infecté par: Generic.Peed.Eml.712BB407
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 951)
Infecté par: Generic.Peed.Eml.56A8FA51
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 954)
Infecté par: Generic.Peed.Eml.27F65588
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 955)
Infecté par: Generic.Peed.Eml.1A7E0A24
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 956)
Infecté par: Generic.Peed.Eml.F12E7CDF
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 957)
Infecté par: Generic.Peed.Eml.0669F95E
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 958)
Infecté par: Generic.Peed.Eml.76A0E38B
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 959)
Infecté par: Generic.Peed.Eml.F49FCDAA
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 960)
Infecté par: Generic.Peed.Eml.225A23AE
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 962)
Infecté par: Generic.Peed.Eml.F2BFA659
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 981)
Infecté par: Generic.Peed.Eml.55379FD5
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 983)
Infecté par: Generic.Peed.Eml.EB539359
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 984)
Infecté par: Generic.Peed.Eml.7F795C67
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 985)
Infecté par: Generic.Peed.Eml.F52BFCA6
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 990)
Infecté par: Generic.Peed.Eml.A9E6DF5A
F:\Documents and Settings\xp\Application Data\Thunderbird\Profiles\k9hlrrjg.default\Mail\Local Folders\Éléments supprimés=>(message 994)
Infecté par: Generic.Peed.Eml.C15A78D2
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{1E85803C-686D-443F-A20D-8A2F6118520D}\Microsoft\Outlook Express\Boîte de réception.dbx=>(message 710)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Wed, 21 Jun 2006 04:05:01 +0300]=>(MIME part)=>(MIME part)=>(message body)
Infecté par: Exploit.Iframe.Vulnerability.B
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Boîte de réception.dbx=>(message 1177)
Infecté par: Generic.Peed.Eml.994272CC
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Boîte de réception.dbx=>(message 9448)=>[Subject: [avast! - INFECTED] Mail Delivery (f][Date: Wed, 21 Jun 2006 04:05:01 +0300]=>(MIME part)=>(MIME part)=>(message body)
Infecté par: Exploit.Iframe.Vulnerability.B
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 443)
Infecté par: Generic.Peed.Eml.7FDDA6E7
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 447)
Infecté par: Generic.Peed.Eml.FE2620C0
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 452)
Infecté par: Generic.Peed.Eml.E75E80BD
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 453)
Infecté par: Generic.Peed.Eml.8EF237FC
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 454)
Infecté par: Generic.Peed.Eml.42813806
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 456)
Infecté par: Generic.Peed.Eml.2827D352
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 474)
Infecté par: Generic.Peed.Eml.0656427A
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 475)
Infecté par: Generic.Peed.Eml.6CA051FD
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 477)
Infecté par: Generic.Peed.Eml.12304A99
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 478)
Infecté par: Generic.Peed.Eml.F3D3AED9
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 479)
Infecté par: Generic.Peed.Eml.B6139B37
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 480)
Infecté par: Generic.Peed.Eml.971334DF
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 481)
Infecté par: Generic.Peed.Eml.04F7A03F
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 482)
Infecté par: Generic.Peed.Eml.BBC52364
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 483)
Infecté par: Generic.Peed.Eml.53E3FBCB
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 486)
Infecté par: Generic.Peed.Eml.24298EFC
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 494)
Infecté par: Generic.Peed.Eml.DD7F637A
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 500)
Infecté par: Generic.Peed.Eml.8CE296A6
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 503)
Infecté par: Generic.Peed.Eml.7066AF07
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 504)
Infecté par: Generic.Peed.Eml.7CF77B69
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 509)
Infecté par: Generic.Peed.Eml.6277048A
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 512)
Infecté par: Generic.Peed.Eml.E473C81A
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 514)
Infecté par: Generic.Peed.Eml.0B96069E
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 530)
Infecté par: Generic.Peed.Eml.0092F140
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 535)
Infecté par: Generic.Peed.Eml.0494A5CB
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 538)
Infecté par: Generic.Peed.Eml.AB0CD9EF
F:\Documents and Settings\xp\Local Settings\Application Data\Identities\{E82D4491-88D9-4E90-8BF3-963B52DB179D}\Microsoft\Outlook Express\Éléments supprimés.dbx=>(message 540)
Infecté par: Generic.Peed.Eml.3009189A
F:\Downloads\applications\Alcohol120.v1.4.6.(Build.711)-crack.rar=>REGPATCH.EXE
Infecté par: Trojan.Regpat.A
F:\Downloads\applications\IMSI.FLOORPLAN.3D.DESIGN.SUITE.V9.0-TDA.bin=>CRACK/ssg-fp9.exe
Infecté par: Packer.FSG.A
Mab24
Messages postés
15
Date d'inscription
mercredi 2 janvier 2008
Statut
Membre
Dernière intervention
22 janvier 2008
6 janv. 2008 à 11:54
6 janv. 2008 à 11:54
Et celui de hijack !
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53:41, on 07/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\System32\sstray.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\BeClean\bca.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\WinPortrait\floater.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Alwil Software\Avast4\ashLogV.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fr.netscape.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.fr.netscape.com/fr/home/winsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.fr.netscape.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N1 - Netscape 4: user_pref("browser.startup.homepage", ""); (C:\Program Files\Netscape\Users\jluc\prefs.js)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BeClean Start-Up Clean] C:\Program Files\BeClean\BeClean.exe /s
O4 - HKLM\..\Run: [BeClean Agent] C:\Program Files\BeClean\bca.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/2328ee0e86968d964622/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/dubos/LOCALS~1/Temp/msohtml1/01/clip_image003.gif
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:53:41, on 07/01/2008
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp3\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\MSI\Live Update 3\LMonitor.exe
C:\WINDOWS\System32\sstray.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\Program Files\WinPortrait\wpctrl.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\BeClean\bca.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\WinPortrait\floater.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Alwil Software\Avast4\ashLogV.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://home.fr.netscape.com/fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.fr.netscape.com/fr/home/winsearch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://home.fr.netscape.com/fr/home/winsearch200.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://home.fr.netscape.com/fr/home/winsearch.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.fr.netscape.com/fr/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://keyword.fr.netscape.com/keyword/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
N1 - Netscape 4: user_pref("browser.startup.homepage", ""); (C:\Program Files\Netscape\Users\jluc\prefs.js)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Ptipbmf] rundll32.exe ptipbmf.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Program Files\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LiveMonitor] C:\Program Files\MSI\Live Update 3\LMonitor.exe
O4 - HKLM\..\Run: [nForce Tray Options] sstray.exe /r
O4 - HKLM\..\Run: [WinSys2] C:\WINDOWS\System32\winsys2.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PivotSoftware] "C:\Program Files\WinPortrait\wpctrl.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [BeClean Start-Up Clean] C:\Program Files\BeClean\BeClean.exe /s
O4 - HKLM\..\Run: [BeClean Agent] C:\Program Files\BeClean\bca.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Exif Launcher.lnk = C:\Program Files\FinePixViewer\QuickDCF.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - C:\Program Files\WinHTTrack\WinHTTrackIEBar.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - https://www.cult3d.com/
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/2328ee0e86968d964622/netzip/RdxIE601_fr.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan_fr/scan8/oscan8.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O24 - Desktop Component 0: (no name) - file:///C:/DOCUME~1/dubos/LOCALS~1/Temp/msohtml1/01/clip_image003.gif
21 févr. 2008 à 22:13
Scan saved at 22:11:38, on 21/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Media Manager\airsvcu.exe
C:\Program Files\Fichiers communs\NMSAccessU.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\VM_STI.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\TomTom HOME 2\HOMERunner.exe
C:\Program Files\Fichiers communs\SansenDommagement\strpmon.exe
C:\Program Files\Fichiers communs\Nettordinateur\stm.exe
C:\Program Files\Fichiers communs\TrojansFiltre\bm.exe
C:\Program Files\Fichiers communs\NettoyeurDePC\stm.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\PROGRA~1\INCRED~1\bin\ImNotfy.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://mystart.incredimail.com/french
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = https://www.bing.com/?FORM=TOOLBR&cc=fr&toHttps=1&redig=4527FFF1C12746FC9EDB535C75E80ECC
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Search Assistant - {1648E328-3E5A-4EA5-A9C6-E5F09EE272DA} - C:\WINDOWS\system32\adssite_sidebar.dll
O2 - BHO: BrowserCmp - {1D8282E6-BC4F-469B-AAED-7E4FF077AD93} - C:\WINDOWS\system32\iebrowserc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {90389E6E-C44D-4FF0-A216-C612C185BF1B} - C:\WINDOWS\system32\d3dxo.dll
O2 - BHO: ads_optimizer - {9C8A568E-4201-478a-8536-526CF371D2E2} - C:\WINDOWS\system32\nsl44B.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Adssite Toolbar - {41C29B07-6F91-4966-91BE-2E2841643C83} - C:\Program Files\Adssite Advanced Toolbar\toolbar.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\HOMERunner.exe" -s
O4 - HKLM\..\Run: [Salestart] "C:\Program Files\Fichiers communs\SansenDommagement\strpmon.exe" dm=http://sansendommagement.com; ad=http://sansendommagement.com
O4 - HKLM\..\Run: [postSetupCheck] C:\WINDOWS\System32\Rundll32.exe "C:\WINDOWS\system32\gzmrt.dll" DllStart
O4 - HKLM\..\Run: [Salestart(2)] "C:\Program Files\Fichiers communs\Nettordinateur\stm.exe" dm=http://nettordinateur.com ad=http://nettordinateur.com sd=http://paylogs.nettordinateur.com
O4 - HKLM\..\Run: [bm] "C:\Program Files\Fichiers communs\TrojansFiltre\bm.exe" dm=http://trojansfiltre.com ad=http://trojansfiltre.com sd=http://gregistre.trojansfiltre.com
O4 - HKLM\..\Run: [ptask] C:\Program Files\TrojansFiltre\ptask.exe
O4 - HKLM\..\Run: [Salestart(3)] "C:\Program Files\Fichiers communs\NettoyeurDePC\stm.exe" dm=http://nettoyeurdepc.com ad=http://nettoyeurdepc.com sd=http://paylogs.nettoyeurdepc.com
O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Présentation de Media Manager.lnk = C:\Program Files\Fichiers communs\Microsoft Shared\Media Manager\SPLASHA.EXE
O4 - Startup: WKCALREM.LNK = C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {3DA5D23B-EFE1-4181-ADB7-7D457567AACA} (TGOnlineCtrl Class) - http://www.msnjeux.com/online2/MSN_INTL_FRANCE/panda_craze/pandaonline.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase4009.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE3409C4-9E26-4F8E-83E4-778498F9E7B4} (PB_Uploader Class) - https://www.photobox.fr/?channel=1005
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://www.gamehouse.com/realarcade-webgames/insaniquarium/popcaploader.cab
O16 - DPF: {E1342154-4889-42B5-BEF6-19237577048F} (OberongamesLoader Object) - http://msnfr.oberon-media.com/online2/MSN_INTL_FRANCE/insaniquarium/Oberongamesloader.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\Fichiers communs\NMSAccessU.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe