problème avec google, virus? Résolu

Question

Bonjour, depuis plusieurs jours, je cherche une réponse a ma question.
J'espère tout d'abord que mon post est bien dans le dossier qui correspond.
Je disais donc: j'ai un problème lorsque je vais sur Google, lorsque je tape une recherche, les résultats s'affichent, mais lorsque je clique sur l'un d'eux, une page publicitaire s'affiche (dailytotal) j'ai Firefox et je suis sous windows xp pro. j'ai vu plusieurs problèmes similaires sur d'autres forums, et on demandait un scan avec hijackthis, c'est ce que j'ai fait. mais les problèmes et les programmes identifiés ne sont pas les même que moi... j'ai donc obtenu le log suivant :
    
Logfile of HijackThis v1.99.1
Scan saved at 20:49:04, on 05/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\aswUpdSv.exe
C:\Program Files\Antivirus\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\ANTIVI~1\ashDisp.exe
C:\Program Files\Antivirus\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PartyGaming\PartyGaming.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Hijackthis\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:///???*??Q???????*???7
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,setup32.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O2 - BHO: GetRight IE Download Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [MaBtSh] C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [qatdnzw] c:\windows\system32\qatdnzw.exe qatdnzw
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\ashDisp.exe
O4 - HKLM\..\RunServices: [Microsoftf DDEs ContrDL] runm.pif
O4 - HKCU\..\Run: [Steam] "E:\APPS\steam\Steam.exe" -silent
O4 - HKCU\..\Run: [lzkusdbyzv] c:\windows\system32\lzkusdbyzv.exe lzkusdbyzv
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O17 - HKLM\System\CCS\Services\Tcpip\..\{316C3D62-8D7D-45D4-93A5-FA3A32975D0E}: NameServer = 85.255.115.156,85.255.112.172
O17 - HKLM\System\CCS\Services\Tcpip\..\{38D51EDA-06D9-433A-BA2D-704570C112F7}: NameServer = 85.255.115.156,85.255.112.172
O17 - HKLM\System\CCS\Services\Tcpip\..\{B3E3C845-A887-4E4C-B0FA-06F68BAE89B1}: NameServer = 85.255.115.156,85.255.112.172
O17 - HKLM\System\CCS\Services\Tcpip\..\{C8EAC354-0081-4636-AE10-4EA18410D7FF}: NameServer = 85.255.115.156,85.255.112.172
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3897345-CD62-49F7-9EAD-0624B5011933}: NameServer = 85.255.115.156,85.255.112.172
O17 - HKLM\System\CCS\Services\Tcpip\..\{E77DF721-9540-4FC8-91F3-B0F291E29569}: NameServer = 85.255.115.156,85.255.112.172
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.115.156 85.255.112.172
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.115.156 85.255.112.172
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Antivirus\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Antivirus\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\BIN\Zanda.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\System32
vsvc32.exe (file missing)
O23 - Service: olMntrService - Olivetti - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: Pptp55islnt - Unknown owner - (no file)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - d:\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - d:\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

en espérant que vous puissiez m'apporter votre aide.
merci!

FillPCA · Answer

Salut,

Oui, il y aplusieurs infections.

    *  Télécharge Navilog1 de Il-Mafioso : http://perso.orange.fr/il.mafioso/Navifix/Navilog1.exe
    * Installe-le en cliquant sur le fichier Navilog1.exe,
    * Une fois l'installation terminée, le fix s'exécutera automatiquement. Si ce n'est pas le cas, double-cliquer dans ce cas sur le raccourci  Navilog1 présent sur le bureau.
    * Laisse-toi guider par les indications qui apparaissent.
    * Au menu principal, choisis 1 et valide par Entrée. Ne fais pas le choix 2,3 ou 4 sans l'avis de la personne qui t'aide.
    * Patiente jusqu'au message : *** Analyse terminée le ..... ***
    * Appuie sur une touche comme demandé, le bloc-note va s'ouvrir.
    * Copie-colle l'intégralité dans ta prochaine réponse.
    * Referme le bloc-note.
    * Le rapport sera sauvegardé dans le dossier sous fixnavi.txt.

FillPCA

LiiSa · Answer

Bon, c'est qwa ce http://???**?  =O

FillPCA · Answer

Salut,
Sans doute un start page Hijacker.

FillPCA

theodiablo · Answer

voila merci pour cette réponse rapide :)

Search Navipromo version 3.4.2 commencé le 05/02/2008 à 21:33:45,31

!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!

Outil exécuté depuis C:\Program Files
avilog1
Mise à jour le 27.01.2008 à 17h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180 
Système de fichiers : NTFS

Executé en mode normal

*** Recherche Programmes installés ***


SudoPlanet


*** Recherche dossiers dans C:\WINDOWS ***



*** Recherche dossiers dans C:\Program Files ***

C:\Program Files\SudoPlanet trouvé !


*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***




*** Recherche dossiers dans "C:\Documents and Settings\helene\application data" *** 



*** Recherche dossiers dans "C:\Documents and Settings\helene\local settings\application data" *** 



*** Recherche dossiers dans "C:\Documents and Settings\helene\MENUDM~1\PROGRA~1" *** 

...\SudoPlanet trouvé !

*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***


*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net

!! Fichier(s)/processus caché(s) différent(s) !!
!! Résultat Catchme non pris en compte par Navilog1 !!


*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!

* Recherche dans C:\WINDOWS\system32 *

Fichiers trouvés :

gxboua.exe trouvé ! 
yuuvlnqgl.exe trouvé ! 
yuuvlnqgl.dat trouvé ! 
yuuvlnqgl_nav.dat trouvé ! 
yuuvlnqgl_navps.dat trouvé ! 

* Recherche dans "C:\Documents and Settings\helene\local settings\application data" * 



*** Recherche fichiers *** 


c:\documents and settings\helene\bureau\SudoPlanet.lnk trouvé !
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32
vs2.inf trouvé !


*** Recherche clés spécifiques dans le Registre ***

HKEY_CURRENT_USER\Software\Lanconfig trouvé ! 

*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Recherche nouveaux fichiers Instant Access :


2)Recherche Heuristique :

* Dans C:\WINDOWS\system32 :

ivpmso.dat trouvé !
qcxxkx.exe trouvé !

* Dans "C:\Documents and Settings\helene\local settings\application data" : 


3)Recherche Certificats :

Certificat Egroup trouvé !

4)Recherche fichiers connus :



*** Analyse terminée le 05/02/2008 à 21:37:40,56 ***
 que faire maintenant

FillPCA · Answer

Re,

Une des infections est liée à l'installation de Sudoplanet.

1/     *  Tu relances Navilog et cette fois tu choisis l'option 2. 
    * Le programme t'avertit que le PC va redémarrer.
    * Ferme alors toutes les fenêtres et enregistre les documents personnels ouverts.
    * Appuie sur une touche comme il est demandé. Si le PC ne redémarre pas, fais-le toi-même.
    * Au redémarrage de ton PC, choisis ta session habituelle,
    * Patiente jusqu'au message : "Nettoyage terminé le ...",
    * Le bloc-note va s'ouvrir. Sauvegarde le rapport afin de le retrouver.
    * Referme le bloc-note. Ton bureau va ré-apparaître.

NB : S'il ne le fait pas, fais CTRL+ALT+SUP pour faire apparaître le gestionnaire de tâches.
Rends-toi à l'onglet Processus, clique en haut à gauche sur "Fichiers" et choisis "Exécuter". Tape "explorer" et valide. Cela te fera ré-apparaître ton Bureau.

    * Poste le rapport Navilog1

2/     *  Télécharge FixWareout d'un de ces deux sites sur le bureau:

http://downloads.subratam.org/Fixwareout.exe
http://swandog46.geekstogo.com/Fixwareout.exe

    * Lance le fix: clique sur Next, puis Install, puis assure toi que "Run fixit" est activé puis clique sur Finish.
    * Le fix va commencer, suis les messages à l'écran. 
    * Il te sera demandé de redémarrer ton ordinateur, fais le. Ton système mettra un peu plus de temps au démarrage, c'est normal.
    * Poste (Copie/colle) le contenu du rapport qui va s'afficher à l'écran (report.txt)

3/     *  Télécharge DiagHelp.zip sur ton bureau(Merci Malekal) : http://www.malekal.com/download/DiagHelp.zip
 Tuto : http://www.malekal.com/DiagHelp/DiagHelp.php
    * Ne double-clique pas dessus !! Fais un clic droit sur le fichier et extraire tout.
    * Un nouveau dossier chercher va être créé.
    * Ouvre le et double-clic sur go.cmd (le .cmd peut ne pas apparaître)
    * Une fenêtre va s'ouvrir, choisis l'option 1
    * L'analyse va commencer, ceci peut durer quelques minutes, laisse faire et appuie sur une touche quand on te le demande.
    * Pendant l'analyse après le rapport CATCHME sur l'écran rouge, tu dois appuyer sue entrée pour que l'outil continue ses recherches. Suis les consignes écrites.
    * Une fenêtre avec le rapport s'ouvre alors. Copie/colle son contenu. (Il se trouve aussi ici : c:\resultat.txt)
    * Double-clique sur ce fichier, Fais CTRL+A puis CTRL+C.
    * Dans ta prochaine réponse, colle le rapport en faisant CTRL+V.

4/ # Télécharge SREng (de Smallfrogs) : http://www.kztechs.com/eng/download.html
# Dézippe tout son contenu sur ton bureau (clic droit >Extraire ici).
# Ouvre le dossier SReng2 et double-clique sur SREngPS.exe.
# Clique sur "smart scan".
# Clique sur le bouton "scan".
# Quand l'analyse est terminée, clique sur le bouton "save reports".
# Sauvegarde alors le rapport sur ton bureau.
# Copie/colle le contenu du rapport  SREnglLOG.log dans ta prochaine réponse.

5/ Edite aussi un rapport Hijackthis.

FillPCA

theodiablo · Answer

voila ce que j'obtien avec navigo:

Clean Navipromo version 3.4.2 commencé le 05/02/2008 à 22:04:34,48

Outil exécuté depuis C:\Program Files
avilog1
Mise à jour le 27.01.2008 à 17h00 par IL-MAFIOSO


Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 6.0.2900.2180
Système de fichiers : NTFS

Mode suppression automatique 
avec prise en charge résultats Catchme et GNS


 
*** fsbl1.txt non trouvé ***
(Assurez-vous que Catchme n'avait rien trouvé lors de la recherche)
 

*** Suppression avec sauvegardes résultats GenericNaviSearch ***

* Suppression dans C:\WINDOWS\System32 *

gxboua.exe trouvé !
Copie gxboua.exe réalisée avec succès !
gxboua.exe supprimé !

yuuvlnqgl.exe trouvé !
Copie yuuvlnqgl.exe réalisée avec succès !
yuuvlnqgl.exe supprimé !

yuuvlnqgl.dat trouvé !
Copie yuuvlnqgl.dat réalisée avec succès !
yuuvlnqgl.dat supprimé !

yuuvlnqgl_nav.dat trouvé !
Copie yuuvlnqgl_nav.dat réalisée avec succès !
yuuvlnqgl_nav.dat supprimé !

yuuvlnqgl_navps.dat trouvé !
Copie yuuvlnqgl_navps.dat réalisée avec succès !
yuuvlnqgl_navps.dat supprimé !


* Suppression dans "C:\Documents and Settings\helene\local settings\application data" * 



*** Suppression dossiers dans C:\WINDOWS ***


*** Suppression dossiers dans C:\Program Files ***

C:\Program Files\SudoPlanet ...suppression... 
C:\Program Files\SudoPlanet supprimé ! 


*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\APPLIC~1 ***


*** Suppression dossiers dans "C:\Documents and Settings\helene\application data" *** 


*** Suppression dossiers dans "C:\Documents and Settings\helene\local settings\application data" *** 


*** Suppression dossiers dans "C:\Documents and Settings\helene\MENUDM~1\PROGRA~1" *** 

...\SudoPlanet ...suppression... 
...\SudoPlanet supprimé ! 


*** Suppression dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***



*** Suppression fichiers ***

c:\documents and settings\helene\bureau\SudoPlanet.lnk supprimé !
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32
vs2.inf supprimé !

*** Suppression fichiers temporaires ***

Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\helene\local settings\Temp effectué !

*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)

1)Suppression avec sauvegardes nouveaux fichiers Instant Access :

2)Recherche, création sauvegardes et suppression Heuristique :


* Dans C:\WINDOWS\system32 *

ivpmso.dat trouvé !
Copie ivpmso.dat réalisée avec succès !
ivpmso.dat supprimé !

ivpmso_nav.dat trouvé !
Copie ivpmso_nav.dat réalisée avec succès !
ivpmso_nav.dat supprimé !

qcxxkx.exe trouvé !
Copie qcxxkx.exe réalisée avec succès !
qcxxkx.exe supprimé !

ivpmso.exe trouvé !
Copie ivpmso.exe réalisée avec succès !
ivpmso.exe supprimé !

ivpmso_navps.dat trouvé !
Copie ivpmso_navps.dat réalisée avec succès !
ivpmso_navps.dat supprimé !

C:\WINDOWS\prefetch\ivpmso*.pf trouvé !
Copie C:\WINDOWS\prefetch\ivpmso*.pf réalisée avec succès !
C:\WINDOWS\prefetch\ivpmso*.pf supprimé !


* Dans "C:\Documents and Settings\helene\local settings\application data" * 


*** Sauvegarde du Registre vers dossier Backupnavi ***

sauvegarde du Registre réalisée avec succès !

*** Nettoyage Registre ***

Nettoyage Registre Ok


*** Certificats ***

Certificat Egroup supprimé !

*** Nettoyage terminé le 05/02/2008 à 22:09:03,59 ***

theodiablo · Answer

voila avec fixwareout

Username "user" - 05/02/2008 22:12:04 [Fixwareout edited 9/01/2007]

~~~~~ Prerun check
HKLM\SOFTWARE\~\Winlogon\ "System"="kdlns.exe"

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
"nameserver"="85.255.115.156 85.255.112.172" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{316C3D62-8D7D-45D4-93A5-FA3A32975D0E} 
"nameserver"="85.255.115.156,85.255.112.172" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{38D51EDA-06D9-433A-BA2D-704570C112F7} 
"nameserver"="85.255.115.156,85.255.112.172" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{B3E3C845-A887-4E4C-B0FA-06F68BAE89B1} 
"nameserver"="85.255.115.156,85.255.112.172" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{C8EAC354-0081-4636-AE10-4EA18410D7FF} 
"nameserver"="85.255.115.156,85.255.112.172" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{D3897345-CD62-49F7-9EAD-0624B5011933} 
"nameserver"="85.255.115.156,85.255.112.172" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{E77DF721-9540-4FC8-91F3-B0F291E29569} 
"nameserver"="85.255.115.156,85.255.112.172" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{38D51EDA-06D9-433A-BA2D-704570C112F7}
"DhcpNameServer"="85.255.115.156,85.255.112.172" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{B3E3C845-A887-4E4C-B0FA-06F68BAE89B1}
"DhcpNameServer"="85.255.115.156,85.255.112.172" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{C8EAC354-0081-4636-AE10-4EA18410D7FF}
"DhcpNameServer"="85.255.115.156,85.255.112.172" <Value cleared.
HKEY_LOCAL_MACHINE\system\currentcontrolset\services	cpip\parameters\interfaces\{D3897345-CD62-49F7-9EAD-0624B5011933}
"DhcpNameServer"="85.255.115.156,85.255.112.172" <Value cleared.

Cache de résolution DNS vidé.


System was rebooted successfully. 
 
~~~~~ Postrun check 
HKLM\SOFTWARE\~\Winlogon\ "system"="" 
....
....
~~~~~ Misc files. 
....
~~~~~ Checking for older varients.
....
~~~~~ Other
C:\WINDOWS\Temp\kdlns.ren 73827 13/06/2007 

~~~~~ Current runs (hklm hkcu "run" Keys Only)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd"
"Media Access"="C:\Program Files\Media Access\MediaAccK.exe"
"OlStatusMon"="\"C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe\" dvcStatusMinimize"
"MaBtSh"="C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe"
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup"
"Norman ZANDA"="C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH"
"qatdnzw"="c:\windows\system32\qatdnzw.exe qatdnzw"
"QuickTime Task"="\"C:\Program Files\QuickTime\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\Program Files\iTunes\iTunesHelper.exe\""
"avast!"="C:\PROGRA~1\ANTIVI~1\ashDisp.exe"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="\"E:\APPS\steam\Steam.exe\" -silent"
"lzkusdbyzv"="c:\windows\system32\lzkusdbyzv.exe lzkusdbyzv"
....
Hosts file was reset, If you use a custom hosts file please replace it...
~~~~~ End report ~~~~~

theodiablo · Answer

et voila avec malekal DiagHelp version v1.4 - http://www.malekal.com excute le 05/02/2008 à 22:21:08,98 Liste des derniers fichies modifies/crees dans windir\system32 et prefetch C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->05/02/2008 22:20:57 C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->05/02/2008 22:20:39 C:\WINDOWS\prefetch\WINRAR.EXE-39C6DAD9.pf -->05/02/2008 22:19:27 C:\WINDOWS\prefetch\IPODSERVICE.EXE-3192DE38.pf -->05/02/2008 22:17:25 C:\WINDOWS\prefetch\FIREFOX.EXE-28641590.pf -->05/02/2008 22:16:54 C:\WINDOWS\prefetch\MABTSH.EXE-2EAFD2F4.pf -->05/02/2008 22:16:45 C:\WINDOWS\prefetch\RUNDLL32.EXE-18ACD379.pf -->05/02/2008 22:16:44 C:\WINDOWS\prefetch\ASHDISP.EXE-1BFC23F1.pf -->05/02/2008 22:16:44 C:\WINDOWS\prefetch\STEAM.EXE-11FDB9B2.pf -->05/02/2008 22:16:43 C:\WINDOWS\prefetch\OLDVCSTATUS.EXE-35D9E92E.pf -->05/02/2008 22:16:43 C:\WINDOWS\System32\drivers\fwdrv.err -->06/01/2008 12:24:38 C:\WINDOWS\System32\drivers\aswmon.sys -->04/12/2007 15:56:02 C:\WINDOWS\System32\drivers\aswmon2.sys -->04/12/2007 15:55:46 C:\WINDOWS\System32\drivers\aswRdr.sys -->04/12/2007 15:53:39 C:\WINDOWS\System32\drivers\aswTdi.sys -->04/12/2007 15:51:52 C:\WINDOWS\System32\drivers\aavmker4.sys -->04/12/2007 15:49:02 C:\WINDOWS\System32\drivers\secdrv.sys -->13/11/2007 11:25:54 C:\WINDOWS\System32\wpa.dbl -->04/02/2008 15:04:40 C:\WINDOWS\System32\pthreadGC2.dll -->15/01/2008 18:35:22 C:\WINDOWS\System32\ff_vfw.dll.manifest -->15/01/2008 18:35:22 C:\WINDOWS\System32\ff_vfw.dll -->15/01/2008 18:35:22 C:\WINDOWS\System32\Thumbs.db -->07/01/2008 21:38:54 C:\WINDOWS\System32\service.log -->07/01/2008 19:11:42 C:\WINDOWS\System32\CONFIG.NT -->07/01/2008 19:09:00 C:\WINDOWS\System32\TZLog.log -->06/01/2008 19:01:40 C:\WINDOWS\System32\QuickTimeVR.qtx -->11/12/2007 10:57:06 C:\WINDOWS\System32\QuickTime.qts -->11/12/2007 10:57:06 C:\WINDOWS\System32\aswBoot.exe -->04/12/2007 14:04:28 C:\WINDOWS\System32\AvastSS.scr -->04/12/2007 13:54:04 C:\WINDOWS\System32\MRT.exe -->03/12/2007 00:00:05 C:\WINDOWS\System32\FNTCACHE.DAT -->30/11/2007 06:56:28 C:\WINDOWS\System32\ssldivx.dll -->29/11/2007 23:30:16 C:\WINDOWS\System32\libdivx.dll -->29/11/2007 23:30:16 C:\WINDOWS\System32\jscript.dll -->14/11/2007 08:28:02 C:\WINDOWS\System32 zchange.exe -->13/11/2007 12:31:11 C:\WINDOWS\System32 vapps.xml -->11/11/2007 19:09:21 C:\WINDOWS\System32\bdod.bin -->11/11/2007 18:52:51 C:\WINDOWS\System32\bdss.log -->11/11/2007 18:14:16 C:\WINDOWS\System32\PerfStringBackup.INI -->09/11/2007 23:44:56 C:\WINDOWS\System32\perfh00C.dat -->09/11/2007 23:44:56 C:\WINDOWS\System32\perfh009.dat -->09/11/2007 23:44:56 C:\WINDOWS\System32\perfc00C.dat -->09/11/2007 23:44:56 C:\WINDOWS\QTFont.qfn -->05/02/2008 22:16:44 C:\WINDOWS\0.log -->05/02/2008 22:14:30 C:\WINDOWS\wiadebug.log -->05/02/2008 22:14:21 C:\WINDOWS\WindowsUpdate.log -->05/02/2008 22:14:20 C:\WINDOWS\wiaservc.log -->05/02/2008 22:14:20 C:\WINDOWS\bootstat.dat -->05/02/2008 22:14:05 C:\WINDOWS\SchedLgU.Txt -->05/02/2008 22:12:49 C:\WINDOWS\Thumbs.db -->04/02/2008 16:38:48 C:\WINDOWS\setupapi.log -->30/01/2008 11:18:32 C:\WINDOWS\NeroDigital.ini -->23/01/2008 20:36:20 C:\WINDOWS\datalink.ini -->10/01/2008 20:16:51 C:\WINDOWS\ODBC.INI -->10/01/2008 20:15:19 C:\WINDOWS\MEMORY.DMP -->09/01/2008 20:57:00 C:\WINDOWS\win.ini -->07/01/2008 21:08:19 C:\WINDOWS soc.log -->06/01/2008 19:01:56 winlogon.exe Verified: Signed svchost.exe Verified: Signed ws2_32.dll Verified: Signed user32.dll Verified: Signed tcpip.sys Verified: Signed ndis.sys Verified: Signed null.sys Verified: Signed ListDLLs v2.25 - DLL lister for Win9x/NT Copyright (C) 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ explorer.exe pid: 1884 Command line: C:\WINDOWS\Explorer.EXE Base Size Version Path 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL 0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll 0x10000000 0x1c000 7.00.0000.0000 C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll 0x01500000 0x2b000 C:\Program Files\WinRAR arext.dll 0x00a90000 0x20000 3.06.0002.0000 C:\PROGRA~1\VISICO~1\FTPEXP~1\ftpcntxt.dll 0x00f90000 0x34000 2.00.0116.0000 C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll 0x64f00000 0x12000 4.07.1098.0000 C:\Program Files\Antivirus\ashShell.dll 0x748f0000 0x113000 8.90.1101.0000 C:\WINDOWS\System32\msxml3.dll 0x02470000 0x13f000 2.00.0116.0000 C:\Program Files\SolidDocuments\SolidConverterPDF\ConverterCore.dll 0x025b0000 0xbb000 2.00.0116.0000 C:\Program Files\SolidDocuments\SolidConverterPDF\SolidCore.dll 0x02670000 0x7d000 7.10.0000.0000 C:\Program Files\SolidDocuments\SolidConverterPDF\MSLUP71.dll 0x026f0000 0x58000 7.10.0000.0000 C:\Program Files\SolidDocuments\SolidConverterPDF\MSLUR71.dll 0x02750000 0x107000 7.10.3077.0000 C:\Program Files\SolidDocuments\SolidConverterPDF\MFC71LU.DLL 0x02960000 0x3f000 6.03.0000.0000 C:\Program Files\GetRight\xx2gr.dll ListDLLs v2.25 - DLL lister for Win9x/NT Copyright (C) 1997-2004 Mark Russinovich Sysinternals - www.sysinternals.com ------------------------------------------------------------------------------ winlogon.exe pid: 556 Command line: winlogon.exe Base Size Version Path 0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe 0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll 0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll 0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll 0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll 0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL Le volume dans le lecteur C s'appelle WinXPro Le numéro de série du volume est DCB6-063A Répertoire de C:\WINDOWS\system32 20/08/2004 00:09 6 144 csrss.exe 1 fichier(s) 6 144 octets 0 Rép(s) 17 671 114 752 octets libres Contenu de Downloaded Program Files Le volume dans le lecteur C s'appelle WinXPro Le numéro de série du volume est DCB6-063A Répertoire de C:\WINDOWS\Downloaded Program Files 02/07/2007 22:26 . 02/07/2007 22:26 .. 13/06/2005 11:04 65 desktop.ini 13/04/2007 01:14 382 344 GAME_UNO1.dll 17/01/2007 14:44 316 GAME_UNO1.INF 22/02/2007 22:41 304 544 MessengerStatsPAClient.dll 28/02/2007 13:21 130 472 MineSweeper.dll 28/02/2007 13:21 131 472 msgrchkr.dll 6 fichier(s) 949 213 octets Total des fichiers listés : 6 fichier(s) 949 213 octets 2 Rép(s) 17 671 131 136 octets libres Recherche de rootkit! (Merci S!Ri) Recherche d'infections connues Export des clefs sensibles.. Liste des fichiers en exception sur le pare-feu XP SP2 "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe"="C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe:*:Disabled:Kerio Personal Firewall 4 - GUI" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" "C:\Program Files\BitTorrent_DNA\dna.exe"="C:\Program Files\BitTorrent_DNA\dna.exe:*:Enabled:DNA" "C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype" "C:\Program Files\eMule\emule.exe"="C:\Program Files\eMule\emule.exe:*:Enabled:eMule" "E:\APPS\steam\Steam.exe"="E:\APPS\steam\Steam.exe:*:Enabled:Steam" "C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe"="C:\Program Files\Visicom Media\FTP Expert 3\ftpxpert3.exe:*:Enabled:AceFTP v3" "D:\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe"="D:\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe:*:Enabled:SiSoftware Database Agent Service" "D:\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe"="D:\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service" "C:\Program Files\BearShare\BearShare.exe"="C:\Program Files\BearShare\BearShare.exe:*:Disabled:BearShare" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" "D:\age of empires\empires2.exe"="D:\age of empires\empires2.exe:*:Enabled:Age of Empires II" "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1" "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)" Export de la clef SharedTaskScheduler [SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant" exports des policies REGEDIT4 [system] "dontdisplaylastusername"=dword:00000000 "legalnoticecaption"="" "legalnoticetext"="" "shutdownwithoutlogon"=dword:00000001 "undockwithoutlogon"=dword:00000001 Export des clefs sensibles.. Rechercher adresses sensibles dans le fichier HOSTS... catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-02-05 22:21:36 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... IPC error: 2 Le fichier spécifié est introuvable. [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\aswTdi\Parameters] "ProviderStart"=dword:00000001 scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden services: 0 hidden files: 0 KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Error loading kernel support driver! Make sure you are running this as Administrator. KProcCheck Version 0.2-beta1 Proof-of-Concept by SIG^2 (www.security.org.sg) Error loading kernel support driver! Make sure you are running this as Administrator. Liste des programmes installes Adobe Download Manager 2.0 (Supprimer uniquement) Adobe Flash Player 9 ActiveX Adobe Photoshop 7.0 Adobe Reader 7.0 - Français Adobe Shockwave Player Age of Empires III Age of Empires III ANNO 1602 Version Gold Anno 1701 Apple Software Update Archiveur WinRAR AutoUpdate avast! Antivirus Battle.net BearShare BlueAuditor 1.3.6 C-Media High Definition Audio Driver Civilization III Correctif pour Lecteur Windows Media 11 (KB939683) Correctif Windows XP - KB873333 Correctif Windows XP - KB873339 Correctif Windows XP - KB885250 Correctif Windows XP - KB885835 Correctif Windows XP - KB885836 Correctif Windows XP - KB886185 Correctif Windows XP - KB888113 Correctif Windows XP - KB888302 Correctif Windows XP - KB890175 Correctif Windows XP - KB890859 Correctif Windows XP - KB891781 Correctif Windows XP - KB893086 DivX Codec DivX Content Uploader DivX Converter DivX Player DivX Web Player Dolphin 1.3 beta EasyPHP 2.0b1 eMule EVEREST Home Edition v2.20 ffdshow [rev 1782] [2008-01-15] FTP Expert 3 GetRight Google Earth Heroes of Might and Magic V Heroes of Might and Magic® IV High Definition Audio Driver Package - KB835221 HijackThis 1.99.1 Hijackthis Version Française Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB926239) iTunes J2SE Runtime Environment 5.0 Update 11 Kerio Personall Firewall Le Maître de l'Olympe - Zeus. Le Maître de l'Olympe et le Maître de l'Atlandide Lecteur Windows Media 11 Lexmark Supplies Monitor Lexmark Z25-Z35 Messenger Plus! Live Microsoft .NET Framework 1.1 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Data Access Components KB870669 Microsoft Office 2000 Premium Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual C++ 2005 Redistributable Microsoft Zoo Tycoon Mise à jour de sécurité pour Lecteur Windows Media (KB911564) Mise à jour de sécurité pour Lecteur Windows Media 10 (KB917734) Mise à jour de sécurité pour Lecteur Windows Media 11 (KB936782) Mise à jour de sécurité pour Lecteur Windows Media 6.4 (KB925398) Mise à jour de sécurité pour Windows XP (KB890046) Mise à jour de sécurité pour Windows XP (KB893066) Mise à jour de sécurité pour Windows XP (KB893756) Mise à jour de sécurité pour Windows XP (KB896358) Mise à jour de sécurité pour Windows XP (KB896422) Mise à jour de sécurité pour Windows XP (KB896423) Mise à jour de sécurité pour Windows XP (KB896424) Mise à jour de sécurité pour Windows XP (KB896428) Mise à jour de sécurité pour Windows XP (KB899587) Mise à jour de sécurité pour Windows XP (KB899589) Mise à jour de sécurité pour Windows XP (KB899591) Mise à jour de sécurité pour Windows XP (KB900725) Mise à jour de sécurité pour Windows XP (KB901017) Mise à jour de sécurité pour Windows XP (KB901214) Mise à jour de sécurité pour Windows XP (KB902400) Mise à jour de sécurité pour Windows XP (KB904706) Mise à jour de sécurité pour Windows XP (KB905414) Mise à jour de sécurité pour Windows XP (KB905749) Mise à jour de sécurité pour Windows XP (KB908519) Mise à jour de sécurité pour Windows XP (KB911562) Mise à jour de sécurité pour Windows XP (KB911927) Mise à jour de sécurité pour Windows XP (KB912919) Mise à jour de sécurité pour Windows XP (KB913580) Mise à jour de sécurité pour Windows XP (KB914388) Mise à jour de sécurité pour Windows XP (KB914389) Mise à jour de sécurité pour Windows XP (KB917344) Mise à jour de sécurité pour Windows XP (KB917422) Mise à jour de sécurité pour Windows XP (KB917953) Mise à jour de sécurité pour Windows XP (KB918118) Mise à jour de sécurité pour Windows XP (KB919007) Mise à jour de sécurité pour Windows XP (KB920213) Mise à jour de sécurité pour Windows XP (KB920670) Mise à jour de sécurité pour Windows XP (KB920683) Mise à jour de sécurité pour Windows XP (KB920685) Mise à jour de sécurité pour Windows XP (KB921398) Mise à jour de sécurité pour Windows XP (KB921503) Mise à jour de sécurité pour Windows XP (KB921883) Mise à jour de sécurité pour Windows XP (KB922616) Mise à jour de sécurité pour Windows XP (KB922819) Mise à jour de sécurité pour Windows XP (KB923191) Mise à jour de sécurité pour Windows XP (KB923414) Mise à jour de sécurité pour Windows XP (KB923980) Mise à jour de sécurité pour Windows XP (KB924191) Mise à jour de sécurité pour Windows XP (KB924270) Mise à jour de sécurité pour Windows XP (KB924496) Mise à jour de sécurité pour Windows XP (KB924667) Mise à jour de sécurité pour Windows XP (KB925902) Mise à jour de sécurité pour Windows XP (KB926255) Mise à jour de sécurité pour Windows XP (KB926436) Mise à jour de sécurité pour Windows XP (KB927779) Mise à jour de sécurité pour Windows XP (KB927802) Mise à jour de sécurité pour Windows XP (KB928255) Mise à jour de sécurité pour Windows XP (KB928843) Mise à jour de sécurité pour Windows XP (KB929123) Mise à jour de sécurité pour Windows XP (KB930178) Mise à jour de sécurité pour Windows XP (KB931261) Mise à jour de sécurité pour Windows XP (KB931784) Mise à jour de sécurité pour Windows XP (KB932168) Mise à jour de sécurité pour Windows XP (KB933729) Mise à jour de sécurité pour Windows XP (KB935839) Mise à jour de sécurité pour Windows XP (KB935840) Mise à jour de sécurité pour Windows XP (KB936021) Mise à jour de sécurité pour Windows XP (KB937143) Mise à jour de sécurité pour Windows XP (KB937894) Mise à jour de sécurité pour Windows XP (KB938127) Mise à jour de sécurité pour Windows XP (KB938829) Mise à jour de sécurité pour Windows XP (KB939653) Mise à jour de sécurité pour Windows XP (KB941202) Mise à jour de sécurité pour Windows XP (KB941568) Mise à jour de sécurité pour Windows XP (KB941569) Mise à jour de sécurité pour Windows XP (KB942615) Mise à jour de sécurité pour Windows XP (KB943460) Mise à jour de sécurité pour Windows XP (KB944653) Mise à jour pour Windows XP (KB898461) Mise à jour pour Windows XP (KB900485) Mise à jour pour Windows XP (KB908531) Mise à jour pour Windows XP (KB910437) Mise à jour pour Windows XP (KB911280) Mise à jour pour Windows XP (KB916595) Mise à jour pour Windows XP (KB920872) Mise à jour pour Windows XP (KB922582) Mise à jour pour Windows XP (KB927891) Mise à jour pour Windows XP (KB930916) Mise à jour pour Windows XP (KB931836) Mise à jour pour Windows XP (KB933360) Mise à jour pour Windows XP (KB936357) Mise à jour pour Windows XP (KB938828) Mise à jour pour Windows XP (KB942763) Mise à jour pour Windows XP (KB942840) Mozilla Firefox (2.0.0.11) MSI DigiCell MSI Live Update 3 MSXML 4.0 SP2 (KB936181) MSXML4 Parser Navilog1 3.4.2 Nero 6 Ultra Edition Nokia 6680-6681-6682 MA730 - Handset Manager V9.2 Nokia Connectivity Cable Driver Nokia PC Suite Nokia PC Suite Nokia Software Updater NVIDIA Drivers Package de pilotes Windows - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0) Package de pilotes Windows - Nokia Modem (02/15/2007 3.1) Package de pilotes Windows - Nokia Modem (05/24/2007 6.84.0.1) PartyPoker PC Connectivity Solution PENTAX USB DISK Device Pharaon Platform PokerStars.net PowerDVD PSP Video 9 1.74 QuickTime SIMPLE_WAY SiSoftware Sandra Lite XIIc SolidConverterPDF Spyware-Secure Steam VIA Gestionnaire de périphériques de plate-forme VideoLAN VLC media player 0.8.6b Visionneuse Journal Windows Microsoft WebFldrs XP Winamp Windows Driver Package - Nokia Modem (02/15/2007 3.1) Windows Genuine Advantage Validation Tool (KB892130) Windows Installer 3.1 (KB893803) Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows XP Service Pack 2 World of Warcraft - ZalinKari - Patch World of Warcraft - ZalinKari - Update World of Warcraft - ZalinKari : The Burning Crusade Wow Cartographe 1.07 Le volume dans le lecteur C s'appelle WinXPro Le numéro de série du volume est DCB6-063A Répertoire de C:\Program Files 05/02/2008 22:08 . 05/02/2008 22:08 .. 04/04/2006 18:13 Adobe 15/06/2005 10:32 Ahead 10/09/2007 21:18 Anno 1701 09/01/2008 15:22 Antivirus 31/12/2007 18:53 Apple Software Update 04/12/2007 20:31 BearShare 15/06/2005 10:34 Common Files 19/06/2005 14:00 CyberLink 11/01/2008 15:21 DivX 28/11/2007 02:30 eMule 21/01/2008 20:28 ffdshow 07/01/2008 21:13 Fichiers communs 04/10/2007 10:34 GetRight 06/01/2008 19:00 Internet Explorer 20/09/2006 11:07 Inventel 31/12/2007 18:55 iPod 31/12/2007 18:55 iTunes 06/04/2007 19:45 Java 15/06/2005 10:35 Kerio 09/11/2007 14:11 Lavalys 14/06/2005 11:10 Lavasoft 02/01/2008 00:47 Messenger Plus! Live 12/11/2006 11:15 MessengerPlus! 3 13/06/2005 11:52 microsoft frontpage 09/06/2007 13:06 Microsoft Games 13/06/2005 11:56 Microsoft Office 13/06/2005 11:56 Microsoft Visual Studio 30/09/2007 21:59 Mobile Action 09/04/2007 22:06 Movie Maker 05/02/2008 22:16 Mozilla Firefox 01/11/2007 17:47 MSI 13/06/2005 11:01 MSN Gaming Zone 02/01/2008 00:47 MSN Messenger 05/02/2008 22:09 Navilog1 09/04/2007 22:02 NetMeeting 06/09/2007 19:38 Nokia 06/09/2007 19:48 Nsasoft 11/05/2007 13:50 Olivetti 10/01/2008 20:44 Outlook Express 16/01/2008 18:45 PartyGaming 06/09/2007 17:52 PC Connectivity Solution 20/05/2007 20:19 PENTAX 26/01/2008 21:30 PokerStars.NET 21/01/2008 19:10 pspvideo9 31/12/2007 18:54 QuickTime 21/03/2007 18:38 Softwin 13/05/2007 15:21 SolidDocuments 03/06/2007 18:45 Sunbelt Software 13/06/2005 11:19 VIA 03/11/2007 14:00 VIA Technologies, Inc 27/05/2007 13:26 VideoLAN 25/02/2007 18:10 Visicom Media 26/01/2008 10:46 Winamp 22/06/2005 17:24 Windows Journal Viewer 14/06/2007 09:21 Windows Live 05/06/2007 21:52 Windows Media Player 09/04/2007 22:02 Windows NT 26/05/2007 21:33 WinRAR 04/09/2007 17:49 WowCartographe 13/06/2005 11:05 xerox 0 fichier(s) 0 octets 62 Rép(s) 17 659 908 096 octets libres Le volume dans le lecteur C s'appelle WinXPro Le numéro de série du volume est DCB6-063A Répertoire de C:\Program Files\fichiers communs 07/01/2008 21:13 . 07/01/2008 21:13 .. 04/04/2006 18:13 Adobe 15/06/2005 10:32 Ahead 21/10/2007 20:31 Blizzard Entertainment 13/06/2005 11:56 Designer 20/09/2006 11:07 278 528 FDEUnInstaller.exe 29/11/2007 21:07 InstallShield 22/03/2007 19:32 KAV Shared Files 06/09/2007 19:37 Microsoft Shared 13/06/2005 11:02 MSSoap 06/09/2007 19:38 Nokia 06/09/2007 17:53 PCSuite 07/01/2008 21:08 Softwin 13/05/2007 15:21 SolidDocuments 13/06/2005 17:42 SpeechEngines 19/08/2007 18:08 System 23/10/2006 18:16 Teleca Shared 1 fichier(s) 278 528 octets 17 Rép(s) 17 659 908 096 octets libres Le volume dans le lecteur C s'appelle WinXPro Le numéro de série du volume est DCB6-063A Répertoire de C:\Program Files\fichiers communs\Microsoft Shared\Web Folders 13/06/2005 11:57 . 13/06/2005 11:57 .. 18/05/2001 16:57 561 209 MSONSEXT.DLL 03/06/1999 13:09 122 937 MSOWS409.DLL 07/03/2001 08:00 127 033 MSOWS40c.DLL 18/03/1999 07:37 593 977 RAGENT.DLL 4 fichier(s) 1 405 156 octets 2 Rép(s) 17 659 908 096 octets libres Le volume dans le lecteur C s'appelle WinXPro Le numéro de série du volume est DCB6-063A Répertoire de C:\Program Files\common files 15/06/2005 10:34 . 15/06/2005 10:34 .. 15/06/2005 10:34 Ahead 13/06/2005 14:47 System 0 fichier(s) 0 octets 4 Rép(s) 17 659 908 096 octets libres Le volume dans le lecteur C s'appelle WinXPro Le numéro de série du volume est DCB6-063A Répertoire de C:\ 13/06/2005 16:09 280 ro.exe 1 fichier(s) 280 octets 0 Rép(s) 17 659 904 000 octets libres c:\Documents and Settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 7.5.0.20\iTunesSetupAdmin.exe c:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Nokia_PC_Suite_683_rel_14_1_fre_web.exe c:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstCCD.exe c:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCS.exe c:\Documents and Settings\All Users\Application Data\Installations\{57A48477-92F0-4C1F-ADF9-4806C4EC3CF2}\Installations\CommonCustomActions\UninstPCSFEMsi.exe c:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Nokia_PC_Suite_6_84_10_3_eng_web.exe c:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstCCD.exe c:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCS.exe c:\Documents and Settings\All Users\Application Data\Installations\{A982E6CC-9F0D-4948-9B18-BDFD55DE4A72}\Installations\CommonCustomActions\UninstPCSFEMsi.exe c:\Documents and Settings\helene\Application Data\Microsoft\Installer\{00F822AD-0798-4F54-BA6B-440D0BD687D7}\ARPPRODUCTICON.exe c:\Documents and Settings\helene\Application Data\Microsoft\Installer\{00F822AD-0798-4F54-BA6B-440D0BD687D7}\Shortcut_RemoteAdmin_00F822AD07984F54BA6B440D0BD687D7.exe c:\Documents and Settings\helene\Application Data\Microsoft\Installer\{4AD8E2AF-2E54-411E-B96B-ECF8F1F18741}\ARPPRODUCTICON.exe c:\Documents and Settings\helene\Application Data\Microsoft\Installer\{4AD8E2AF-2E54-411E-B96B-ECF8F1F18741}\Launcher.exe_8370033A751940A1965C432D22D1C247.exe c:\Documents and Settings\helene\Application Data\Microsoft\Installer\{4AD8E2AF-2E54-411E-B96B-ECF8F1F18741}\Launcher.exe1_8370033A751940A1965C432D22D1C247.exe c:\Documents and Settings\helene\Application Data\Microsoft\Installer\{67CA6469-DD4B-492C-BAAC-44EF859F014D}\ARPPRODUCTICON.exe c:\Documents and Settings\helene\Application Data\Microsoft\Installer\{67CA6469-DD4B-492C-BAAC-44EF859F014D}\Launcher.exe_584D424479C1480CBF81E385D23F618E.exe c:\Documents and Settings\helene\Application Data\Microsoft\Installer\{67CA6469-DD4B-492C-BAAC-44EF859F014D}\Launcher.exe1_584D424479C1480CBF81E385D23F618E.exe c:\Documents and Settings\helene\Application Data\Microsoft\Installer\{67CA6469-DD4B-492C-BAAC-44EF859F014D}\Site_de_World_of_W_584D424479C1480CBF81E385D23F618E.exe c:\Documents and Settings\helene\Application Data\Microsoft\Installer\{A5466AE6-B0E5-466B-8B2A-40F6279E063B}\ARPPRODUCTICON.exe c:\Documents and Settings\helene\Bureau\BSLITEINSTALL.exe c:\Documents and Settings\helene\Bureau\Fixwareout.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\catchme.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\diff.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\dumphive.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\FilesInfoCmd.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\find2.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\Fport.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\grep.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\gzip.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\KProcCheck.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\LFiles.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\LISTDLLS.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\md5sums.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\pslist.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\sigcheck.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\streams.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp\swreg.exe c:\Documents and Settings\helene\Bureau\DiagHelp\DiagHelp ar.exe c:\Documents and Settings\helene\Bureau\gba\VisualBoyAdvance.exe c:\Documents and Settings\helene\Bureau\gba\VisualBoyAdvance1.7.2.fix.exe c:\Documents and Settings\helene\Local Settings\Temp\First15.exe c:\Documents and Settings\helene\Local Settings\Temp\VP6Install.exe c:\Documents and Settings ais\Local Settings\Temp\AutoRun.exe c:\Documents and Settings heo\Local Settings\Temp\AutoRun.exe c:\Documents and Settings heo\Local Settings\Temp\SkypeSetup.exe c:\Program Files\Fichiers communs\SolidDocuments\SolidConverterPDF\MSWordAddinRegUnregService.exe c:\Program Files\SolidDocuments\SolidConverterPDF\SolidConverterPDF.exe c:\Program Files\SolidDocuments\SolidConverterPDF\PDF-XChangeSDKEU\PDFSaver.exe c:\Program Files\SolidDocuments\SolidConverterPDF\PDF-XChangeSDKEU\PDFSkill.exe c:\Program Files\SolidDocuments\SolidConverterPDF\PDF-XChangeSDKEU\win2k\PrnInstaller.exe c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\All Users\Application Data\Microsoft\IdentityCRL\production\ppcrlconfig.dll c:\Documents and Settings\helene\Application Data\Macromedia\Dreamweaver MX\Configuration\Flash Player\FlashPlayerW.dll c:\Documents and Settings\helene\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\helene\Application Data\Sun\Java\Deployment\cache\javaws\http\Dstatic.poxnora.com\P80\DMwebstart\DMnatives\RNjogl-natives-windows-i586.jar\gluegen-rt.dll c:\Documents and Settings\helene\Application Data\Sun\Java\Deployment\cache\javaws\http\Dstatic.poxnora.com\P80\DMwebstart\DMnatives\RNjogl-natives-windows-i586.jar\jogl.dll c:\Documents and Settings\helene\Application Data\Sun\Java\Deployment\cache\javaws\http\Dstatic.poxnora.com\P80\DMwebstart\DMnatives\RNjogl-natives-windows-i586.jar\jogl_awt.dll c:\Documents and Settings\helene\Application Data\Sun\Java\Deployment\cache\javaws\http\Dstatic.poxnora.com\P80\DMwebstart\DMnatives\RNjogl-natives-windows-i586.jar\jogl_cg.dll c:\Documents and Settings\helene\Local Settings\Application Data\Seven Zip\Codecs\7zAes.dll c:\Documents and Settings\helene\Local Settings\Application Data\Seven Zip\Codecs\Aes.dll c:\Documents and Settings\helene\Local Settings\Application Data\Seven Zip\Codecs\Branch.dll c:\Documents and Settings\helene\Local Settings\Application Data\Seven Zip\Codecs\Copy.dll c:\Documents and Settings\helene\Local Settings\Application Data\Seven Zip\Codecs\LZMA.dll c:\Documents and Settings\helene\Local Settings\Application Data\Seven Zip\Codecs\Swap.dll c:\Documents and Settings\helene\Local Settings\Application Data\Seven Zip\Formats\7z.dll c:\Documents and Settings\jo\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll c:\Documents and Settings ais\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings ais\Application Data\Microsoft\IdentityCRL\PROD\ppcrlconfig.dll c:\Documents and Settings heo\Application Data\Macromedia\Dreamweaver MX\Configuration\Flash Player\FlashPlayerW.dll c:\Documents and Settings heo\Application Data\Microsoft\IdentityCRL\ppcrlconfig.dll c:\Documents and Settings heo\Application Data\Sun\Java\Deployment\cache\javaws\http\Dstatic.poxnora.com\P80\DMwebstart\DMnatives\RNjogl-natives-windows-i586.jar\gluegen-rt.dll c:\Documents and Settings heo\Application Data\Sun\Java\Deployment\cache\javaws\http\Dstatic.poxnora.com\P80\DMwebstart\DMnatives\RNjogl-natives-windows-i586.jar\jogl.dll c:\Documents and Settings heo\Application Data\Sun\Java\Deployment\cache\javaws\http\Dstatic.poxnora.com\P80\DMwebstart\DMnatives\RNjogl-natives-windows-i586.jar\jogl_awt.dll c:\Documents and Settings heo\Application Data\Sun\Java\Deployment\cache\javaws\http\Dstatic.poxnora.com\P80\DMwebstart\DMnatives\RNjogl-natives-windows-i586.jar\jogl_cg.dll ****** Fin du rapport DiagHelp Veuillez svp envoyer le fichier C:\upload_moi_COOL.tar.gz a l'adresse http://upload.malekal.com

theodiablo · Answer

voila pour SREng: [CODE] 2008-02-05,22:28:00 System Repair Engineer 2.5.16.900 Smallfrogs (http://www.KZTechs.com) Windows XP Professional Service Pack 2 (Build 2600) - Administrative User - Completed Functions Allowed Follow item(s) have been choosed: All Boot Items (Including Registry, Startup Folders, Services and so on) Browser Add-ons Runing Processes (Including process model information) File Associations Winsock Provider Autorun.Inf HOSTS File Process Privileges Scan Boot Items Registry [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] <"E:\APPS\steam\Steam.exe" -silent> [(Verified)Valve] [N/A] [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] [N/A] [N/A] <"C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize> [N/A] [Mobile Action Technology Inc.] [Nokia] [N/A] [N/A] <"C:\Program Files\QuickTime\qttask.exe" -atboottime> [Apple Inc.] <"C:\Program Files\iTunes\iTunesHelper.exe"> [(Verified)Apple Inc.] [(Verified)ALWIL Software] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices] [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Component Publisher] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] <> [N/A] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{26923b43-4d38-484f-9b9e-de460746276c}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigIE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] <%systemroot%\system32\shmgrate.exe OCInstallUserConfigOE> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] <%SystemRoot%\system32 egsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32 hemeui.dll> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{5945c046-1e7d-11d1-bc44-00c04fd912be}] [(Verified)Microsoft Windows Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{6BF52A52-394A-11d3-B153-00C04F79FAA6}] [(Verified)Microsoft Windows Component Publisher] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{7790769C-0471-11d2-AF11-00C04FA35D02}] <"%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install> [N/A] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{89B4C1CD-B018-4511-B0A1-5476DBF70820}] [Microsoft Corporation] ================================== Startup Folders [Microsoft Office] C:\PROGRA~1\MICROS~2\Office\OSA9.EXE [Microsoft Corporation]> ================================== Services [ASP.NET State Service / aspnet_state][Stopped/Manual Start] [avast! iAVS4 Control Service / aswUpdSv][Running/Auto Start] <"C:\Program Files\Antivirus\aswUpdSv.exe"> [avast! Antivirus / avast! Antivirus][Running/Auto Start] <"C:\Program Files\Antivirus\ashServ.exe"> [avast! Mail Scanner / avast! Mail Scanner][Stopped/Manual Start] <"C:\Program Files\Antivirus\ashMaiSv.exe" /service> [avast! Web Scanner / avast! Web Scanner][Stopped/Manual Start] <"C:\Program Files\Antivirus\ashWebSv.exe" /service> [Accès du périphérique d'interface utilisateur / HidServ][Stopped/Disabled] %SystemRoot%\System32\hidserv.dll> [InstallDriver Table Manager / IDriverT][Stopped/Manual Start] <"C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe"> [Service de l'iPod / iPod Service][Running/Manual Start] <"C:\Program Files\iPod\bin\iPodService.exe"> [Kerio Personal Firewall 4 / KPF4][Stopped/Auto Start] <"C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe"> [LexBce Server / LexBceS][Running/Auto Start] [Norman ZANDA / Norman ZANDA][Stopped/Auto Start] [NVIDIA Display Driver Service / NVSvc][Stopped/Auto Start] [olMntrService / olMntrService][Running/Auto Start] <"C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe"> [SiSoftware Database Agent Service / SandraDataSrv][Stopped/Manual Start] [SiSoftware Sandra Agent Service / SandraTheSrv][Stopped/Manual Start] [ServiceLayer / ServiceLayer][Stopped/Manual Start] <"C:\Program Files\PC Connectivity Solution\ServiceLayer.exe"> ================================== Drivers [atksgt / atksgt][Running/Auto Start] [catchme / catchme][Stopped/Manual Start] <\??\C:\DOCUME~1\helene\LOCALS~1\Temp\catchme.sys> [C-Media High Definition Audio Interface / cmudax][Running/Manual Start]

[Pilote de la carte EtherLink XL 90XB/C 3Com / EL90XBC][Running/Manual Start] <3Com Corporation> [GEARAspiWDM / GEARAspiWDM][Running/Manual Start] [GMSIPCI / GMSIPCI][Stopped/Manual Start] <\??\D:\INSTALL\GMSIPCI.SYS> [Pilote de fonction Microsoft UAA pour Service High Definition Audio / HdAudAddService][Stopped/Manual Start] [Pilote de bus Microsoft UAA pour High Definition Audio / HDAudBus][Running/Manual Start] [Intel(r) PC Camera CS120 / ICAM8USB][Running/Manual Start] [lirsgt / lirsgt][Running/Auto Start] [MA730 Bluetooth Core Driver / Ma730c][Stopped/Manual Start] [MA730 Bluetooth VCOM Driver / Ma730Pt][Running/Manual Start] [MA730 Bluetooth Audio / Ma730Vad][Running/Manual Start] [msdirectx / msdirectx][Stopped/System Start] <2 - Le fichier spécifié est introuvable. > [nv / nv][Running/Manual Start] [PCAMPR5 NDIS Protocol Driver / PCAMPR5][Stopped/Manual Start] <\??\C:\WINDOWS\System32\PCAMPR5.SYS> [PCANDIS5 NDIS Protocol Driver / PCANDIS5][Stopped/Manual Start] <\??\C:\WINDOWS\System32\PCANDIS5.SYS> [PPPoEWin Miniport / PPPoEWin][Stopped/Manual Start] [Pilote de liaison parallèle directe / Ptilink][Running/Manual Start] [PxHelp20 / PxHelp20][Running/Boot Start] <\SystemRoot\System32\Drivers\PxHelp20.sys> [Sony Ericsson Device 046 Driver driver (WDM) / SE2Ebus][Stopped/Manual Start] [Sony Ericsson Device 046 USB WMC Modem Filter / SE2Emdfl][Stopped/Manual Start] [Sony Ericsson Device 046 USB WMC Modem Driver / SE2Emdm][Stopped/Manual Start] [Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM) / SE2Emgmt][Stopped/Manual Start] [Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS) / se2End5][Stopped/Manual Start] [Sony Ericsson Device 046 USB WMC OBEX Interface / SE2Eobex][Stopped/Manual Start] [Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM) / se2Eunic][Stopped/Manual Start] [Secdrv / Secdrv][Running/Auto Start] [viamraid / viamraid][Running/Boot Start] <\SystemRoot\System32\DRIVERS\viamraid.sys> [VIA USB Host Controller Lower Filter / vulfnths][Stopped/Manual Start] <\SystemRoot\System32\Drivers\vulfnth.sys> [VIA USB Roothub Lower Filter / vulfntrs][Stopped/Manual Start] <\SystemRoot\System32\Drivers\vulfntr.sys> [World Standard Teletext Codec / WSTCODEC][Stopped/Manual Start] [NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller / yukonwxp][Stopped/Manual Start] [zlportio / zlportio][Stopped/Manual Start] <\??\C:\Documents and Settings heo\Bureau\zlportio.sys> ================================== Browser Add-ons [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [SolidConverter PDF] {259F616C-A300-44F5-B04A-ED001A26C85C} [GetRight IE Download Helper] {31FF080D-12A3-439A-A2EF-4BA95A3148E8} [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [Windows Live Sign-in Helper] {9030D464-4C02-4ABF-8ECC-5164760863C6} [Java Plug-in 1.5.0_11] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} [PartyPoker.com] {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} [PokerStars.net] {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} [QuickTime Object] {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} [AcroIEHlprObj Class] {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} [Web Browser Applet Control] {08B0E5C0-4FCB-11CF-AAA5-00401C608501} <, N/A> [Windows Media Player] {22D6F312-B0F6-11D0-94AB-0080C74C7E95} [HTML Document] {25336920-03F9-11CF-8FD0-00AA00686F13} <%SystemRoot%\System32\mshtml.dll, N/A> [SolidConverter PDF] {259F616C-A300-44F5-B04A-ED001A26C85C} [HtmlDlgSafeHelper Class] {3050F819-98B5-11CF-BB82-00AA00BDCE0B} [GetRight IE Download Helper] {31FF080D-12A3-439A-A2EF-4BA95A3148E8} [QuickTime Object] {4063BE15-3B08-470D-A0D5-B37161CFFD69} [XML Document] {48123BC4-99D9-11D1-A6B3-00C04FD91555} <%SystemRoot%\System32\msxml3.dll, N/A> [DivXBrowserPlugin Object] {67DABFBF-D0AB-41FA-9C46-CC0F21721616} [Windows Media Player] {6BF52A52-394A-11D3-B153-00C04F79FAA6} [SSVHelper Class] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} [Navigateur Web Microsoft] {8856F961-340A-11D0-A96B-00C04FD705A2} [Java Plug-in 1.5.0_11] {8AD9C840-044E-11D1-B3E9-00805F499D93} [Windows Live Sign-in Helper] {9030D464-4C02-4ABF-8ECC-5164760863C6} [SearchAssistantOC] {B45FF030-4447-11D2-85DE-00C04FA35C89} <%SystemRoot%\System32\shdocvw.dll, N/A> [Windows Live Sign-in Control] {D2517915-48CE-4286-970F-921E881B8C5C} [Shockwave Flash Object] {D27CDB6E-AE6D-11CF-96B8-444553540000} [iTunesDetector Class] {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} [] {F06608C7-1874-4EEA-B3B2-DF99EBB144B8} ================================== Running Processes [PID: 484 / SYSTEM][\SystemRoot\System32\smss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 532 / SYSTEM][\??\C:\WINDOWS\system32\csrss.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 556 / SYSTEM][\??\C:\WINDOWS\system32\winlogon.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 600 / SYSTEM][C:\WINDOWS\system32\services.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\AppPatch\AcAdProc.dll] [Microsoft Corporation, 5.1.2600.3008 (xpsp.061004-0027)] [PID: 612 / SYSTEM][C:\WINDOWS\system32\lsass.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 768 / SYSTEM][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 824 / SERVICE RÉSEAU][C:\WINDOWS\system32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 892 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 964 / SERVICE RÉSEAU][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1020 / SERVICE LOCAL][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1088 / SYSTEM][C:\Program Files\Antivirus\aswUpdSv.exe] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Antivirus\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0] [PID: 1140 / SYSTEM][C:\Program Files\Antivirus\ashServ.exe] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Antivirus\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\aswEngin.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\aswScan.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\aswInteg.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\aswIdle.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\UNACEV2.DLL] [N/A, ] [C:\Program Files\Antivirus\AhResMai.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\AhResNS.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\AhResOut.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\ahResP2P.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\AhResStd.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\AhResWS.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\ashSSqlt.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\aswRes.dll] [ALWIL Software, 4, 7, 1098, 0] [PID: 1436 / SYSTEM][C:\WINDOWS\system32\LEXBCES.EXE] [Lexmark International, Inc., 7.4] [PID: 1468 / SYSTEM][C:\WINDOWS\system32\LEXPPS.EXE] [N/A, ] [C:\WINDOWS\system32\LEXBCE.DLL] [Lexmark International, Inc., 7.4] [PID: 1708 / SYSTEM][C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe] [Olivetti, 2.0.027] [C:\Program Files\Olivetti\ANY_WAY\olMntrHid.dll] [Olivetti, 2.0.027] [PID: 1852 / SYSTEM][C:\WINDOWS\System32\svchost.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 500 / SERVICE LOCAL][C:\WINDOWS\System32\alg.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 1884 / helene][C:\WINDOWS\Explorer.EXE] [Microsoft Corporation, 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234)] [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0] [C:\Program Files\WinRAR arext.dll] [N/A, ] [C:\PROGRA~1\VISICO~1\FTPEXP~1\ftpcntxt.dll] [Visicom Media Inc., 3.6.2.0] [C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll] [VoyagerSoft, LLC, VERSION_MAJOR.0.BUILD_MAJOR.0] [C:\Program Files\Antivirus\ashShell.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\SolidDocuments\SolidConverterPDF\ConverterCore.dll] [VoyagerSoft, LLC, VERSION_MAJOR.0.BUILD_MAJOR.0] [C:\Program Files\SolidDocuments\SolidConverterPDF\SolidCore.dll] [VoyagerSoft, LLC, VERSION_MAJOR.0.BUILD_MAJOR.0] [C:\Program Files\SolidDocuments\SolidConverterPDF\MSLUP71.dll] [Sample Corporation, 7.10.0000] [C:\Program Files\SolidDocuments\SolidConverterPDF\MSLUR71.dll] [Sample Corporation, 7.10.0000] [C:\Program Files\SolidDocuments\SolidConverterPDF\MFC71LU.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\GetRight\xx2gr.dll] [Headlight Software, Inc., 6.3] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll] [Adobe Systems Incorporated, 7.0.0.2004121400] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [PID: 3708 / helene][C:\WINDOWS\system32\RunDll32.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [C:\WINDOWS\system\cmicnfg.cpl] [C-Media Corporation, 1, 0, 42, 10] [C:\WINDOWS\System32\udaprop.dll] [C-Media Corporation, 1.0.2.3] [PID: 3720 / helene][C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe] [Olivetti, 2.0.027] [C:\Program Files\Olivetti\ANY_WAY\olMntrHid.dll] [Olivetti, 2.0.027] [C:\Program Files\Olivetti\ANY_WAY\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\Program Files\Olivetti\ANY_WAY\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\Program Files\Olivetti\ANY_WAY\olDvcStatusRC.dll] [Olivetti, 2.0.027] [PID: 3728 / helene][C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe] [Mobile Action Technology Inc., 1, 0, 0, 1] [PID: 3752 / helene][C:\Program Files\iTunes\iTunesHelper.exe] [Apple Inc., 7.5.0.20] [C:\Program Files\iTunes\iTunesHelper.Resources\fr.lproj\iTunesHelperLocalized.DLL] [Apple Inc., 7.5.0.13] [C:\Program Files\iTunes\iTunesHelper.Resources\iTunesHelper.DLL] [Apple Inc., 7.5.0.20] [C:\Program Files\QuickTime\QTSystem\QuickTime.qts] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\CoreVideo.qtx] [Apple Computer, Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTime3GPP.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTime3GPPAuthoring.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeAudioSupport.qtx] [Apple Computer, Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeAuthoring.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeCapture.qtx] [Apple Inc., 7.3.1] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [C:\Program Files\QuickTime\QTSystem\QuickTimeEffects.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeEssentials.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeH264.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeImage.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeInternetExtras.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeMPEG4Authoring.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeMusic.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeQD3D.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreaming.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingAuthoring.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeStreamingExtras.qtx] [Apple Inc., 7.3.1] [C:\Program Files\QuickTime\QTSystem\QuickTimeVR.qtx] [Apple Inc., 7.3.1] [PID: 3760 / helene][C:\PROGRA~1\ANTIVI~1\ashDisp.exe] [ALWIL Software, 4, 7, 1098, 0] [C:\PROGRA~1\ANTIVI~1\aswCmnOS.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\WINDOWS\system32\MSVCP71.dll] [Microsoft Corporation, 7.10.3077.0] [C:\WINDOWS\system32\MSVCR71.dll] [Microsoft Corporation, 7.10.3052.4] [C:\PROGRA~1\ANTIVI~1\ashBase.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\PROGRA~1\ANTIVI~1\aswCmnB.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\PROGRA~1\ANTIVI~1\aswCmnS.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\PROGRA~1\ANTIVI~1\ashTask.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\PROGRA~1\ANTIVI~1\aswAux.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\PROGRA~1\ANTIVI~1\Aavm4h.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\French\Base.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\Program Files\Antivirus\French\Lang.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\WINDOWS\system32\MFC71.DLL] [Microsoft Corporation, 7.10.3077.0] [C:\PROGRA~1\ANTIVI~1\AavmRpch.dll] [ALWIL Software, 4, 7, 1098, 0] [c:\program files\antivirus\ahruimai.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\PROGRA~1\ANTIVI~1\ashUInt.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\PROGRA~1\ANTIVI~1\XT1922.dll] [Codejock Software, 1, 9, 4, 0] [c:\program files\antivirus\ahruins.dll] [ALWIL Software, 4, 7, 1098, 0] [c:\program files\antivirus\ahruiout.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\WINDOWS\system32\MAPI32.dll] [Microsoft Corporation, 1.0.2536.0] [c:\program files\antivirus\ahruip2p.dll] [ALWIL Software, 4, 7, 1098, 0] [c:\program files\antivirus\ahruistd.dll] [ALWIL Software, 4, 7, 1098, 0] [c:\program files\antivirus\ahruiws.dll] [ALWIL Software, 4, 7, 1098, 0] [C:\WINDOWS\system32\msacm32.drv] [Microsoft Corporation, 5.1.2600.0 (xpclient.010817-1148)] [PID: 3876 / helene][C:\Program Files\Mozilla Firefox\firefox.exe] [Mozilla Corporation, 1.8.1.11: 2007112718] [C:\Program Files\Mozilla Firefox\js3250.dll] [Netscape Communications Corporation, 4.0] [C:\Program Files\Mozilla Firefox spr4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\xpcom_core.dll] [Mozilla Foundation, 1.8.1.11: 2007112718] [C:\Program Files\Mozilla Firefox\plc4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\plds4.dll] [Netscape Communications Corporation, 4.6.7] [C:\Program Files\Mozilla Firefox\smime3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox ss3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\softokn3.dll] [Mozilla Foundation, 3.11.4 Basic ECC] [C:\Program Files\Mozilla Firefox\ssl3.dll] [Mozilla Foundation, 3.11.5 Basic ECC] [C:\Program Files\Mozilla Firefox\xpcom_compat.dll] [Mozilla Foundation, 1.8.1.11: 2007112718] [C:\Program Files\Mozilla Firefox\components\myspell.dll] [Mozilla Foundation, 1.8.1.11: 2007112718] [C:\Program Files\Mozilla Firefox\components\jar50.dll] [Mozilla Foundation, 1.8.1.11: 2007112718] [C:\Program Files\Mozilla Firefox\freebl3.dll] [Mozilla Foundation, 3.11.4 Basic ECC] [C:\PROGRA~1\MOZILL~1 ssckbi.dll] [Mozilla Foundation, 1.64] [C:\Program Files\Mozilla Firefox\components\spellchk.dll] [Mozilla Foundation, 1.8.1.11: 2007112718] [C:\WINDOWS\system32\PortableDeviceApi.dll] [Microsoft Corporation, 5.2.5721.5145 (WMP_11.061018-2006)] [C:\Program Files\Adobe\Acrobat 7.0\ActiveX\PDFShell.dll] [Adobe Systems, Inc., 7.0.0.0] [PID: 4028 / SYSTEM][C:\Program Files\iPod\bin\iPodService.exe] [Apple Inc., 7.5.0.20] [C:\Program Files\iPod\bin\iPodService.Resources\fr.lproj\iPodServiceLocalized.DLL] [Apple Inc., 7.5.0.13] [C:\Program Files\iPod\bin\iPodService.Resources\iPodService.DLL] [Apple Inc., 7.5.0.20] [PID: 2596 / helene][C:\WINDOWS\system32\wscntfy.exe] [Microsoft Corporation, 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)] [PID: 2756 / helene][C:\Documents and Settings\helene\Bureau\sreng2\SREngPS.EXE] [Smallfrogs Studio, 2.5.16.900] [C:\Documents and Settings\helene\Bureau\sreng2\Upload\3rdUpd.DLL] [Smallfrogs Studio, 2, 1, 0, 15] ================================== File Associations .TXT OK. [%SystemRoot%\system32\NOTEPAD.EXE %1] .EXE OK. ["%1" %*] .COM OK. ["%1" %*] .PIF OK. ["%1" %*] .REG OK. [regedit.exe "%1"] .BAT OK. ["%1" %*] .SCR OK. ["%1" /S] .CHM OK. ["C:\WINDOWS\hh.exe" %1] .HLP OK. [%SystemRoot%\System32\winhlp32.exe %1] .INI OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .INF OK. [%SystemRoot%\System32\NOTEPAD.EXE %1] .VBS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .JS OK. [%SystemRoot%\System32\WScript.exe "%1" %*] .LNK OK. [{00021401-0000-0000-C000-000000000046}] ================================== Winsock Provider N/A ================================== Autorun.Inf N/A ================================== HOSTS File 127.0.0.1 localhost ================================== Process Privileges Scan Special Privilege Enabled: SeLoadDriverPrivilege [PID = 1708, C:\PROGRAM FILES\OLIVETTI\ANY_WAY\OLMNTRSERVICE.EXE] ================================== API HOOK N/A ================================== Hidden Process N/A ================================== /CODE

theodiablo · Answer

voila le nouveau rapport hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 22:29:42, on 05/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\aswUpdSv.exe
C:\Program Files\Antivirus\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ANTIVI~1\ashDisp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Hijackthis\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:///???*??Q???????*???7
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://upload.malekal.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,setup32.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O2 - BHO: GetRight IE Download Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [MaBtSh] C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [qatdnzw] c:\windows\system32\qatdnzw.exe qatdnzw
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\ashDisp.exe
O4 - HKLM\..\RunServices: [Microsoftf DDEs ContrDL] runm.pif
O4 - HKCU\..\Run: [Steam] "E:\APPS\steam\Steam.exe" -silent
O4 - HKCU\..\Run: [lzkusdbyzv] c:\windows\system32\lzkusdbyzv.exe lzkusdbyzv
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Antivirus\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Antivirus\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\BIN\Zanda.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\System32
vsvc32.exe (file missing)
O23 - Service: olMntrService - Olivetti - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: Pptp55islnt - Unknown owner - (no file)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - d:\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - d:\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

alors? qu'esque ca signifie tout ca? et a quoi sert chacune des étapes que j'ai exécuté?

FillPCA · Answer

Re,

Ce sont des programmes destinés à nettoyer des infections ciblées, dont l'une était très sérieuse.
Il en reste encore.

Désinstalle spyware-secure via ajout/suppression des programmes.
Tu as des traces de Norman antivirus. Est-il toujours actif sur ta machine ? J'examine les rapports.

FillPCA

theodiablo · Answer

voilà pour spyware secure.
parcontre, pour norman, je croi que je l'ai supprimé il y a quelque temps déja...
je ne voi pas sa présence dans ajout-supression de programmes, esque ca signifie qu'il est hors d'usage?

FillPCA · Answer

Re,

1/     * Désinstalle Navilog :
          o Soit par ajout/suppression des programmes,
          o Soit par le menu Démarrer>Programmes>Navilog1>Désinstaller Navilog1
    * Supprime le dossier C:\Program Files\Navilog1 s'il existe encore.

2/  Désinstalle Media-access via ajout/suppression des programmes.

3/ 
    *  Imprime ceci.
    * Télécharge Brute Force Uninstaller (de Merijn) : http://www.merijn.org/files/bfu.zip
    * Créé un nouveau dossier directement sur le C:\ et nomme-le BFU.
    * Décompresse le fichier téléchargé dans ce nouveau dossier au moyen d'un clic droit (Extraire vers...C:\BFU).
    * Ouvre le bloc-note de windows.
    * Copie-colle ces lignes dans la fenêtre du bloc-note :

OptionUnloadShell
Processkill \MediaAccK.exe|1

RegDelValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Media Access
RegDelValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|qatdnzw
RegDelValue HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Norman ZANDA
RegDelValue HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|lzkusdbyzv

ServiceStop Norman ZANDA
ServiceDisable Norman ZANDA
ServiceDelete Norman ZANDA
ServiceStop Pptp55islnt
ServiceDisable Pptp55islnt
ServiceDelete Pptp55islnt

FolderDelete %PROGRAMFILES%\Media Access
FolderDelete %SYSTEMDRIVE%\Norman

SystemEmptyTempFolder
SystemEmptyInternetCache
SystemEmptyRecycleBin

    * Enregistre le fichier sur le bureau en fix.txt
    * Fais un clic droit sur ce fichier, choisis Renommer et dans la case, indique le nom fix.BFU.
    * Déplace-le dans le même dossier que Brute Force Uninstaller soit dans c:\BFU
    * Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : fix.bfu et BFU.exe (très important).
    * Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8 (ou F5); tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
    * Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU).
    * Configure BFU comme ceci :
http://img137.imageshack.us/img137/6070/bfusn5.jpg

    * Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur : fix.bfu.
    * Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\fix.bfu
    * Clique sur Execute et laisse-le faire son travail.
    * Attendre que Complete script execution apparaîsse et clique sur OK.
    * Clique sur save et enregistre le rapport sur le bureau : rapport.txt
    * Clique Exit pour fermer le programme BFU.
    * Redémarre normalement ton PC et édite le contenu de rapport.txt dans ta prochaine réponse.

4/ Ouvre Hijackthis>"Do a scan only" et coche ceci :
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:///???*??Q???????*???7 
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,setup32.exe
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)

Clique sur fix/réparer.

5/ Télécharge Ccleaner Basic https://www.ccleaner.com/ccleaner/download

Ouvre Ccleaner, clique sur "lancer le nettoyage".

6/ Télécharge AVGantispyware : https://www.avg.com/en-ww/free-antivirus-download
Tu l'installes.
Lance AVG Anti-Spyware et clique sur le bouton Mise à jour. Patiente.

Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas. Ensuite.
Clique sur "Enregistrer le rapport". Ceci génère un rapport en fichier texte qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware. 

7/     *  Fais un scan en ligne en cliquant ici : http://assiste.com.free.fr/...
    * Choisis Kaspersky.
    * Tu dois réaliser le scan en utilisant Internet explorer. Une information apparait en haut, près de la barre d'état. Tu dois accepter et installer l'activeX proposé. La mise à jour de l'antivirus se lance.
    * Réalise un scan complet du système.
    * Sauvegarde le rapport en mode texte à l'issue du scan.

8/ Edite ces rapports :
rapport.txt de BFU, AVGantispyware, Kaspersky et un nouveau rapport Hijackthis.

FillPCA

theodiablo · Answer

voila mon raport avec BFU: 

BFU v1.10.0
Windows XP SP2 (WinNT 5.01.2600 SP2)
Script started at 23:10:56, on 05/02/2008

Option Unload Explorer: Yes
Failed: ServiceStop Norman ZANDA (service not found)
Failed: ServiceDisable Norman ZANDA (service not found)
Failed: ServiceDelete Norman ZANDA (service not found)
Failed: ServiceStop Pptp55islnt (service not found)
Failed: ServiceDisable Pptp55islnt (service not found)
Failed: ServiceDelete Pptp55islnt (service not found)
Failed: FolderDelete C:\Program Files\Media Access (folder not found)
Failed: FolderDelete C:\Norman (folder not found)
Failed: FileDelete C:\DOCUME~1\helene\LOCALS~1\Temp\~DFA0E3.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\helene\LOCALS~1\Temp\~DFA322.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\helene\LOCALS~1\Temp\~DFA785.tmp (operation failed)
Failed: FileDelete C:\DOCUME~1\helene\LOCALS~1\Temp\~DFC44D.tmp (operation failed)
Script completed.

theodiablo · Answer

en atendant le scan par avg, j'ai une question:
pour le moment j'ai Avast! antivirus, esqu'il existe un meilleur antivirus gratuit?

theodiablo · Answer

voici le rapport AVG tout frais.

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

 + Créé à:	23:58:51 05/02/2008

 + Résultat de l'analyse:	



HKLM\SOFTWARE\Classes\MEDIATICKETSINSTALLER.MediaTicketsInstallerCtrl.1 -> Adware.PurityScan : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Classes\MediaAccess.Installer -> Adware.WinAd : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CLSID -> Adware.WinAd : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CurVer -> Adware.WinAd : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Media Access -> Adware.WinAD : Nettoyé et sauvegardé (mise en quarantaine).
F:\Mes documents\Disquette hack a domicile\mailpv.zip/mailpv.exe -> Not-A-Virus.PSWTool.Win32.MailPassView : Erreur lors du nettoyage.
:mozilla.325:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.326:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.328:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.329:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.330:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.331:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.375:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.376:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.378:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.379:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.84:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.121:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.122:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.165:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.166:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.167:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.210:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.212:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.294:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.34:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.35:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.37:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.46:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.47:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.548:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.552:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.579:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.583:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.656:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.681:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.705:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.726:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.90:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings
ais\Cookies
ais@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings
ais\Cookies
ais@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.158:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.159:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.805:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.806:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.807:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.808:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.809:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.810:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.811:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.825:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.826:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.827:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.828:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.829:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.830:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.831:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.138:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.139:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.284:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.285:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.334:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.335:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.61:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.63:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.10:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.11:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.122:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.123:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.124:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.125:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.12:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.211:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.214:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.215:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.216:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.217:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.22:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.23:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.24:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.289:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.290:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.291:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.292:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.91:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.95:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.96:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.97:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.98:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.9:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.196:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.152:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.247:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.25:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.30:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.6:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.99:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings	heo\Cookies	heo@atdmt[1].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.106:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.153:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.174:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.188:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.42:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.43:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.59:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.90:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.146:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.147:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.119:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.573:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.574:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.575:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.576:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.577:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.603:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.604:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.605:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.606:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.607:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Casalemedia : Nettoyé.
:mozilla.650:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.676:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.769:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.789:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.37:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Clickhype : Nettoyé.
:mozilla.100:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.101:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.102:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.103:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.218:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.219:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.220:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.221:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.222:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.323:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.324:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.325:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.99:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.698:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.719:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.106:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.127:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.14:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.15:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.41:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.52:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.56:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.109:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.18:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.34:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.44:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.57:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\jo\Cookies\jo@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.115:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.192:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.193:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.194:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.195:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.266:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.267:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.205:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.265:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.342:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.344:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.411:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.444:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.660:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.685:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.82:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.89:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.236:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.237:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.820:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.821:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.822:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.824:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.840:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.841:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.842:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.844:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.103:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Hotlog : Nettoyé.
:mozilla.152:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.153:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.287:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.288:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.59:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.60:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.747:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.748:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.767:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.768:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Imrworldwide : Nettoyé.
C:\Documents and Settings
ais\Cookies
ais@searchportal.information[2].txt -> TrackingCookie.Information : Nettoyé.
:mozilla.214:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Ivwbox : Nettoyé.
:mozilla.593:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.623:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.124:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.75:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.77:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.96:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.97:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.98:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings
ais\Cookies
ais@ie.search.msn[1].txt -> TrackingCookie.Msn : Nettoyé.
C:\Documents and Settings
ais\Cookies
ais@search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.212:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.105:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.107:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.108:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.146:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.68:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.69:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.80:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.81:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings
ais\Cookies
ais@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.59:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Popularix : Nettoyé.
:mozilla.764:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.765:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.784:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.785:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.150:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.772:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.792:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.700:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.701:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.702:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.703:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.704:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.721:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.722:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.723:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.724:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.725:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.132:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.133:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.134:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.135:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.136:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.137:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.147:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.148:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.149:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.150:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.151:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.152:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.289:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.290:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.291:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.292:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.293:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.294:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.339:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.340:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.341:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.342:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.343:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.344:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.76:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.77:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.78:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.79:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.80:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.81:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.82:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.283:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.284:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.315:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.316:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.365:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.366:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.180:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.181:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.254:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.255:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Skype : Nettoyé.
:mozilla.13:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.14:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.17:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.50:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.52:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.52:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.53:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.53:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.54:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.87:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.88:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.88:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.89:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.89:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.90:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.91:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.92:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.93:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.94:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.95:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings	heo\Cookies	heo@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.831:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Spylog : Nettoyé.
:mozilla.851:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Spylog : Nettoyé.
:mozilla.260:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.372:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.373:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.374:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.375:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.44:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.45:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.46:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.47:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.48:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.116:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.117:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.118:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.159:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.160:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.161:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.163:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.171:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.172:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.27:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.28:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.29:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.31:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.62:C:\Documents and Settings\WILLY\Application Data\Mozilla\Firefox\Profiles\oaecbdez.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.91:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.92:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.94:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.66:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Trafic : Nettoyé.
:mozilla.246:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.730:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.94:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.722:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Vegasred : Nettoyé.
:mozilla.743:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Vegasred : Nettoyé.
:mozilla.101:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.102:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.103:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.119:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.120:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.121:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.154:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.63:C:\Documents and Settings
ais\Application Data\Mozilla\Firefox\Profiles\9yyv0vr1.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.87:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.88:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.89:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings	heo\Cookies	heo@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.506:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.537:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.68:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.711:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.712:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.732:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.733:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Yadro : Nettoyé.
:mozilla.344:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.345:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.346:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.368:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.369:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.370:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.38:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.39:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.40:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.90:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.93:C:\Documents and Settings	heo\Application Data\Mozilla\Firefox\Profiles\j8q2gjhs.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings
ais\Cookies
ais@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.193:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.194:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-3.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.301:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.306:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.307:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.308:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.309:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.310:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.351:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.356:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.357:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.358:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.359:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.360:C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cookies-2.txt -> TrackingCookie.Zedo : Nettoyé.


Fin du rapport

theodiablo · Answer

bon, je vais me coucher, je ferais le scan avec kapersky demain, j'espère que ca ira :)
merci en tout cas pour tout

theodiablo · Answer

bon, le scan est lancé depuis 1h déja et on en est qu'à 20%...

FillPCA · Answer

Re,

Le scan est long, mais le pourcentage n'est pas toujours révélateur de l'avancement.

FillPCA

theodiablo · Answer

ca y est, je vien de rentrer, le scan est finit mais j'arrive pas a sauvegarder le rapport...

FillPCA · Answer

Re,

Tu dois avoir un bouton "report save" normalement. Essaie de préférence une sauvegarde en mode texte.

FillPCA

theodiablo · Answer

voila!! enfin j'ai réeussi a ateindre le rapport et a le sauvegarder! désolé pour l'atente :s
-------------------------------------------------------------------------------
 KASPERSKY ONLINE SCANNER REPORT
 Thursday, February 07, 2008 8:10:32 PM
 Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
 Kaspersky Online Scanner version: 5.0.98.0
 Kaspersky Anti-Virus database last update:  7/02/2008
 Kaspersky Anti-Virus database records: 553461
-------------------------------------------------------------------------------

Scan Settings:
	Scan using the following antivirus database: extended
	Scan Archives: true
	Scan Mail Bases: true

Scan Target - My Computer:
	A:\
	C:\
	D:\
	E:\
	F:\
	H:\

Scan Statistics:
	Total number of scanned objects: 120202
	Number of viruses found: 6
	Number of infected objects: 11
	Number of suspicious objects: 0
	Duration of the scan process: 01:31:39

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\cert8.db	Object is locked	skipped
C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\formhistory.dat	Object is locked	skipped
C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\history.dat	Object is locked	skipped
C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\key3.db	Object is locked	skipped
C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\parent.lock	Object is locked	skipped
C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\search.sqlite	Object is locked	skipped
C:\Documents and Settings\helene\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\urlclassifier2.sqlite	Object is locked	skipped
C:\Documents and Settings\helene\Cookies\index.dat	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Messenger
aiscamboulive@hotmail.com\SharingMetadata\Logs\Dfsr00005.log	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Messenger
aiscamboulive@hotmail.com\SharingMetadata\pending.dat	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Messenger
aiscamboulive@hotmail.com\SharingMetadata\Working\database_E8DC_B63D_DCB6_63A\dfsr.db	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Messenger
aiscamboulive@hotmail.com\SharingMetadata\Working\database_E8DC_B63D_DCB6_63A\fsr.log	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Messenger
aiscamboulive@hotmail.com\SharingMetadata\Working\database_E8DC_B63D_DCB6_63A\fsrtmp.log	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Messenger
aiscamboulive@hotmail.com\SharingMetadata\Working\database_E8DC_B63D_DCB6_63A	mp.edb	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Windows Live Contacts
aiscamboulive@hotmail.comeal\members.stg	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Windows Live Contacts
aiscamboulive@hotmail.com\shadow\members.stg	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\Cache\1D539CD2d01	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\Cache\_CACHE_001_	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\Cache\_CACHE_002_	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\Cache\_CACHE_003_	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Mozilla\Firefox\Profiles\0y0ikll4.default\Cache\_CACHE_MAP_	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Historique\History.IE5\index.dat	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Temp\~DFD42C.tmp	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Temp\~DFD438.tmp	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Temp\~DFE4E6.tmp	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Temp\~DFE4FC.tmp	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Temporary Internet Files\Content.IE5\index.dat	Object is locked	skipped
C:\Documents and Settings\helene
tuser.dat	Object is locked	skipped
C:\Documents and Settings\helene
tuser.dat.LOG	Object is locked	skipped
C:\Documents and Settings\LocalService\Cookies\index.dat	Object is locked	skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat	Object is locked	skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat	Object is locked	skipped
C:\Documents and Settings\LocalService
tuser.dat	Object is locked	skipped
C:\Documents and Settings\LocalService
tuser.dat.LOG	Object is locked	skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT	Object is locked	skipped
C:\Documents and Settings\NetworkService
tuser.dat.LOG	Object is locked	skipped
C:\Documents and Settings	heo\Application Data\vmntoolbar\vmntoolbar_151.zip/vmntoolbar.dll	Infected: not-a-virus:AdWare.Win32.MegaSearch.j	skipped
C:\Documents and Settings	heo\Application Data\vmntoolbar\vmntoolbar_151.zip	ZIP: infected - 1	skipped
C:\Program Files\Antivirus\DATA\aswResp.dat	Object is locked	skipped
C:\Program Files\Antivirus\DATA\Avast4.db	Object is locked	skipped
C:\Program Files\Antivirus\DATA\log
shield.log	Object is locked	skipped
C:\Program Files\Navilog1\Backupnavi\qcxxkx.exe	Infected: not-a-virus:AdWare.Win32.NaviPromo.gen	skipped
C:\Program Files\Visicom Media\FTP Expert 3\vmntoolbar\vmntoolbarsetup.exe/data0146	Infected: not-a-virus:AdWare.Win32.BHO.w	skipped
C:\Program Files\Visicom Media\FTP Expert 3\vmntoolbar\vmntoolbarsetup.exe	NSIS: infected - 1	skipped
C:\System Volume Information\MountPointManagerRemoteDatabase	Object is locked	skipped
C:\System Volume Information\_restore{1FDF65CB-1E7B-4E53-8B5E-14A5800D1E4F}\RP650\change.log	Object is locked	skipped
C:\WINDOWS\Debug\PASSWD.LOG	Object is locked	skipped
C:\WINDOWS\SchedLgU.Txt	Object is locked	skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log	Object is locked	skipped
C:\WINDOWS\Sti_Trace.log	Object is locked	skipped
C:\WINDOWS\system32\CatRoot2\edb.log	Object is locked	skipped
C:\WINDOWS\system32\CatRoot2	mp.edb	Object is locked	skipped
C:\WINDOWS\system32\config\Antivirus.Evt	Object is locked	skipped
C:\WINDOWS\system32\config\AppEvent.Evt	Object is locked	skipped
C:\WINDOWS\system32\config\default	Object is locked	skipped
C:\WINDOWS\system32\config\default.LOG	Object is locked	skipped
C:\WINDOWS\system32\config\Internet.evt	Object is locked	skipped
C:\WINDOWS\system32\config\SAM	Object is locked	skipped
C:\WINDOWS\system32\config\SAM.LOG	Object is locked	skipped
C:\WINDOWS\system32\config\SecEvent.Evt	Object is locked	skipped
C:\WINDOWS\system32\config\SECURITY	Object is locked	skipped
C:\WINDOWS\system32\config\SECURITY.LOG	Object is locked	skipped
C:\WINDOWS\system32\config\software	Object is locked	skipped
C:\WINDOWS\system32\config\software.LOG	Object is locked	skipped
C:\WINDOWS\system32\config\SysEvent.Evt	Object is locked	skipped
C:\WINDOWS\system32\config\system	Object is locked	skipped
C:\WINDOWS\system32\config\system.LOG	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP	Object is locked	skipped
C:\WINDOWS\Temp\Perflib_Perfdata_460.dat	Object is locked	skipped
C:\WINDOWS\wiadebug.log	Object is locked	skipped
C:\WINDOWS\wiaservc.log	Object is locked	skipped
C:\WINDOWS\WindowsUpdate.log	Object is locked	skipped
D:\mes documents\helene\Mes Historiques de Conversation\février 2008\soul_lost@hotmail.fr.html	Object is locked	skipped
D:\System Volume Information\MountPointManagerRemoteDatabase	Object is locked	skipped
E:\APPS\codec\DivXPro502GAINBundle.exe/Gain_Trickler.exe	Infected: not-a-virus:AdWare.Win32.Gator.3202	skipped
E:\APPS\codec\DivXPro502GAINBundle.exe	Vise: infected - 1	skipped
E:\System Volume Information\MountPointManagerRemoteDatabase	Object is locked	skipped
F:\Mes documents\Disquette hack a domicile\mailpv.zip/mailpv.exe	Infected: Backdoor.Win32.Prorat.19.p	skipped
F:\Mes documents\Disquette hack a domicile\mailpv.zip	ZIP: infected - 1	skipped
F:estore\backup.pst/Dossiers personnels/Éléments supprimés/06 May 2005 18:32 from register@hotmail.com:Registration Confirm/account_info-text.zip	Infected: Email-Worm.Win32.Sober.p	skipped
F:estore\backup.pst	Mail MS Mail: infected - 1	skipped
F:\System Volume Information\MountPointManagerRemoteDatabase	Object is locked	skipped

Scan process completed.

theodiablo · Answer

et voila le nouveau log hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 20:12:15, on 07/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\aswUpdSv.exe
C:\Program Files\Antivirus\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ANTIVI~1\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Hijackthis\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:///???*??Q???????*???7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http:///???*??Q???????*???7
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O2 - BHO: GetRight IE Download Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [MaBtSh] C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [Microsoftf DDEs ContrDL] runm.pif
O4 - HKCU\..\Run: [Steam] "E:\APPS\steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Antivirus\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Antivirus\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\System32
vsvc32.exe (file missing)
O23 - Service: olMntrService - Olivetti - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: Pptp55islnt - Unknown owner - (no file)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - d:\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - d:\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

alors, c'est grave docteur?

FillPCA · Answer

Salut,

Peux-tu faire ceci ?

    *  Télécharge combofix.exe (par sUBs) sur ton Bureau : http://download.bleepingcomputer.com/sUBs/ComboFix.exe
    * Double clique combofix.exe et suis les invites.
    * Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.

edite aussi un nouveau rapport Hijackthis.

FillPCA

theodiablo · Answer

voila le log avec combofix :

ComboFix 08-02.05.3 - helene 2008-02-09 11:46:22.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.178 [GMT 1:00]
Endroit: C:\Documents and Settings\helene\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration

[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
[i] ADS - svchost.exe: deleted 36 bytes in 1 streams. [/i]

(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\WINDOWS\system32\wl.exe

----- BITS: Possible sites infect‚s -----

hxxp://www.download.windowsupdate.com
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))

.
-------\LEGACY_MSDIRECTX
-------\poof

((((((((((((((((((((((((((((( Fichiers cr‚‚s 2008-01-09 to 2008-02-09 ))))))))))))))))))))))))))))))))))))
.

2008-02-06 13:27 . 2008-02-06 13:27 <REP> d-------- C:\WINDOWS\Documalis Free Scanner 1.0
2008-02-06 13:11 . 2008-02-06 13:11 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2008-02-06 13:11 . 2008-02-06 13:11 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-02-06 00:15 . 2008-02-06 00:15 <REP> d-------- C:\WINDOWS\system32\fr-fr
2008-02-06 00:13 . 2008-02-06 00:14 1,355 --a------ C:\WINDOWS\imsins.BAK
2008-02-06 00:12 . 2008-02-06 00:12 <REP> d--h----- C:\WINDOWS\$hf_mig$
2008-02-05 23:19 . 2008-02-05 23:19 <REP> d-------- C:\Documents and Settings\helene\Application Data\Grisoft
2008-02-05 23:19 . 2008-02-05 23:19 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-05 23:19 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-05 23:17 . 2008-02-05 23:17 <REP> d-------- C:\Program Files\CCleaner
2008-02-05 22:22 . 2008-02-05 22:22 10,960,186 --a------ C:\upload_moi_COOL.tar.gz
2008-02-05 22:11 . 2008-02-05 22:16 <REP> d-------- C:\fixwareout
2008-02-05 21:32 . 2008-02-05 23:00 <REP> d-------- C:\Program Files\Navilog1
2008-02-05 20:46 . 2008-02-08 19:35 <REP> d-------- C:\Hijackthis
2008-01-23 21:19 . 2008-02-05 22:46 <REP> d-------- C:\Program Files\PokerStars.NET
2008-01-21 20:28 . 2008-01-21 20:28 <REP> d-------- C:\Program Files\ffdshow
2008-01-21 20:28 . 2006-03-11 04:56 438,272 --a------ C:\WINDOWS\system32\Mpeg2DecFilter.ax
2008-01-21 20:28 . 2005-11-25 21:46 421,888 --a------ C:\WINDOWS\system32\RealMediaSplitter.ax
2008-01-21 20:28 . 2004-03-09 00:00 224,016 --a------ C:\WINDOWS\system32\tabctl32.ocx
2008-01-21 20:28 . 2008-01-15 18:35 60,273 --a------ C:\WINDOWS\system32\pthreadGC2.dll
2008-01-21 20:28 . 2008-01-15 18:35 7,680 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-01-21 20:28 . 2008-01-15 18:35 547 --a------ C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-01-21 20:28 . 2005-06-21 17:48 1 --a------ C:\WINDOWS\gamidnof.lnl
2008-01-14 18:38 . 2008-01-14 18:38 <REP> d-------- C:\WINDOWS\Sun
2008-01-10 20:16 . 2008-01-10 20:16 372 --a------ C:\WINDOWS\datalink.ini

.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-09 02:50 --------- d-----w C:\Documents and Settings\helene\Application Data\SolidDocuments
2008-02-05 22:18 --------- d-----w C:\Program Files\GetRight
2008-01-26 09:46 --------- d-----w C:\Program Files\Winamp
2008-01-21 18:10 --------- d-----w C:\Program Files\pspvideo9
2008-01-16 17:45 --------- d-----w C:\Program Files\PartyGaming
2008-01-11 14:21 --------- d-----w C:\Program Files\DivX
2008-01-09 14:22 --------- d-----w C:\Program Files\Antivirus
2008-01-07 20:08 --------- d-----w C:\Program Files\Fichiers communs\Softwin
2008-01-06 11:24 50,918 ----a-w C:\WINDOWS\system32\drivers\fwdrv.err
2008-01-01 23:47 --------- d-----w C:\Program Files\MSN Messenger
2008-01-01 23:47 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-31 17:55 --------- d-----w C:\Program Files\iTunes
2007-12-31 17:55 --------- d-----w C:\Program Files\iPod
2007-12-31 17:54 --------- d-----w C:\Program Files\QuickTime
2007-12-31 17:53 --------- d-----w C:\Program Files\Apple Software Update
2007-12-31 17:53 --------- d-----w C:\Documents and Settings\All Users\Application Data\Apple
2006-09-20 10:07 278,528 ----a-w C:\Program Files\Fichiers communs\FDEUnInstaller.exe
.

((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="E:\APPS\steam\Steam.exe" [2007-11-30 07:00 1266936]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-20 00:09 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Cmaudio"="cmicnfg.cpl" []
"OlStatusMon"="C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" [2006-07-26 15:20 106496]
"MaBtSh"="C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe" [2006-02-08 16:29 24576]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-12-11 10:56 286720]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-12-11 12:10 267048]
"avast!"="C:\PROGRA~1\ANTIVI~1\ashDisp.exe" [2007-12-04 14:00 79224]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices]
"Microsoftf DDEs ContrDL"="runm.pif" []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"= 0 (0x0)

R2 olMntrService;olMntrService;"C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe" [2006-07-24 11:02]
R3 cmudax;C-Media High Definition Audio Interface;C:\WINDOWS\system32\drivers\cmudax.sys [2004-07-28 09:06]
R3 ICAM8USB;Intel(r) PC Camera CS120;C:\WINDOWS\system32\Drivers\Icm8D2.SYS [2001-07-12 11:23]
R3 Ma730Pt;MA730 Bluetooth VCOM Driver;C:\WINDOWS\system32\DRIVERS\Ma730Pt.sys [2006-09-21 11:23]
R3 Ma730Vad;MA730 Bluetooth Audio;C:\WINDOWS\system32\DRIVERS\Ma730Vad.sys [2005-11-22 13:32]
S3 Ma730c;MA730 Bluetooth Core Driver;C:\WINDOWS\system32\DRIVERS\MA730C.sys [2007-01-08 14:06]
S3 PPPoEWin;PPPoEWin Miniport;C:\WINDOWS\system32\DRIVERS\PPPoEWin.SYS []
S3 SE2Ebus;Sony Ericsson Device 046 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\SE2Ebus.sys [2006-05-01 12:16]
S3 SE2Emdfl;Sony Ericsson Device 046 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\SE2Emdfl.sys [2006-05-01 12:17]
S3 SE2Emdm;Sony Ericsson Device 046 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\SE2Emdm.sys [2006-05-01 12:17]
S3 SE2Emgmt;Sony Ericsson Device 046 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\SE2Emgmt.sys [2006-05-01 12:18]
S3 se2End5;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (NDIS);C:\WINDOWS\system32\DRIVERS\se2End5.sys [2006-05-01 12:15]
S3 SE2Eobex;Sony Ericsson Device 046 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\SE2Eobex.sys [2006-05-01 12:18]
S3 se2Eunic;Sony Ericsson Device 046 USB Ethernet Emulation SEMC46 (WDM);C:\WINDOWS\system32\DRIVERS\se2Eunic.sys [2006-05-01 12:15]
S3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-04 06:58]
S3 USBSTOR;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-04 07:08]
S3 zlportio;zlportio;C:\Documents and Settings\theo\Bureau\zlportio.sys []

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e466c90-463b-11db-8491-806d6172696f}]
\Shell\AutoRun\command - G:\Setup.exe

.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2008-02-06 09:38:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-09 11:50:53
Windows 5.1.2600 Service Pack 2 NTFS

Balayage processus cach‚s ...

Balayage cach‚ autostart entries ...

Balayage des fichiers cach‚s ...

Scan termin‚ avec succŠs
Les fichiers cach‚s: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Antivirus\aswUpdSv.exe
C:\Program Files\Antivirus\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Antivirus\ashWebSv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\iPod\bin\iPodService.exe
.
**************************************************************************
.
Temps d'accomplissement: 2008-02-09 11:54:03 - machine was rebooted
ComboFix-quarantined-files.txt 2008-02-09 10:53:58
.
2008-01-07 19:46:33 --- E O F ---

et le nouveau avec Hijachthis:

Logfile of HijackThis v1.99.1
Scan saved at 11:54:50, on 09/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\aswUpdSv.exe
C:\Program Files\Antivirus\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Antivirus\ashWebSv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ANTIVI~1\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Hijackthis\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:///???*??Q???????*???7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http:///???*??Q???????*???7
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O2 - BHO: GetRight IE Download Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [MaBtSh] C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [Microsoftf DDEs ContrDL] runm.pif
O4 - HKCU\..\Run: [Steam] "E:\APPS\steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Antivirus\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Antivirus\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\System32\nvsvc32.exe (file missing)
O23 - Service: olMntrService - Olivetti - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: Pptp55islnt - Unknown owner - (no file)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - d:\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - d:\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

FillPCA · Answer

Salut,

Combofix a bien travaillé. Il reste encore une infection visible.

# Télécharge SDFix (créé par Andy Manchesta) et sauvegarde le sur ton Bureau : http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
# Imprime ceci.
# Redémarre ton ordinateur en mode sans échec en suivant la procédure que voici :

    * Redémarre ton ordinateur.
    * Après avoir entendu l'ordinateur biper lors du démarrage, mais avant que l'icône Windows apparaisse, tapote la touche F8 (ou F5).
    * A la place du chargement normal de Windows, un menu avec différentes options devrait apparaître.
    * Choisis la première option, pour exécuter Windows en mode sans échec, puis appuie sur "Entrée".
    * Choisis ton compte.

# Déroule la liste des instructions ci-dessous :

    * En mode sans échec, double-clique sur le fichier SDFix.exe et clique sur install,
    * Ouvre le dossier SDFix qui vient d'être créé dans le répertoire C:\ et double clique sur RunThis.bat pour lancer le script.
    * Appuie sur Y pour commencer le script.
    * Il va supprimer les services de certains trojans, effectuera aussi quelques réparations du Registre et il te demandera d'appuyer sur une touche pour redémarrer.
    * Appuie sur une touche pour redémarrer le PC.
    * Ton système sera plus long pour redémarrer qu'à l'accoutumée car l'outil va continuer à s'exécuter et supprimer des fichiers.
    * Après le chargement du Bureau, l'outil terminera son travail et affichera Finished
    * Appuie sur une touche pour finir l'exécution du script et charger les icônes de ton Bureau.
    * Enfin, ouvre le dossier de SDFix sur ton Bureau et copie/colle le contenu du fichier Report.txt dans ta prochaine réponse sur le forum, avec un nouveau log Hijackthis !

FillPCA

theodiablo · Answer

voila le log SDFix:

SDFix: Version 1.139

Run by helene on 09/02/2008 at 14:27

Microsoft Windows XP [version 5.1.2600]

Running From: C:\SDFix

Safe Mode:
Checking Services: 


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting...


Normal Mode:
Checking Files: 

Trojan Files Found:

C:\WINDOWS\system32\TFTP272 - Deleted
C:\WINDOWS\system32\o  - Deleted





Removing Temp Files...

ADS Check:
 


                                 Final Check:

catchme 0.3.1344.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-09 14:32:18
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\ESENT]
"EventMessageFile"=str(2):"c:\windows\system32\ESENT.dll"
"CategoryMessageFile"=str(2):"c:\windows\system32\ESENT.dll"

scanning hidden registry entries ...

scanning hidden files ...


scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 18


Remaining Services:
------------------



Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

Remaining Files:
---------------

File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes:

Fri  1 Jul 2005         4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Tue  5 Jun 2007             0 A.SH. --- "C:\Documents and Settings\All Users\DRM\Cache\Indiv01.tmp"
Sat 13 Nov 2004        37,376 A..H. --- "C:\Program Files\Fichiers communs\Adobe\ESD\DLMCleanup.exe"

Finished!






hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 14:39:55, on 09/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\aswUpdSv.exe
C:\Program Files\Antivirus\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ANTIVI~1\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Hijackthis\VERSION TRADUITE ORIGINALE.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:///???*??Q???????*???7
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http:///???*??Q???????*???7
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O2 - BHO: GetRight IE Download Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [MaBtSh] C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\RunServices: [Microsoftf DDEs ContrDL] runm.pif
O4 - HKCU\..\Run: [Steam] "E:\APPS\steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Antivirus\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Antivirus\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\System32
vsvc32.exe (file missing)
O23 - Service: olMntrService - Olivetti - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: Pptp55islnt - Unknown owner - (no file)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - d:\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - d:\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

FillPCA · Answer

Salut,

1/ Ouvre HIjackthis>"Do a scan only" et coche ceci :
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http:///???*??Q???????*???7 
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http:///???*??Q???????*???7 
O4 - HKLM\..\RunServices: [Microsoftf DDEs ContrDL] runm.pif 
O23 - Service: Pptp55islnt - Unknown owner - (no file) 

Clique sur fix/réparer.

2/ Ouvre Ccleaner et clique sur "lancer le nettoyage".

3/     * Télécharge Toolscleaner de A.Rothstein sur ton Bureau : http://a-rothstein.changelog.fr/TC/ToolsCleaner2.exe
    * Double-clique sur ToolsCleaner2.exe>Recherche puis Suppression,
    * Ton Bureau va disparaître. Ceci est normal.
    * S'il ne réapparait pas, fais ceci :  CTRL+ALT+SUP pour faire apparaître le gestionnaire de tâches.
      Rends-toi à l'onglet Processus, clique en haut à gauche sur "Fichiers" et choisis "Exécuter". Tape "explorer" et valide. Cela te fera ré-apparaître ton Bureau. Edite ce rapport.

4/ Refais un scan en ligne avec Kaspersky, mais choisis "My computer".

5/ Edite le rapport Toolscleaner, Kaspersky et un nouveau rapport Hijackthis.

FillPCA

theodiablo · Answer

je croi que je suis un boulet... j'ai pas sauvegardé le rapport de A.Rothstein :s, j'espère que c'est pas trop grave...

sinon, j'ai celui de kapersky: 

-------------------------------------------------------------------------------
 KASPERSKY ONLINE SCANNER REPORT
 Sunday, February 10, 2008 9:13:16 PM
 Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
 Kaspersky Online Scanner version: 5.0.98.0
 Kaspersky Anti-Virus database last update: 10/02/2008
 Kaspersky Anti-Virus database records: 556064
-------------------------------------------------------------------------------

Scan Settings:
	Scan using the following antivirus database: extended
	Scan Archives: true
	Scan Mail Bases: true

Scan Target - My Computer:
	A:\
	C:\
	D:\
	E:\
	F:\
	H:\

Scan Statistics:
	Total number of scanned objects: 105150
	Number of viruses found: 5
	Number of infected objects: 10
	Number of suspicious objects: 0
	Duration of the scan process: 01:16:33

Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\helene\Cookies\index.dat	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Feeds Cache\index.dat	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Messengerogerknocker@hotmail.com\SharingMetadata\Logs\Dfsr00005.log	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Messengerogerknocker@hotmail.com\SharingMetadata\pending.dat	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Messengerogerknocker@hotmail.com\SharingMetadata\Working\database_E8DC_B63D_DCB6_63A\dfsr.db	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Messengerogerknocker@hotmail.com\SharingMetadata\Working\database_E8DC_B63D_DCB6_63A\fsr.log	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Messengerogerknocker@hotmail.com\SharingMetadata\Working\database_E8DC_B63D_DCB6_63A\fsrtmp.log	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Messengerogerknocker@hotmail.com\SharingMetadata\Working\database_E8DC_B63D_DCB6_63A	mp.edb	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Windows Live Contactsogerknocker@hotmail.comeal\members.stg	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Application Data\Microsoft\Windows Live Contactsogerknocker@hotmail.com\shadow\members.stg	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Historique\History.IE5\index.dat	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Historique\History.IE5\MSHist012008021020080211\index.dat	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Temp\~DF6C34.tmp	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Temp\~DF6C4E.tmp	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Temp\~DF8255.tmp	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Temp\~DF826A.tmp	Object is locked	skipped
C:\Documents and Settings\helene\Local Settings\Temporary Internet Files\Content.IE5\index.dat	Object is locked	skipped
C:\Documents and Settings\helene
tuser.dat	Object is locked	skipped
C:\Documents and Settings\helene
tuser.dat.LOG	Object is locked	skipped
C:\Documents and Settings\helene\UserData\index.dat	Object is locked	skipped
C:\Documents and Settings\LocalService\Cookies\index.dat	Object is locked	skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat	Object is locked	skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat	Object is locked	skipped
C:\Documents and Settings\LocalService
tuser.dat	Object is locked	skipped
C:\Documents and Settings\LocalService
tuser.dat.LOG	Object is locked	skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat	Object is locked	skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG	Object is locked	skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT	Object is locked	skipped
C:\Documents and Settings\NetworkService
tuser.dat.LOG	Object is locked	skipped
C:\Documents and Settings	heo\Application Data\vmntoolbar\vmntoolbar_151.zip/vmntoolbar.dll	Infected: not-a-virus:AdWare.Win32.MegaSearch.j	skipped
C:\Documents and Settings	heo\Application Data\vmntoolbar\vmntoolbar_151.zip	ZIP: infected - 1	skipped
C:\Program Files\Antivirus\DATA\aswResp.dat	Object is locked	skipped
C:\Program Files\Antivirus\DATA\Avast4.db	Object is locked	skipped
C:\Program Files\Antivirus\DATA\log\AshWebSv.ws	Object is locked	skipped
C:\Program Files\Antivirus\DATA\log
shield.log	Object is locked	skipped
C:\Program Files\Antivirus\DATAeport\Protection résidente.txt	Object is locked	skipped
C:\Program Files\PartyGaming\PartyPoker\1346657.hhf	Object is locked	skipped
C:\Program Files\PartyGaming\PartyPoker\6087403.hhf	Object is locked	skipped
C:\Program Files\PartyGaming\PartyPoker\HandHistory\kadajkgc\20080210\Western European $150 Freeroll Speed (1325671) - Table n°119_1346657.txt	Object is locked	skipped
C:\Program Files\Visicom Media\FTP Expert 3\vmntoolbar\vmntoolbarsetup.exe/data0146	Infected: not-a-virus:AdWare.Win32.BHO.w	skipped
C:\Program Files\Visicom Media\FTP Expert 3\vmntoolbar\vmntoolbarsetup.exe	NSIS: infected - 1	skipped
C:\System Volume Information\MountPointManagerRemoteDatabase	Object is locked	skipped
C:\WINDOWS\Debug\PASSWD.LOG	Object is locked	skipped
C:\WINDOWS\SchedLgU.Txt	Object is locked	skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log	Object is locked	skipped
C:\WINDOWS\Sti_Trace.log	Object is locked	skipped
C:\WINDOWS\system32\CatRoot2\edb.log	Object is locked	skipped
C:\WINDOWS\system32\CatRoot2	mp.edb	Object is locked	skipped
C:\WINDOWS\system32\config\Antivirus.Evt	Object is locked	skipped
C:\WINDOWS\system32\config\AppEvent.Evt	Object is locked	skipped
C:\WINDOWS\system32\config\default	Object is locked	skipped
C:\WINDOWS\system32\config\default.LOG	Object is locked	skipped
C:\WINDOWS\system32\config\Internet.evt	Object is locked	skipped
C:\WINDOWS\system32\config\SAM	Object is locked	skipped
C:\WINDOWS\system32\config\SAM.LOG	Object is locked	skipped
C:\WINDOWS\system32\config\SecEvent.Evt	Object is locked	skipped
C:\WINDOWS\system32\config\SECURITY	Object is locked	skipped
C:\WINDOWS\system32\config\SECURITY.LOG	Object is locked	skipped
C:\WINDOWS\system32\config\software	Object is locked	skipped
C:\WINDOWS\system32\config\software.LOG	Object is locked	skipped
C:\WINDOWS\system32\config\SysEvent.Evt	Object is locked	skipped
C:\WINDOWS\system32\config\system	Object is locked	skipped
C:\WINDOWS\system32\config\system.LOG	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA	Object is locked	skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP	Object is locked	skipped
C:\WINDOWS\Temp\Perflib_Perfdata_468.dat	Object is locked	skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt	Object is locked	skipped
C:\WINDOWS\wiadebug.log	Object is locked	skipped
C:\WINDOWS\wiaservc.log	Object is locked	skipped
C:\WINDOWS\WindowsUpdate.log	Object is locked	skipped
D:\System Volume Information\MountPointManagerRemoteDatabase	Object is locked	skipped
E:\APPS\codec\DivXPro502GAINBundle.exe/Gain_Trickler.exe	Infected: not-a-virus:AdWare.Win32.Gator.3202	skipped
E:\APPS\codec\DivXPro502GAINBundle.exe	Vise: infected - 1	skipped
E:\System Volume Information\MountPointManagerRemoteDatabase	Object is locked	skipped
F:\Mes documents\Disquette hack a domicile\mailpv.zip/mailpv.exe	Infected: Backdoor.Win32.Prorat.19.p	skipped
F:\Mes documents\Disquette hack a domicile\mailpv.zip	ZIP: infected - 1	skipped
F:estore\backup.pst/Dossiers personnels/Éléments supprimés/06 May 2005 18:32 from register@hotmail.com:Registration Confirm/account_info-text.zip	Infected: Email-Worm.Win32.Sober.p	skipped
F:estore\backup.pst	Mail MS Mail: infected - 1	skipped
F:\System Volume Information\MountPointManagerRemoteDatabase	Object is locked	skipped

Scan process completed.



et celui de hijackthis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:21:14, on 10/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\aswUpdSv.exe
C:\Program Files\Antivirus\ashServ.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe
C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\PROGRA~1\ANTIVI~1\ashDisp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Antivirus\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SolidConverter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - C:\Program Files\SolidDocuments\SolidConverterPDF\ExploreExtPDF.dll
O2 - BHO: GetRight IE Download Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [OlStatusMon] "C:\Program Files\Olivetti\ANY_WAY\olDvcStatus.exe" dvcStatusMinimize
O4 - HKLM\..\Run: [MaBtSh] C:\Program Files\Mobile Action\Bluetooth Manager\MaBtSh.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ANTIVI~1\ashDisp.exe
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [Steam] "E:\APPS\steam\Steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/71365/kavwebscan_unicode.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Antivirus\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Antivirus\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Antivirus\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Antivirus\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\System32
vsvc32.exe (file missing)
O23 - Service: olMntrService - Olivetti - C:\Program Files\Olivetti\ANY_WAY\olMntrService.exe
O23 - Service: Pptp55islnt - Unknown owner - (no file)
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - d:\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - d:\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

FillPCA · Answer

Re,

Ce n'est pas grave.

Tu as un vieil Email à supprimer : regarde la date :
F:estore\backup.pst/Dossiers personnels/Éléments supprimés/06 May 2005 18:32 from register@hotmail.com:Registration Confirm/account_info-text.zip

Il faut aussi supprimer cela :
C:\Documents and Settings	heo\Application Data\vmntoolbar\vmntoolbar_151.zip
C:\Program Files\Visicom Media\FTP Expert 3\vmntoolbar\vmntoolbarsetup.exe
E:\APPS\codec\DivXPro502GAINBundle.exe
F:\Mes documents\Disquette hack a domicile\mailpv.zip

1/ Il est fortement recommandé d'avoir tous ses logiciels de sécurité à jour, afin d'éviter les failles par lesquelles s'engouffrent les infections.
2/ Tu peux supprimer tous les logiciels que nous avons utilisés (Type: SmitFraufix, Blacklight, SDFix, lopxpMH, ect.....) qui traitent des infections spécifiques et qui sont mis à jour régulièrement. Il est inutile de les garder sur ton PC.
Tu peux par contre, garder AVG Antispyware et CCleaner.
3/ /!\ Maintenant que ton PC n'est plus infecté, désactive puis réactive ta "Restauration du système" afin de créer un point de restauration sain.
Pour désactiver ou activer la Restauration du système, tu dois  ouvrir une session Administrateur sous Windows XP. 
Désactivation:
Cliquer droit sur le "Poste de travail" > Propriétés > onglet "Restauration du système" > cocher la case "Désactiver la Restauration du système sur tous les lecteurs"
> Appliquer et Ok. 
Activation:
Suivre le même chemin ; décocher la case "Désactiver la Restauration du système sur tous les lecteurs" 
> Appliquer et Ok. Redémarrer l'ordinateur.
Comment faire pour...(lettre A): https://forum.pcastuces.com/sujet.asp?f=25&s=3902 
4/ Pour améliorer la sécurité de ton PC prend quelques instants pour lire:
Sécuriser son PC +WIFI (versions "hot" & "light"): https://forum.pcastuces.com/default.asp 
5/ Dénonce ton infection pour faire condamner les auteurs.

Crée un message pour faire avancer les choses sur Malware-Complaints, nous devons être les plus nombreux possibles, alors rends compte de ton infection :
- Voir les règles du forum : https://malwarecomplaints.info/
- Après t'être enregistré à l'aide du bouton en haut se nommant "Register"
Si tu as plus de 13 ans, choisir : "I Agree to these terms and am over or exactly 13 years of age"
Si tu as moins, clique sur : "I Agree to these terms and am under 13 years of age"

Tu as alors, sous forme de liste, un sujet par type d'infection (Look2Me, Smitfraud, SpywareQuake etc..).

*** Tes infections : Navipromo, Wareout, divers vers ***
>> https://malwarecomplaints.info/
Si le malware que tu as eu n'apparaît pas dans la liste, ou si tu ne sais pas par quoi tu étais infecté(e), crée un message dans le sujet Autres infections, conforme au règle du forum (âge, ville, département etc..)
Indique aussi le nom du Forum qui t'a aidé : CCM 
6/ Tu peux marquer ton sujet comme résolu en cliquant sur le bouton.
7/ Je te conseille enfin de défragmenter ton PC : http://www.coupdepoucepc.com/modules/news/article.php?storyid=218

Bon surf !

FillPCA

theodiablo · Answer

hébien merci infiniement monsieur!
je suis bien content de m'etre enfin débarassé de toutes ces infections, et en effet, je trouve que mon ordi est un peu plus rapide maintenant! c'est super! merci!!

FillPCA · Answer

Content d'avoir pu être utile. Et prudence sur le net !

FillPCA

Problème avec google, virus?

32 réponses

Votre réponse

Newsletters