Probleme virus (Log Hijack dans la suite)
Matthieu
-
Matthieu -
Matthieu -
Bonjour,
Boujour depuis hier que se soit avec avast ou antivir il detectent tous les logiciels comme virus
Voici le log Hijack:
Scan saved at 20:37:55, on 12/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\WINDOWS\system32\WiFiCfg.exe
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Matthieu\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Microsoft Update Machine] emkvif.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] emkvif.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [RayV] C:\Program Files\RayV\RayV\RayV.exe /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [Microsoft Update Machine] emkvif.exe
O4 - Startup: 802.11g USB 2.0 adapter Setting.lnk = C:\WINDOWS\system32\WiFiCfg.exe
O4 - Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe
O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV\MaxTV.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://helpx.adobe.com/shockwave/shockwave-end-of-life-faq.html [...] wflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
Merci pour votre aide
Boujour depuis hier que se soit avec avast ou antivir il detectent tous les logiciels comme virus
Voici le log Hijack:
Scan saved at 20:37:55, on 12/02/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\BitTorrent_DNA\dna.exe
C:\WINDOWS\system32\WiFiCfg.exe
C:\WINDOWS\system32\PRISMSVR.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Matthieu\Bureau\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.fr/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://www.bing.com/?toHttps=1&redig=5FC791212101479BAFBE1A679848B1AF
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.msn.com/fr-fr/?ocid=iehp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Microsoft Update Machine] emkvif.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] emkvif.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [RayV] C:\Program Files\RayV\RayV\RayV.exe /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Program Files\BitTorrent_DNA\dna.exe"
O4 - HKCU\..\Run: [Microsoft Update Machine] emkvif.exe
O4 - Startup: 802.11g USB 2.0 adapter Setting.lnk = C:\WINDOWS\system32\WiFiCfg.exe
O4 - Startup: GigaTribe.lnk = C:\Program Files\GigaTribe\gigatribe.exe
O4 - Startup: MaxTV.lnk = C:\Program Files\DMV\MaxTV\MaxTV.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'c:\program files\bonjour\mdnsnsp.dll' missing
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://helpx.adobe.com/shockwave/shockwave-end-of-life-faq.html [...] wflash.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Unknown owner - C:\Program Files\Bonjour\mDNSResponder.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\SPTISRV.exe
Merci pour votre aide
A voir également:
- Probleme virus (Log Hijack dans la suite)
- Virus mcafee - Accueil - Piratage
- Hijack this - Télécharger - Antivirus & Antimalwares
- Virus facebook demande d'amis - Accueil - Facebook
- Virus informatique - Guide
- Panda anti virus gratuit - Télécharger - Antivirus & Antimalwares
7 réponses
slt,
vire avast de ton ordi, il ne faut en garder qu'un antivirus et antivir et le mieux actuellement
_____________
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Microsoft Update Machine] emkvif.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] emkvif.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] emkvif.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
______________
colle moi ensuite un rapport antivir
vire avast de ton ordi, il ne faut en garder qu'un antivirus et antivir et le mieux actuellement
_____________
Relance HijackThis, choisis "do a scan only" coche la case devant les lignes ci-dessous et clic en bas sur "fix checked".
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Microsoft Update Machine] emkvif.exe
O4 - HKLM\..\RunServices: [Microsoft Update Machine] emkvif.exe
O4 - HKCU\..\Run: [Microsoft Update Machine] emkvif.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
______________
colle moi ensuite un rapport antivir
Bonjour;
Merci pour votre aide sa semble allé nickel pour le moment je vais rebooter mon ordi apres avoir ecrit ce message.
Voici le rapport de Antivir
AntiVir PersonalEdition Classic
Report file date: mercredi 13 février 2008 14:48
Scanning for 1101423 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Matthieu
Computer name: CAREIL
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 13:47:04
ANTIVIR2.VDF : 7.0.2.113 1673728 Bytes 08/02/2008 13:47:04
ANTIVIR3.VDF : 7.0.2.130 79872 Bytes 13/02/2008 13:47:04
AVEWIN32.DLL : 7.6.0.65 3240448 Bytes 13/02/2008 13:47:05
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 13/02/2008 13:47:05
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Rootkit search
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
Logging..........................: high
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Scan memory......................: off
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Expanded search settings.........: 0x00300922
Start of the scan: mercredi 13 février 2008 14:48
Starting search for hidden objects.
'402519' objects were checked, '0' hidden objects were found.
End of the scan: mercredi 13 février 2008 14:54
Used time: 05:55 min
The scan has been done completely.
0 Scanning directories
0 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
0 Files not concerned
0 Archives were scanned
0 Warnings
0 Notes
402519 Objects were scanned with rootkit scan
0 Hidden objects were found
PS: j'avais desinstaller antivir quand j'ai installer Avast.. ..que j'ai resupprimer puis j'ai reinstaller antivir...
Merci pour votre aide sa semble allé nickel pour le moment je vais rebooter mon ordi apres avoir ecrit ce message.
Voici le rapport de Antivir
AntiVir PersonalEdition Classic
Report file date: mercredi 13 février 2008 14:48
Scanning for 1101423 virus strains and unwanted programs.
Licensed to: Avira AntiVir PersonalEdition Classic
Serial number: 0000149996-ADJIE-0001
Platform: Windows XP
Windows version: (Service Pack 2) [5.1.2600]
Username: Matthieu
Computer name: CAREIL
Version information:
BUILD.DAT : 270 15603 Bytes 19/09/2007 13:32:00
AVSCAN.EXE : 7.0.6.1 290856 Bytes 23/08/2007 13:16:29
AVSCAN.DLL : 7.0.6.0 49192 Bytes 16/08/2007 12:23:51
LUKE.DLL : 7.0.5.3 147496 Bytes 14/08/2007 15:32:47
LUKERES.DLL : 7.0.6.1 10280 Bytes 21/08/2007 12:35:20
ANTIVIR0.VDF : 6.40.0.0 11030528 Bytes 18/07/2007 14:27:15
ANTIVIR1.VDF : 7.0.1.95 3367424 Bytes 14/12/2007 13:47:04
ANTIVIR2.VDF : 7.0.2.113 1673728 Bytes 08/02/2008 13:47:04
ANTIVIR3.VDF : 7.0.2.130 79872 Bytes 13/02/2008 13:47:04
AVEWIN32.DLL : 7.6.0.65 3240448 Bytes 13/02/2008 13:47:05
AVWINLL.DLL : 1.0.0.7 14376 Bytes 26/02/2007 10:36:26
AVPREF.DLL : 7.0.2.2 25640 Bytes 18/07/2007 07:39:17
AVREP.DLL : 7.0.0.1 155688 Bytes 16/04/2007 13:16:24
AVPACK32.DLL : 7.6.0.3 360488 Bytes 13/02/2008 13:47:05
AVREG.DLL : 7.0.1.6 30760 Bytes 18/07/2007 07:17:06
AVARKT.DLL : 1.0.0.20 278568 Bytes 28/08/2007 12:26:33
AVEVTLOG.DLL : 7.0.0.20 86056 Bytes 18/07/2007 07:10:18
NETNT.DLL : 7.0.0.0 7720 Bytes 08/03/2007 11:09:42
RCIMAGE.DLL : 7.0.1.30 2342952 Bytes 07/08/2007 12:38:13
RCTEXT.DLL : 7.0.62.0 86056 Bytes 21/08/2007 12:50:37
SQLITE3.DLL : 3.3.17.1 339968 Bytes 23/07/2007 09:37:21
Configuration settings for the scan:
Jobname..........................: Rootkit search
Configuration file...............: C:\Documents and Settings\All Users\Application Data\Avira\AntiVir PersonalEdition Classic\PROFILES\rootkit.avp
Logging..........................: high
Primary action...................: interactive
Secondary action.................: ignore
Scan master boot sector..........: off
Scan boot sector.................: on
Scan memory......................: off
Process scan.....................: off
Scan registry....................: off
Search for rootkits..............: on
Scan all files...................: All files
Scan archives....................: on
Recursion depth..................: 20
Smart extensions.................: on
Macro heuristic..................: on
File heuristic...................: high
Expanded search settings.........: 0x00300922
Start of the scan: mercredi 13 février 2008 14:48
Starting search for hidden objects.
'402519' objects were checked, '0' hidden objects were found.
End of the scan: mercredi 13 février 2008 14:54
Used time: 05:55 min
The scan has been done completely.
0 Scanning directories
0 Files were scanned
0 viruses and/or unwanted programs were found
0 Files were classified as suspicious:
0 files were deleted
0 files were repaired
0 files were moved to quarantine
0 files were renamed
0 Files cannot be scanned
0 Files not concerned
0 Archives were scanned
0 Warnings
0 Notes
402519 Objects were scanned with rootkit scan
0 Hidden objects were found
PS: j'avais desinstaller antivir quand j'ai installer Avast.. ..que j'ai resupprimer puis j'ai reinstaller antivir...
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
bizarre!
AVG antispyware
https://www.01net.com/telecharger/
Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
->Relance AVG AS -> "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici
_______________________
combofix (colle le rapport)
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
_______________
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
secuser en ligne :
http://www.secuser.com/outils/antivirus.htm
AVG antispyware
https://www.01net.com/telecharger/
Tuto :
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
->Relance AVG AS -> "Analyse" ->"Paramètres"
Sous la question "Comment réagir ?" :
-> clique sur "Actions recommandées" et choisis "Quarantaines"
-> Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
Si un fichier est infecté en fin d'analyse
->Clique sur "Appliquer toutes les actions "
->Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous".
->Enregistre ce fichier texte sur ton bureau ensuite colle le rapport ici
_______________________
combofix (colle le rapport)
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
_______________
colle le rapport d'un scan en ligne
avec un des suivants:
bitdefender en ligne :
http://www.bitdefender.fr/scan_fr/scan8/ie.html
Panda en ligne :
http://pandasoftware.fr
secuser en ligne :
http://www.secuser.com/outils/antivirus.htm
La sa veut pas ouvrir de logiciel les raccourci ne marchent pas du coup je doit aller les executer dans programme files... ...galer et certain sont soit disant corronmpu et ne s'ouvre pas...
Voici le rapport de Combo fixe:
ComboFix 08-02-13.2 - Matthieu 2008-02-13 21:47:13.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.519 [GMT 1:00]
Endroit: C:\Documents and Settings\Matthieu\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\WINDOWS\ufdata2000.log
----- BITS: Possible sites infectés -----
hxxp://au.download.windowsupdate.c
.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-13 to 2008-02-13 ))))))))))))))))))))))))))))))))))))
.
2008-02-13 21:45 . 2008-02-13 21:45 <REP> d-------- C:\Program Files\Panda Security
2008-02-13 21:44 . 2008-02-13 21:44 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\Grisoft
2008-02-13 21:44 . 2008-02-13 21:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-13 21:44 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-13 21:32 . 2004-08-10 20:00 251,356 --a------ C:\WINDOWS\system32\OLD51.tmp
2008-02-13 21:31 . 2004-08-10 20:00 259,546 --a------ C:\WINDOWS\system32\OLD49.tmp
2008-02-13 21:31 . 2004-08-10 20:00 243,166 --a------ C:\WINDOWS\system32\OLD4D.tmp
2008-02-13 21:03 . 2004-08-10 20:00 370,654 --a------ C:\WINDOWS\system32\OLD45.tmp
2008-02-13 21:00 . 2008-02-13 21:45 <REP> d-------- C:\WINDOWS\LastGood
2008-02-13 21:00 . 2004-08-10 20:00 237,014 --a------ C:\WINDOWS\system32\OLD41.tmp
2008-02-13 18:55 . 2008-02-13 19:00 <REP> d-------- C:\Animagic
2008-02-13 18:55 . 1994-08-22 22:36 25,808 --a------ C:\WINDOWS\ctl3dv2.dll
2008-02-13 18:55 . 2008-02-13 18:55 16 --a------ C:\WINDOWS\aninst00.whe
2008-02-13 14:45 . 2008-02-13 14:45 <REP> d-------- C:\Program Files\Avira
2008-02-12 20:07 . 2007-12-04 13:54 275,936 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-12 20:07 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-12 20:07 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-12 20:07 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-12 20:07 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-12 20:07 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-12 20:06 . 2008-02-12 20:06 <REP> d-------- C:\Program Files\Alwil Software
2008-02-12 20:06 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-12 20:06 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-11 19:39 . 2008-02-11 19:48 <REP> d-------- C:\Program Files\CDex_170b2
2008-02-11 18:52 . 2008-02-11 18:52 49 --a------ C:\WINDOWS\cdplayer.ini
2008-02-10 15:51 . 2008-02-10 15:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-02-10 15:38 . 2008-02-10 15:38 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2008-02-10 15:29 . 2008-02-10 15:29 <REP> d-------- C:\Program Files\MagicISO
2008-02-03 12:15 . 2008-02-03 12:15 368,640 --a------ C:\WINDOWS\system32\ReWire.dll
2008-02-03 11:43 . 2008-02-03 12:15 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\Propellerhead Software
2008-02-03 11:43 . 2008-02-03 11:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
2008-02-03 11:42 . 2008-02-03 11:42 <REP> d-------- C:\Program Files\Propellerhead
2008-02-03 11:26 . 2008-02-03 11:31 <REP> d-------- C:\Program Files\DAEMON Tools Lite
2008-02-03 11:26 . 2008-02-03 11:28 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\DAEMON Tools
2008-02-03 11:23 . 2008-02-03 11:23 <REP> d-------- C:\Program Files\Alcohol Soft
2008-02-03 11:13 . 2008-02-03 11:13 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-02-02 10:44 . 2008-02-02 10:44 244 --ah----- C:\sqmnoopt03.sqm
2008-02-02 10:44 . 2008-02-02 10:44 232 --ah----- C:\sqmdata03.sqm
2008-01-30 15:45 . 2008-01-30 15:45 <REP> d-------- C:\Program Files\GigaTribe
2008-01-30 15:45 . 2008-01-30 15:45 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\GigaTribe
2008-01-30 15:16 . 2008-01-30 15:16 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\LangEdit
2008-01-27 15:21 . 2008-01-27 15:21 <REP> d-------- C:\Program Files\eRightSoft
2008-01-27 15:21 . 2007-12-17 14:43 27,648 ---hs---- C:\WINDOWS\system32\Smab0.dll
2008-01-27 15:16 . 2008-01-27 15:16 <REP> d--h----- C:\WINDOWS\PIF
2008-01-24 19:05 . 2008-01-24 19:05 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-01-24 19:02 . 2008-01-24 19:06 <REP> d-------- C:\Program Files\Globe7
2008-01-24 19:02 . 2008-01-24 19:02 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\Globe7
2008-01-23 15:19 . 2008-01-23 15:19 <REP> d-------- C:\WINDOWS\options
2008-01-23 15:19 . 2008-01-23 15:19 <REP> d-------- C:\WINDOWS\Drivers
2008-01-23 15:19 . 2008-01-23 15:19 <REP> d-------- C:\Program Files\802.11g USB2.0 Adapter
2008-01-20 11:25 . 2008-01-20 11:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Prism
2008-01-20 11:24 . 2008-01-23 15:19 15,781 --a------ C:\WINDOWS\system32\drivers\mdc8021x.sys
2008-01-19 15:02 . 2008-01-19 15:03 <REP> d-------- C:\Program Files\Opera
2008-01-16 17:49 . 2008-01-16 17:49 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\Media Player Classic
2008-01-16 17:37 . 2008-01-16 17:54 <REP> d-------- C:\Documents and Settings\Matthieu\dwhelper
2008-01-14 21:05 . 2008-01-14 21:05 <REP> d-------- C:\Program Files\Audacity
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-13 20:47 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\BitTorrent DNA
2008-02-13 19:07 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\uTorrent
2008-02-13 18:46 --------- d-----w C:\Program Files\Mp3tag
2008-02-12 18:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-02-10 14:48 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-09 14:33 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\BitTorrent
2008-02-09 14:32 --------- d-----w C:\Program Files\BitTorrent
2008-02-06 13:59 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\Hamachi
2008-01-30 16:02 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\Canon
2008-01-23 14:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-19 19:00 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\Audacity
2008-01-14 20:04 --------- d-----w C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-01-06 20:06 --------- d-----w C:\Program Files\Tagada
2008-01-04 17:07 --------- d-----w C:\Program Files\MediaCoder
2008-01-04 16:30 308,700 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2008-01-04 16:30 --------- d-----w C:\Program Files\Illustrate
2008-01-02 15:38 --------- d-----w C:\Program Files\tuxguitar-0.9.1
2008-01-01 16:48 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\dvdcss
2007-12-31 13:51 --------- d-----w C:\Program Files\Micro Application
2007-12-31 13:32 --------- d-----w C:\Program Files\WinAVI MP4 Converter
2007-12-31 09:58 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\InterVideo
2007-12-30 14:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-12-30 14:17 --------- d-----w C:\Program Files\Fichiers communs\AVSMedia
2007-12-30 14:17 --------- d-----w C:\Program Files\AVS4YOU
2007-12-30 13:50 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\AVS4YOU
2007-12-30 13:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVS4YOU
2007-12-29 16:59 --------- d-----w C:\Program Files\AviSynth 2.5
2007-12-29 15:13 --------- d-----w C:\Program Files\Windows Media Connect
2007-12-28 15:41 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\Sony
2007-12-28 15:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
2007-12-28 15:38 --------- d-----w C:\Program Files\Sony
2007-12-28 15:37 --------- d-----w C:\Program Files\Sony Setup
2007-12-28 15:26 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\DivX
2007-12-28 13:49 --------- d-----w C:\Program Files\Fichiers communs\Sony Shared
2007-12-28 13:48 --------- d-----w C:\Program Files\Common Files
2007-12-27 11:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-12-26 21:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-12-23 20:20 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-22 20:43 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-12-22 20:43 --------- d-----w C:\Program Files\Hamachi
2007-12-19 17:58 --------- d-----w C:\Program Files\LimeWire
2007-12-19 17:57 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\LimeWire
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-16 15:03 --------- d-----w C:\Program Files\DivX
2007-12-15 09:54 --------- d-----w C:\Program Files\BitTorrent_DNA
2007-12-11 22:34 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-12-11 22:34 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 18:38 701,912 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-12-04 18:38 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-12-04 18:38 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-12-04 18:38 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-12-04 18:38 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-12-04 18:36 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 18:36 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 18:36 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-12-04 18:36 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 18:36 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2007-12-04 18:36 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-12-04 18:36 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-12-04 18:36 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-12-04 18:36 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-12-04 18:36 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-12-04 18:36 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-12-04 18:36 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-12-04 18:35 337,372 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-12-04 18:35 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-27 21:15 233,472 ----a-w C:\WINDOWS\system32\REX Shared Library.dll
2007-11-13 08:31 399,360 ----a-w C:\WINDOWS\system32\Smab.dll
2007-06-13 13:22 505,312 --sh--r C:\WINDOWS\system32\emkvif.exe
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 20:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-14 10:16 246752]
"RayV"="C:\Program Files\RayV\RayV\RayV.exe" [ ]
"BitTorrent DNA"="C:\Program Files\BitTorrent_DNA\dna.exe" [2007-12-15 10:54 463836]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-13 21:21 185632]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-20 20:58 7581696]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [ ]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-13 14:47 249896]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51 217572]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 20:00 15360]
C:\Documents and Settings\Matthieu\Menu D‚marrer\Programmes\D‚marrage\
802.11g USB 2.0 adapter Setting.lnk - C:\WINDOWS\system32\WiFiCfg.exe [2004-05-21 15:19:00 389120]
GigaTribe.lnk - C:\Program Files\GigaTribe\gigatribe.exe [2008-01-30 15:45:23 1254872]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 20:00]
S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2005-12-22 13:45]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []
*Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER
*Newly Created Service* - AVG_ANTI-SPYWARE_GUARD
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-01 14:07:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-13 20:26:19 C:\WINDOWS\Tasks\User_Feed_Synchronization-{0FC36D16-518D-4CA9-A247-BFE50015DF09}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-13 21:50:16
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-02-13 21:50:45
ComboFix-quarantined-files.txt 2008-02-13 20:50:37
.
2008-02-12 20:34:35 --- E O F ---
Rapport AVG:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:15:54 13/02/2008
+ Résultat de l'analyse:
:mozilla.25:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@247realmedia[1].txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.169:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@himedia.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.193:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.197:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@adrevolver[2].txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@adtech[1].txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.216:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.218:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.219:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.220:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@advertising[1].txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.108:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Adviva : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@adviva[2].txt -> TrackingCookie.Adviva : Aucune action entreprise.
:mozilla.217:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.113:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.90:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.128:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@estat[1].txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.249:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.250:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@fastclick[1].txt -> TrackingCookie.Fastclick : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@ehg-francetel.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@hitbox[2].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@hotlog[1].txt -> TrackingCookie.Hotlog : Aucune action entreprise.
:mozilla.38:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.39:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.162:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@overture[1].txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.224:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Paypal : Aucune action entreprise.
:mozilla.204:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.205:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.206:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.207:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.208:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.209:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.210:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.211:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.272:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise.
:mozilla.273:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise.
:mozilla.91:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.92:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.93:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.94:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.95:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.96:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.97:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.163:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.164:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.12:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.13:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.14:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.15:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.58:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.61:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.62:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.121:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Toplist : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@toplist[1].txt -> TrackingCookie.Toplist : Aucune action entreprise.
:mozilla.104:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.106:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.6:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.7:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.214:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.10:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.139:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.140:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.141:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.7:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.8:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.9:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.146:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.147:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.148:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.149:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@zedo[1].txt -> TrackingCookie.Zedo : Aucune action entreprise.
Fin du rapport
Et BitDefeder a reparer tous les dossier endomager par Win32.Partie.B
Voici le rapport de Combo fixe:
ComboFix 08-02-13.2 - Matthieu 2008-02-13 21:47:13.1 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.519 [GMT 1:00]
Endroit: C:\Documents and Settings\Matthieu\Bureau\ComboFix.exe
* Création d'un nouveau point de restauration
[color=red][b]AVERTISSEMENT - LA CONSOLE DE RÉCUPÉRATION N'EST PAS INSTALLÉE SUR CETTE MACHINE !![/b][/color]
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
C:\WINDOWS\ufdata2000.log
----- BITS: Possible sites infectés -----
hxxp://au.download.windowsupdate.c
.
((((((((((((((((((((((((((((( Fichiers créés 2008-01-13 to 2008-02-13 ))))))))))))))))))))))))))))))))))))
.
2008-02-13 21:45 . 2008-02-13 21:45 <REP> d-------- C:\Program Files\Panda Security
2008-02-13 21:44 . 2008-02-13 21:44 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\Grisoft
2008-02-13 21:44 . 2008-02-13 21:44 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-02-13 21:44 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-02-13 21:32 . 2004-08-10 20:00 251,356 --a------ C:\WINDOWS\system32\OLD51.tmp
2008-02-13 21:31 . 2004-08-10 20:00 259,546 --a------ C:\WINDOWS\system32\OLD49.tmp
2008-02-13 21:31 . 2004-08-10 20:00 243,166 --a------ C:\WINDOWS\system32\OLD4D.tmp
2008-02-13 21:03 . 2004-08-10 20:00 370,654 --a------ C:\WINDOWS\system32\OLD45.tmp
2008-02-13 21:00 . 2008-02-13 21:45 <REP> d-------- C:\WINDOWS\LastGood
2008-02-13 21:00 . 2004-08-10 20:00 237,014 --a------ C:\WINDOWS\system32\OLD41.tmp
2008-02-13 18:55 . 2008-02-13 19:00 <REP> d-------- C:\Animagic
2008-02-13 18:55 . 1994-08-22 22:36 25,808 --a------ C:\WINDOWS\ctl3dv2.dll
2008-02-13 18:55 . 2008-02-13 18:55 16 --a------ C:\WINDOWS\aninst00.whe
2008-02-13 14:45 . 2008-02-13 14:45 <REP> d-------- C:\Program Files\Avira
2008-02-12 20:07 . 2007-12-04 13:54 275,936 --a------ C:\WINDOWS\system32\AvastSS.scr
2008-02-12 20:07 . 2007-12-04 15:55 94,544 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2008-02-12 20:07 . 2007-12-04 15:56 93,264 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2008-02-12 20:07 . 2007-12-04 15:51 42,912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2008-02-12 20:07 . 2007-12-04 15:49 26,624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2008-02-12 20:07 . 2007-12-04 15:53 23,152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2008-02-12 20:06 . 2008-02-12 20:06 <REP> d-------- C:\Program Files\Alwil Software
2008-02-12 20:06 . 2007-12-04 14:04 837,496 --a------ C:\WINDOWS\system32\aswBoot.exe
2008-02-12 20:06 . 2004-01-09 10:13 380,928 --a------ C:\WINDOWS\system32\actskin4.ocx
2008-02-11 19:39 . 2008-02-11 19:48 <REP> d-------- C:\Program Files\CDex_170b2
2008-02-11 18:52 . 2008-02-11 18:52 49 --a------ C:\WINDOWS\cdplayer.ini
2008-02-10 15:51 . 2008-02-10 15:51 <REP> d-------- C:\Documents and Settings\All Users\Application Data\FLEXnet
2008-02-10 15:38 . 2008-02-10 15:38 <REP> d-------- C:\Program Files\Fichiers communs\Macrovision Shared
2008-02-10 15:29 . 2008-02-10 15:29 <REP> d-------- C:\Program Files\MagicISO
2008-02-03 12:15 . 2008-02-03 12:15 368,640 --a------ C:\WINDOWS\system32\ReWire.dll
2008-02-03 11:43 . 2008-02-03 12:15 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\Propellerhead Software
2008-02-03 11:43 . 2008-02-03 11:43 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Propellerhead Software
2008-02-03 11:42 . 2008-02-03 11:42 <REP> d-------- C:\Program Files\Propellerhead
2008-02-03 11:26 . 2008-02-03 11:31 <REP> d-------- C:\Program Files\DAEMON Tools Lite
2008-02-03 11:26 . 2008-02-03 11:28 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\DAEMON Tools
2008-02-03 11:23 . 2008-02-03 11:23 <REP> d-------- C:\Program Files\Alcohol Soft
2008-02-03 11:13 . 2008-02-03 11:13 715,248 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-02-02 10:44 . 2008-02-02 10:44 244 --ah----- C:\sqmnoopt03.sqm
2008-02-02 10:44 . 2008-02-02 10:44 232 --ah----- C:\sqmdata03.sqm
2008-01-30 15:45 . 2008-01-30 15:45 <REP> d-------- C:\Program Files\GigaTribe
2008-01-30 15:45 . 2008-01-30 15:45 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\GigaTribe
2008-01-30 15:16 . 2008-01-30 15:16 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\LangEdit
2008-01-27 15:21 . 2008-01-27 15:21 <REP> d-------- C:\Program Files\eRightSoft
2008-01-27 15:21 . 2007-12-17 14:43 27,648 ---hs---- C:\WINDOWS\system32\Smab0.dll
2008-01-27 15:16 . 2008-01-27 15:16 <REP> d--h----- C:\WINDOWS\PIF
2008-01-24 19:05 . 2008-01-24 19:05 <REP> d--hs---- C:\WINDOWS\ftpcache
2008-01-24 19:02 . 2008-01-24 19:06 <REP> d-------- C:\Program Files\Globe7
2008-01-24 19:02 . 2008-01-24 19:02 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\Globe7
2008-01-23 15:19 . 2008-01-23 15:19 <REP> d-------- C:\WINDOWS\options
2008-01-23 15:19 . 2008-01-23 15:19 <REP> d-------- C:\WINDOWS\Drivers
2008-01-23 15:19 . 2008-01-23 15:19 <REP> d-------- C:\Program Files\802.11g USB2.0 Adapter
2008-01-20 11:25 . 2008-01-20 11:25 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Prism
2008-01-20 11:24 . 2008-01-23 15:19 15,781 --a------ C:\WINDOWS\system32\drivers\mdc8021x.sys
2008-01-19 15:02 . 2008-01-19 15:03 <REP> d-------- C:\Program Files\Opera
2008-01-16 17:49 . 2008-01-16 17:49 <REP> d-------- C:\Documents and Settings\Matthieu\Application Data\Media Player Classic
2008-01-16 17:37 . 2008-01-16 17:54 <REP> d-------- C:\Documents and Settings\Matthieu\dwhelper
2008-01-14 21:05 . 2008-01-14 21:05 <REP> d-------- C:\Program Files\Audacity
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-13 20:47 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\BitTorrent DNA
2008-02-13 19:07 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\uTorrent
2008-02-13 18:46 --------- d-----w C:\Program Files\Mp3tag
2008-02-12 18:16 --------- d-----w C:\Documents and Settings\All Users\Application Data\Avira
2008-02-10 14:48 --------- d-----w C:\Program Files\Fichiers communs\Adobe
2008-02-09 14:33 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\BitTorrent
2008-02-09 14:32 --------- d-----w C:\Program Files\BitTorrent
2008-02-06 13:59 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\Hamachi
2008-01-30 16:02 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\Canon
2008-01-23 14:19 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-01-19 19:00 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\Audacity
2008-01-14 20:04 --------- d-----w C:\Program Files\Audacity 1.3 Beta (Unicode)
2008-01-06 20:06 --------- d-----w C:\Program Files\Tagada
2008-01-04 17:07 --------- d-----w C:\Program Files\MediaCoder
2008-01-04 16:30 308,700 ----a-w C:\WINDOWS\system32\SpoonUninstall.exe
2008-01-04 16:30 --------- d-----w C:\Program Files\Illustrate
2008-01-02 15:38 --------- d-----w C:\Program Files\tuxguitar-0.9.1
2008-01-01 16:48 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\dvdcss
2007-12-31 13:51 --------- d-----w C:\Program Files\Micro Application
2007-12-31 13:32 --------- d-----w C:\Program Files\WinAVI MP4 Converter
2007-12-31 09:58 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\InterVideo
2007-12-30 14:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\DVD Shrink
2007-12-30 14:17 --------- d-----w C:\Program Files\Fichiers communs\AVSMedia
2007-12-30 14:17 --------- d-----w C:\Program Files\AVS4YOU
2007-12-30 13:50 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\AVS4YOU
2007-12-30 13:49 --------- d-----w C:\Documents and Settings\All Users\Application Data\AVS4YOU
2007-12-29 16:59 --------- d-----w C:\Program Files\AviSynth 2.5
2007-12-29 15:13 --------- d-----w C:\Program Files\Windows Media Connect
2007-12-28 15:41 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\Sony
2007-12-28 15:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Sony
2007-12-28 15:38 --------- d-----w C:\Program Files\Sony
2007-12-28 15:37 --------- d-----w C:\Program Files\Sony Setup
2007-12-28 15:26 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\DivX
2007-12-28 13:49 --------- d-----w C:\Program Files\Fichiers communs\Sony Shared
2007-12-28 13:48 --------- d-----w C:\Program Files\Common Files
2007-12-27 11:40 --------- d-----w C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2007-12-26 21:29 --------- d-----w C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-12-23 20:20 --------- d-----w C:\Program Files\Messenger Plus! Live
2007-12-22 20:43 25,280 ----a-w C:\WINDOWS\system32\drivers\hamachi.sys
2007-12-22 20:43 --------- d-----w C:\Program Files\Hamachi
2007-12-19 17:58 --------- d-----w C:\Program Files\LimeWire
2007-12-19 17:57 --------- d-----w C:\Documents and Settings\Matthieu\Application Data\LimeWire
2007-12-18 09:51 179,584 ----a-w C:\WINDOWS\system32\drivers\mrxdav.sys
2007-12-16 15:03 --------- d-----w C:\Program Files\DivX
2007-12-15 09:54 --------- d-----w C:\Program Files\BitTorrent_DNA
2007-12-11 22:34 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-12-11 22:34 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-12-07 02:08 824,832 ----a-w C:\WINDOWS\system32\wininet.dll
2007-12-04 18:41 550,912 ----a-w C:\WINDOWS\system32\oleaut32.dll
2007-12-04 18:38 701,912 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-12-04 18:38 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-12-04 18:38 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-12-04 18:38 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-12-04 18:38 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-12-04 18:36 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-12-04 18:36 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-12-04 18:36 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-12-04 18:36 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-12-04 18:36 682,496 ----a-w C:\WINDOWS\system32\DivX.dll
2007-12-04 18:36 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-12-04 18:36 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-12-04 18:36 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-12-04 18:36 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-12-04 18:36 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-12-04 18:36 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-12-04 18:36 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-12-04 18:35 337,372 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-12-04 18:35 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-27 21:15 233,472 ----a-w C:\WINDOWS\system32\REX Shared Library.dll
2007-11-13 08:31 399,360 ----a-w C:\WINDOWS\system32\Smab.dll
2007-06-13 13:22 505,312 --sh--r C:\WINDOWS\system32\emkvif.exe
2006-05-03 10:06 163,328 --sh--r C:\WINDOWS\system32\flvDX.dll
2007-02-21 11:47 31,232 --sh--r C:\WINDOWS\system32\msfDX.dll
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 20:00 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-10-14 10:16 246752]
"RayV"="C:\Program Files\RayV\RayV\RayV.exe" [ ]
"BitTorrent DNA"="C:\Program Files\BitTorrent_DNA\dna.exe" [2007-12-15 10:54 463836]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2007-10-13 21:21 185632]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2006-07-20 20:58 7581696]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [ ]
"avgnt"="C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" [2008-02-13 14:47 249896]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-10-10 18:51 217572]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25 6731312]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 20:00 15360]
C:\Documents and Settings\Matthieu\Menu D‚marrer\Programmes\D‚marrage\
802.11g USB 2.0 adapter Setting.lnk - C:\WINDOWS\system32\WiFiCfg.exe [2004-05-21 15:19:00 389120]
GigaTribe.lnk - C:\Program Files\GigaTribe\gigatribe.exe [2008-01-30 15:45:23 1254872]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
R3 usbscan;Pilote de scanneur USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 21:58]
R3 usbstor;Pilote de stockage de masse USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 20:00]
S3 SG762_XP;SAGEM 802.11g XG762 1211B Driver;C:\WINDOWS\system32\DRIVERS\WlanBZXP.sys [2005-12-22 13:45]
S3 ZDCndis5;ZDCndis5 Protocol Driver;C:\WINDOWS\system32\ZDCndis5.SYS []
*Newly Created Service* - AVG_ANTI-SPYWARE_DRIVER
*Newly Created Service* - AVG_ANTI-SPYWARE_GUARD
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2008-01-01 14:07:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
"2008-02-13 20:26:19 C:\WINDOWS\Tasks\User_Feed_Synchronization-{0FC36D16-518D-4CA9-A247-BFE50015DF09}.job"
- C:\WINDOWS\system32\msfeedssync.exe
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-13 21:50:16
Windows 5.1.2600 Service Pack 2 NTFS
Balayage processus cachés ...
Balayage caché autostart entries ...
Balayage des fichiers cachés ...
Scan terminé avec succès
Les fichiers cachés: 0
**************************************************************************
.
Temps d'accomplissement: 2008-02-13 21:50:45
ComboFix-quarantined-files.txt 2008-02-13 20:50:37
.
2008-02-12 20:34:35 --- E O F ---
Rapport AVG:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:15:54 13/02/2008
+ Résultat de l'analyse:
:mozilla.25:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@247realmedia[1].txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.169:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@himedia.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.193:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.197:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@adrevolver[2].txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@media.adrevolver[2].txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@adtech[1].txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.216:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.218:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.219:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.220:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@advertising[1].txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.108:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Adviva : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@adviva[2].txt -> TrackingCookie.Adviva : Aucune action entreprise.
:mozilla.217:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@atdmt[2].txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.113:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@bluestreak[2].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.90:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@doubleclick[1].txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.128:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@estat[1].txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.249:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
:mozilla.250:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Fastclick : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@fastclick[1].txt -> TrackingCookie.Fastclick : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@ehg-francetel.hitbox[1].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@hitbox[2].txt -> TrackingCookie.Hitbox : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@hotlog[1].txt -> TrackingCookie.Hotlog : Aucune action entreprise.
:mozilla.38:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.39:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Imrworldwide : Aucune action entreprise.
:mozilla.162:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@overture[1].txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.224:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Paypal : Aucune action entreprise.
:mozilla.204:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.205:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.206:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.207:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.208:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.209:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.210:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.211:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.272:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise.
:mozilla.273:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Real : Aucune action entreprise.
:mozilla.91:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.92:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.93:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.94:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.95:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.96:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.97:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@serving-sys[1].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.163:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.164:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.12:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.13:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.14:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.15:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.58:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.61:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.62:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.121:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Toplist : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@toplist[1].txt -> TrackingCookie.Toplist : Aucune action entreprise.
:mozilla.104:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.106:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.6:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.7:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@weborama[1].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.214:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.10:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.139:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.140:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.141:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.7:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.8:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.9:C:\Program Files\MediaCoder\xulapp\Application Data\Mozilla\Firefox\Profiles\MediaCoder.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.146:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.147:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.148:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
:mozilla.149:C:\Documents and Settings\Matthieu\Application Data\Mozilla\Firefox\Profiles\w5dpuh7y.default\cookies.txt -> TrackingCookie.Zedo : Aucune action entreprise.
C:\Documents and Settings\Matthieu\Cookies\matthieu@zedo[1].txt -> TrackingCookie.Zedo : Aucune action entreprise.
Fin du rapport
Et BitDefeder a reparer tous les dossier endomager par Win32.Partie.B
