probleme spyware voici le log de mon analyse

bonjour g un probleme de pop up malgres fire fox et un probleme de troyen mais bon pour les popup g deja fe une "procédure"smitfraudfix qui n'as pas résolue mon probleme g fe un scan avec spyware doctor voila le log :
Scan Results:
scan start: 26/04/2006 14:51:32
scan stop: 26/04/2006 15:16:50
scanned items: 214402
found items: 441
found and ignored: 0
tools used: General Scanner, Process Scanner, LSP Scanner, Startup Scanner, Registry Scanner, Browser Scanner, Browser Activity Scanner, Disk Scanner, ActiveX Scanner

Infection Name Location Risk
Kazaa Promotional Items multiple Medium
VX2.Look2Me C:\WINDOWS\system32\l6n40g5qe6.dll High
VX2.Look2Me HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ModuleUsage High
VX2.Look2Me multiple High
VX2.Look2Me Explorer.EXE (C:\WINDOWS\system32\rPsadhlp.dll) High
VX2.Look2Me rundll32.exe (C:\WINDOWS\system32\guard.tmp) High
VX2.Look2Me HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WinLogon\Notify\ModuleUsage##DllName High
Block-Checker HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List##%windir%\system32\ccapp.exe High
Carpe Diem HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\EC77857721E7DFB88A5881AA4BB23151D82DE208 High
Carpe Diem HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\EC77857721E7DFB88A5881AA4BB23151D82DE208## High
Carpe Diem HKCU\Software\Microsoft\SystemCertificates\TrustedPublisher\Certificates\EC77857721E7DFB88A5881AA4BB23151D82DE208##Blob High
Deskwizz HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\DH Elevated
Deskwizz HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\DH## Elevated
Dollarrevenue HKCU\Software\Microsoft\Internet Explorer\Search\SearchAssistant Explorer\Main##Default_Search_URL High
HotBar HKCR\Interface\{5D16197A-1EAA-45AF-B29A-69F1AA055E87} Low
HotBar HKCR\Interface\{5D16197A-1EAA-45AF-B29A-69F1AA055E87}## Low
HotBar HKCR\Interface\{5D16197A-1EAA-45AF-B29A-69F1AA055E87}\ProxyStubClsid Low
HotBar HKCR\Interface\{5D16197A-1EAA-45AF-B29A-69F1AA055E87}\ProxyStubClsid## Low
HotBar HKCR\Interface\{5D16197A-1EAA-45AF-B29A-69F1AA055E87}\ProxyStubClsid32 Low
HotBar HKCR\Interface\{5D16197A-1EAA-45AF-B29A-69F1AA055E87}\ProxyStubClsid32## Low
HotBar HKCR\Interface\{5D16197A-1EAA-45AF-B29A-69F1AA055E87}\TypeLib Low
HotBar HKCR\Interface\{5D16197A-1EAA-45AF-B29A-69F1AA055E87}\TypeLib## Low
HotBar HKCR\Interface\{5D16197A-1EAA-45AF-B29A-69F1AA055E87}\TypeLib##Version Low
InstaFinder HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\INSTAFINK Elevated
InstaFinder HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\INSTAFINK## Elevated
InstaFinder HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\INSTAFINK##SlowInfoCache Elevated
InstaFinder HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\INSTAFINK##Changed Elevated
Kazaa Promotional Items HKCU\Software\Kazaa\Promotions Medium
Kazaa Promotional Items HKCU\Software\Kazaa\Promotions## Medium
Kazaa Promotional Items HKCU\Software\Kazaa\Promotions\Broadband Medium
Kazaa Promotional Items HKCU\Software\Kazaa\Promotions\Broadband## Medium
Kazaa Promotional Items HKCU\Software\Kazaa\Promotions\Broadband##BBDbLoc Medium
Kazaa Promotional Items HKCU\Software\Kazaa\Promotions\Broadband##NullImageLoc Medium
Kazaa Promotional Items HKCU\Software\Kazaa\Promotions\Broadband##NullImageLoc2 Medium
Kazaa Promotional Items HKCU\Software\Kazaa\Promotions\Broadband##BroadNagCount2 Medium
Kazaa Promotional Items HKCU\Software\Kazaa\Promotions\Broadband##LastBBShown Medium
RXToolbar HKCR\Interface\{AC368F5F-6670-4DDE-A1A8-B9C064EA0402} Elevated
RXToolbar HKCR\Interface\{AC368F5F-6670-4DDE-A1A8-B9C064EA0402}## Elevated
RXToolbar HKCR\Interface\{AC368F5F-6670-4DDE-A1A8-B9C064EA0402}\ProxyStubClsid Elevated
RXToolbar HKCR\Interface\{AC368F5F-6670-4DDE-A1A8-B9C064EA0402}\ProxyStubClsid## Elevated
RXToolbar HKCR\Interface\{AC368F5F-6670-4DDE-A1A8-B9C064EA0402}\ProxyStubClsid32 Elevated
RXToolbar HKCR\Interface\{AC368F5F-6670-4DDE-A1A8-B9C064EA0402}\ProxyStubClsid32## Elevated
RXToolbar HKCR\Interface\{AC368F5F-6670-4DDE-A1A8-B9C064EA0402}\TypeLib Elevated
RXToolbar HKCR\Interface\{AC368F5F-6670-4DDE-A1A8-B9C064EA0402}\TypeLib## Elevated
RXToolbar HKCR\Interface\{AC368F5F-6670-4DDE-A1A8-B9C064EA0402}\TypeLib##Version Elevated
YourSiteBar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs##C:\WINDOWS\Downloaded Program Files\ysbactivex.dll High
YourSiteBar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\CWINDOWS/Downloaded Program Files/ysbactivex.dll High
YourSiteBar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\CWINDOWS/Downloaded Program Files/ysbactivex.dll## High
YourSiteBar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\CWINDOWS/Downloaded Program Files/ysbactivex.dll##.Owner High
YourSiteBar HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\CWINDOWS/Downloaded Program Files/ysbactivex.dll##{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\ctxad-433[1].0005 High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\campaigns3_3[1].bin High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\get-now2[1].gif High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\s2[1].gif High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\ctxad-433[1].0004 High
TargetSavers C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\7ad_13[1].html High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\data[1].html High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\campaigns27_3[1].bin High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\backtab[1].jpeg High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\banner[1].gif High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\logo[1].gif High
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\arrow_red[1].gif Medium
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\PopupV2A[7].html High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\ctxad-433[1].0003 High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\vos[1].gif High
Affiliated with Browser Hijackers C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\index[1].html Elevated
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\PopupV2A[1].html High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\smartload[1].html High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\keyboard13[1].exe High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\campaigns6[1].encrypted High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\campaigns5_3[1].bin High
TargetSavers C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\tsupdate2[1].ini High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\securityworm2[1].html High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\smartload[1].html High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\PopupV2A[2].html High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\1[1].css High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\PopupV2A[1].html High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\!update-3720[1].sig High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\PopupV2A[3].html High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\hoek[1].gif High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\html[1].html High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\line[1].gif High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\campaigns8_3[1].bin High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\init[1].js High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\ctxad-433[1].0000 High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\campaigns6_3[1].bin High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\a178a872[1].js High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\ctxad-433[1].0007 High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\campaigns4_3[1].bin High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\campaigns7_3[1].bin High
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\spydlprogress[1].gif Medium
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\PopupV2A[2].html High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\logo[1].gif High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\tussen[1].gif High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\s1[1].gif High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\download[1].gif High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\logov[1].gif High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\medicine01[1].rgn High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\smartload_stats[1].html High
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\top_button2_blink[1].gif Medium
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\down_01_blink[1].gif Medium
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\ctxad-433[1].sig High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\campaigns_f[1].bin High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\campaigns26_6[1].bin High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\campaigns12_3[1].bin High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\newname13[1].exe High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\campaigns13_3[1].bin High
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\down_02_blink[1].gif Medium
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\campaigns23_3[1].bin High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\s1[2].gif High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\wav_nav1[1].html High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\line[1].gif High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\gr_hrt[1].gif High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\arrow_red[1].gif High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\campaigns20_3[1].bin High
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\top_font02[1].gif Medium
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\PopupV2A[4].html High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\smartload_d[1].html High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\fr[1].html High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\topvirustextsan_2[1].gif High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\campaigns29_3[1].bin High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\campaigns_5[1].bin High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\popup[1].js High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\campaigns16_3[1].bin High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\ac2_0010[1].exe High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\campaigns14_3[1].bin High
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\alt_download_REG[1].html Medium
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\ctxad-433[1].0006 High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\firewall_protection[1].jpeg High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\fr[1].html High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\fr[1].html High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\campaigns25_3[1].bin High
Maxifiles C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\freeprodtb[1].exe High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\client_settings_3[1].bin High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\smartload_stats[2].html High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\campaigns9_3[1].bin High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\download[1].gif High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\fr[2].html High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\PopupV2A[3].html High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\s2[2].gif High
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\mid_style[1].css Medium
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\con_logo[1].gif Medium
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\ctxad-433[1].0002 High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\campaigns18_3[1].bin High
Maxifiles C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\launcher[1].exe High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\campaigns10_3[1].bin High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\smartload[1].html High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\gr_corner[1].gif High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\visa_img[1].jpeg High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\!update-3720[1].0000 High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\smartload_stats[2].html High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\smartload_stats[1].html High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\ctxad-433[1].0001 High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\satisfation_img[1].gif High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\smartload[2].html High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\gr_vert[1].gif High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\drsmartload[1].exe High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\campaigns15_3[1].bin High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\download[2].gif High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\backtab[1].jpeg High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\campaigns24_3[1].bin High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\fr[1].html High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\mousepad13[1].exe High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\vos[1].gif High
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\photo[1].jpeg Medium
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\win_logo2[1].gif High
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\donwloading[1].gif Medium
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\campaigns28_3[1].bin High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\PopupV2A[5].html High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\prompt_ie_xpsp2[1].js High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\wav_nav1[1].html High
Maxifiles C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\drdata[1].avi High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\MTE3NDI6ODoxNg[1].exe High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\sk02[1].exe High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\campaigns17_3[1].bin High
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\alt_exe_reg[1].gif Medium
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\download_now[1].gif High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\PopupV2A[1] High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\PopupV2A[4].html High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\PopupV2A[2].html High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\campaigns11_3[1].bin High
PurityScan C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\campaigns22_3[1].bin High
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\2minset_greybg[1].gif Medium
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\PopupV2A[2] High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\drsmartload46a[1].exe High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\secure[1].jpeg High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\click_here[1].gif High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\closer[1].js High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\bg[1].gif High
SpySpotter C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\poplib[1].js Medium
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\win_logo1[1].gif High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\fr[2].html High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\PopupV2A[6].html High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\5SZTL36W\PopupV2A[5].html High
Dollarrevenue C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\medicine01[1].swf High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\2EEN3RXV\PopupV2A[6].html High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\PopupV2A[2].html High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\UML9UM2M\PopupV2A[1].html High
VX2.Look2Me C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Temporary Internet Files\Content.IE5\IMNUUKQG\PopupV2A[1].html High
Anti-Phishing C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Cookies\propriétaire@www.winantivirus[2].txt High
WinFixer C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Cookies\propriétaire@www.winfixer[1].txt Elevated
Rogue Anti-Spyware Products C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Cookies\propriétaire@www.winsoftware[2].txt High
Affiliated with Browser Hijackers C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Cookies\propriétaire@fr.errorsafe[1].txt Elevated
Affiliated with Browser Hijackers C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Cookies\propriétaire@www.errorsafe[1].txt Elevated
Rogue Anti-Spyware Products C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Cookies\propriétaire@www.winantiviruspro[2].txt High
Known Bad Sites C:\DOCUME~1\PROPRI~1\LOCALS~1\Temp\Cookies\propriétaire@www.amaena[2].txt High
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@1666.carasexe[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@611[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@888[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ad.cibleclick[2].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ad.yieldmanager[1].txt (Remnant) Medium
Advertising C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ad.zanox[1].txt (Remnant) Low
Advertising C:\Documents and Settings\Propriétaire\Cookies\propriétaire@adopt.hbmediapro[2].txt (Remnant) Low
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ads.woyaa[1].txt (Remnant) Medium
Advertising C:\Documents and Settings\Propriétaire\Cookies\propriétaire@adultfriendfinder[2].txt (Remnant) Low
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@aolfr.122.2o7[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@atwola[2].txt (Remnant) Medium
Common Components for Claria C:\Documents and Settings\Propriétaire\Cookies\propriétaire@belnk[1].txt (Remnant) Elevated
Advertising C:\Documents and Settings\Propriétaire\Cookies\propriétaire@burstnet[2].txt (Remnant) Low
Advertising C:\Documents and Settings\Propriétaire\Cookies\propriétaire@c.goclick[2].txt (Remnant) Low
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cartoonnetwork.122.2o7[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cassava[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@caverne-sexe[2].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@click-fr[2].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@clickthrough.wegcash[2].txt (Remnant) Medium
Advertising C:\Documents and Settings\Propriétaire\Cookies\propriétaire@com[2].txt (Remnant) Low
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cybermonitor[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cz3.clickzs[2].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@cz7.clickzs[2].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@dcs2omr9fpifwznrgv67zf9ub_7p8i[1].txt (Remnant) Medium
Common Components for Claria C:\Documents and Settings\Propriétaire\Cookies\propriétaire@dist.belnk[2].txt (Remnant) Elevated
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ebookers[1].txt (Remnant) Medium
Affiliated with Browser Hijackers C:\Documents and Settings\Propriétaire\Cookies\propriétaire@errorguard[1].txt (Remnant) Elevated
Affiliated with Browser Hijackers C:\Documents and Settings\Propriétaire\Cookies\propriétaire@errorsafe[2].txt (Remnant) Elevated
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ford.112.2o7[1].txt (Remnant) Medium
Affiliated with Browser Hijackers C:\Documents and Settings\Propriétaire\Cookies\propriétaire@fr.errorsafe[2].txt (Remnant) Elevated
WinFixer C:\Documents and Settings\Propriétaire\Cookies\propriétaire@fr.winfixer[1].txt (Remnant) Elevated
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@free.wegcash[2].txt (Remnant) Medium
Lop.com C:\Documents and Settings\Propriétaire\Cookies\propriétaire@gestion[1].txt (Remnant) High
Known Bad Sites C:\Documents and Settings\Propriétaire\Cookies\propriétaire@index[1].txt (Remnant) High
Affiliated with Browser Hijackers C:\Documents and Settings\Propriétaire\Cookies\propriétaire@miniclip[1].txt (Remnant) Elevated
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@msnportal.112.2o7[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@nissan-fr[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@nissan-models[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@nissan[2].txt (Remnant) Medium
HotBar C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ol[2].txt (Remnant) Low
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@passion[2].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@paypopup[2].txt (Remnant) Medium
Known Bad Sites C:\Documents and Settings\Propriétaire\Cookies\propriétaire@rc.cpa4[1].txt (Remnant) High
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@renault-fr[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@renault-group[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@renault-mktg[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@renault-sport[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@S009-00-12-21-203449-44824[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@S154793[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@S155008[1].txt (Remnant) Medium
Rogue Anti-Spyware Products C:\Documents and Settings\Propriétaire\Cookies\propriétaire@sc[1].txt (Remnant) High
Known Bad Sites C:\Documents and Settings\Propriétaire\Cookies\propriétaire@se-a.cpa4[2].txt (Remnant) High
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@skynet[2].txt (Remnant) Medium
SpySpotter C:\Documents and Settings\Propriétaire\Cookies\propriétaire@spyspotter[2].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@ssa.kazaa[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@stats1.reliablestats[2].txt (Remnant) Medium
Block-Checker C:\Documents and Settings\Propriétaire\Cookies\propriétaire@system-processes[1].txt (Remnant) High
Known Bad Sites C:\Documents and Settings\Propriétaire\Cookies\propriétaire@tracker.affistats[2].txt (Remnant) High
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@uk[1].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@vpro[2].txt (Remnant) Medium
WinFixer C:\Documents and Settings\Propriétaire\Cookies\propriétaire@winfixer[2].txt (Remnant) Elevated
Known Bad Sites C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.altnet[1].txt (Remnant) High
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.best-free-sex[2].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.flowgo[1].txt (Remnant) Medium
Affiliated with Browser Hijackers C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.miniclip[1].txt (Remnant) Elevated
Rogue Anti-Spyware Products C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.myspywarecleaner[2].txt (Remnant) High
WinFixer C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.winfixer[1].txt (Remnant) Elevated
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@www.woyaa[2].txt (Remnant) Medium
Tracking Cookie(s) C:\Documents and Settings\Propriétaire\Cookies\propriétaire@xiti[1].txt (Remnant) Medium
Dollarrevenue C:\drsmartload46a.exe High
Dollarrevenue C:\WINDOWS\keyboard131.dat High
Dollarrevenue C:\WINDOWS\keyboard31.dat High
Dollarrevenue C:\WINDOWS\keyboard91.dat High
Dollarrevenue C:\WINDOWS\newname.dat High
Grokster C:\WINDOWS\smdat32a.sys Medium
Grokster C:\WINDOWS\smdat32m.sys Medium
Dollarrevenue C:\WINDOWS\system32\dr.exe High
Carpe Diem C:\WINDOWS\Temp\MT High
Carpe Diem C:\WINDOWS\Temp\MT\ALIZEE_NUE_VIDEO[1].exe High
Carpe Diem C:\WINDOWS\Temp\MT\AnnaSexe[1].exe High
Carpe Diem C:\WINDOWS\Temp\MT\clara1[1].exe High
Carpe Diem C:\WINDOWS\Temp\MT\NueOlivia.exe High
Carpe Diem C:\WINDOWS\Temp\MT\NueOlivia[1].exe High
Carpe Diem C:\WINDOWS\Temp\MT\o_adriaco[1].exe High
Carpe Diem C:\WINDOWS\Temp\MT\video_petite_chanteuse[1].exe High
TargetSavers C:\Program Files\Fichiers communs\ufim\ufimd\class-barrel High
TargetSavers C:\Program Files\Fichiers communs\ufim\ufimd\vocabulary High
Block-Checker C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP283\A0131373.exe High
VX2.Look2Me C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131459.dll High
VX2.Look2Me C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131468.dll High
Trojan.Downloader.VB C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131469.exe High
Deskwizz C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131486.exe Elevated
Trojan.Downloader.VB C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131491.exe High
Trojan.Dropper.Agent.MF C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131497.exe High
Dollarrevenue C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131498.exe High
PurityScan C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP297\A0145333.exe High
Carpe Diem C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP297\A0145374.exe High
Carpe Diem C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP297\A0145376.exe High
Carpe Diem C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP297\A0145378.exe High
Carpe Diem C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP297\A0145382.exe High
WinFixer C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP301\A0145717.dll Elevated
Block-Checker C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP305\A0147005.exe High
VX2.Look2Me C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP305\A0147171.dll High
VX2.Look2Me C:\WINDOWS\system32\e6jmlg1116.dll High
VX2.Look2Me C:\WINDOWS\system32\guard.tmp High
VX2.Look2Me C:\WINDOWS\system32\mvl8l93u1.dll High
VX2.Look2Me C:\WINDOWS\system32\rPsadhlp.dll High
PurityScan C:\WINDOWS\system32\wcpit.exe High
Block-Checker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2EEB4FA-B6D6-41B9-9CFA-ABA87F862BCB} High
Block-Checker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2EEB4FA-B6D6-41B9-9CFA-ABA87F862BCB}## High
Block-Checker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2EEB4FA-B6D6-41B9-9CFA-ABA87F862BCB}\iexplore High
Block-Checker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2EEB4FA-B6D6-41B9-9CFA-ABA87F862BCB}\iexplore## High
Block-Checker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2EEB4FA-B6D6-41B9-9CFA-ABA87F862BCB}\iexplore##Type High
Block-Checker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2EEB4FA-B6D6-41B9-9CFA-ABA87F862BCB}\iexplore##Count High
Block-Checker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C2EEB4FA-B6D6-41B9-9CFA-ABA87F862BCB}\iexplore##Time High
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9} High
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}## High
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}##SystemComponent High
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}##Installer High
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\Contains High
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\Contains## High
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation High
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation## High
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\DownloadInformation##CODEBASE High
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\InstalledVersion High
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\InstalledVersion## High
Carpe Diem HKLM\Software\Microsoft\Code Store Database\Distribution Units\{86EEF11E-FF16-48CE-B1A2-474B663041A9}\InstalledVersion##LastModified High
CnsMin HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B83FC273-3522-4CC6-92EC-75CC86678DA4} Medium
CnsMin HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B83FC273-3522-4CC6-92EC-75CC86678DA4}## Medium
CnsMin HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B83FC273-3522-4CC6-92EC-75CC86678DA4}\iexplore Medium
CnsMin HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B83FC273-3522-4CC6-92EC-75CC86678DA4}\iexplore## Medium
CnsMin HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B83FC273-3522-4CC6-92EC-75CC86678DA4}\iexplore##Type Medium
CnsMin HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B83FC273-3522-4CC6-92EC-75CC86678DA4}\iexplore##Count Medium
CnsMin HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B83FC273-3522-4CC6-92EC-75CC86678DA4}\iexplore##Time Medium
CnsMin HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B83FC273-3522-4CC6-92EC-75CC86678DA4}\iexplore##Blocked Medium
Common Components Unrelated HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F} Medium
Common Components Unrelated HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F}## Medium
Common Components Unrelated HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F}\iexplore Medium
Common Components Unrelated HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F}\iexplore## Medium
Common Components Unrelated HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F}\iexplore##Type Medium
Common Components Unrelated HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F}\iexplore##Count Medium
Common Components Unrelated HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{77FBF9B8-1D37-4FF2-9CED-192D8E3ABA6F}\iexplore##Time Medium
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74CC49F7-EB32-4A08-B204-948962A6E3DB} Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74CC49F7-EB32-4A08-B204-948962A6E3DB}## Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74CC49F7-EB32-4A08-B204-948962A6E3DB}\iexplore Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74CC49F7-EB32-4A08-B204-948962A6E3DB}\iexplore## Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74CC49F7-EB32-4A08-B204-948962A6E3DB}\iexplore##Type Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74CC49F7-EB32-4A08-B204-948962A6E3DB}\iexplore##Count Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74CC49F7-EB32-4A08-B204-948962A6E3DB}\iexplore##Time Low
HotBar HKCU\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser##{74CC49F7-EB32-4A08-B204-948962A6E3DB} Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8525EA-2BFC-4440-BD8A-20EFB9D5E541} Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8525EA-2BFC-4440-BD8A-20EFB9D5E541}## Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8525EA-2BFC-4440-BD8A-20EFB9D5E541}\iexplore Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8525EA-2BFC-4440-BD8A-20EFB9D5E541}\iexplore## Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8525EA-2BFC-4440-BD8A-20EFB9D5E541}\iexplore##Type Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8525EA-2BFC-4440-BD8A-20EFB9D5E541}\iexplore##Count Low
HotBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ED8525EA-2BFC-4440-BD8A-20EFB9D5E541}\iexplore##Time Low
LinkMaker Hijacker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22} Elevated
LinkMaker Hijacker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22}## Elevated
LinkMaker Hijacker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22}\iexplore Elevated
LinkMaker Hijacker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22}\iexplore## Elevated
LinkMaker Hijacker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22}\iexplore##Type Elevated
LinkMaker Hijacker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22}\iexplore##Count Elevated
LinkMaker Hijacker HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8B6DA27E-7F64-4694-8F8F-DC87AB8C6B22}\iexplore##Time Elevated
Maxifiles HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8B0BDED-64A5-495B-97DA-42C0301E229B} High
Maxifiles HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8B0BDED-64A5-495B-97DA-42C0301E229B}## High
Maxifiles HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8B0BDED-64A5-495B-97DA-42C0301E229B}\iexplore High
Maxifiles HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8B0BDED-64A5-495B-97DA-42C0301E229B}\iexplore## High
Maxifiles HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8B0BDED-64A5-495B-97DA-42C0301E229B}\iexplore##Type High
Maxifiles HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8B0BDED-64A5-495B-97DA-42C0301E229B}\iexplore##Count High
Maxifiles HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8B0BDED-64A5-495B-97DA-42C0301E229B}\iexplore##Time High
MediaGateway HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} Elevated
MediaGateway HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}## Elevated
MediaGateway HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}\iexplore Elevated
MediaGateway HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}\iexplore## Elevated
MediaGateway HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}\iexplore##Type Elevated
MediaGateway HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}\iexplore##Count Elevated
MediaGateway HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}\iexplore##Time Elevated
MediaGateway HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8FCDF9D9-A28B-480F-8C3D-581F119A8AB8}\iexplore##Blocked Elevated
RXToolbar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483} Elevated
RXToolbar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}## Elevated
RXToolbar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\iexplore Elevated
RXToolbar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\iexplore## Elevated
RXToolbar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\iexplore##Type Elevated
RXToolbar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\iexplore##Count Elevated
RXToolbar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{59879FA4-4790-461C-A1CC-4EC4DE4CA483}\iexplore##Time Elevated
Webhancer HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C900B400-CDFE-11D3-976A-00E02913A9E0} Medium
Webhancer HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C900B400-CDFE-11D3-976A-00E02913A9E0}## Medium
Webhancer HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C900B400-CDFE-11D3-976A-00E02913A9E0}\iexplore Medium
Webhancer HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C900B400-CDFE-11D3-976A-00E02913A9E0}\iexplore## Medium
Webhancer HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C900B400-CDFE-11D3-976A-00E02913A9E0}\iexplore##Type Medium
Webhancer HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C900B400-CDFE-11D3-976A-00E02913A9E0}\iexplore##Count Medium
Webhancer HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C900B400-CDFE-11D3-976A-00E02913A9E0}\iexplore##Time Medium
YourSiteBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} High
YourSiteBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}## High
YourSiteBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\iexplore High
YourSiteBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\iexplore## High
YourSiteBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\iexplore##Type High
YourSiteBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\iexplore##Count High
YourSiteBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\iexplore##Time High
YourSiteBar HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\iexplore##Blocked High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658} High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}## High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}##SystemComponent High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}##Installer High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\Contains High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\Contains## High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\Contains\Files High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\Contains\Files## High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\Contains\Files##C:\WINDOWS\Downloaded Program Files\ysbactivex.dll High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\DownloadInformation High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\DownloadInformation## High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\DownloadInformation##CODEBASE High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\InstalledVersion High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\InstalledVersion## High
YourSiteBar HKLM\Software\Microsoft\Code Store Database\Distribution Units\{42F2C9BA-614F-47C0-B3E3-ECFD34EED658}\InstalledVersion##LastModified High
VX2.Look2Me HKCR\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1} High
VX2.Look2Me HKCR\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}## High
VX2.Look2Me HKCR\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\Implemented Categories High
VX2.Look2Me HKCR\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\Implemented Categories## High
VX2.Look2Me HKCR\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\Implemented Categories\{00021492-0000-0000-C000-000000000046} High
VX2.Look2Me HKCR\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}## High
VX2.Look2Me HKCR\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\InprocServer32 High
VX2.Look2Me HKCR\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\InprocServer32## High
VX2.Look2Me HKCR\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\InprocServer32##ThreadingModel High
VX2.Look2Me HKLM\Software\Classes\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1} High
VX2.Look2Me HKLM\Software\Classes\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}## High
VX2.Look2Me HKLM\Software\Classes\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\Implemented Categories High
VX2.Look2Me HKLM\Software\Classes\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\Implemented Categories## High
VX2.Look2Me HKLM\Software\Classes\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\Implemented Categories\{00021492-0000-0000-C000-000000000046} High
VX2.Look2Me HKLM\Software\Classes\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\Implemented Categories\{00021492-0000-0000-C000-000000000046}## High
VX2.Look2Me HKLM\Software\Classes\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\InprocServer32 High
VX2.Look2Me HKLM\Software\Classes\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\InprocServer32## High
VX2.Look2Me HKLM\Software\Classes\CLSID\{50B2CC60-E799-4BF9-8196-701B504404A1}\InprocServer32##ThreadingModel High
VX2.Look2Me HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved##{50B2CC60-E799-4BF9-8196-701B504404A1}
apparament je sui tres infecte si kelkun a une ideee merci d'avance ditemoi koi faire aparament g une forme de look2me tres coriace ke mon anti virus pc cilllin ne parvient pas a regler aidez moi svp
merci :-( :-( :-(

Répondre

Inscrivez-vous ou connectez-vous pour masquer ceci.

Bonjour,

Tu as tenté un record d'infection :-o

EDIT : Désinstalle Kazaa c'est un nid à Spyware

1/ Tu as une infection LooK2Me on va essayer sa :

Prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant ce fix. Regarde bien les trois petites notes au bas, avant de débuter.

Télécharge Look2Me-Destroyer.exe sur ton Bureau.

http://www.atribune.org/ccount/click.php?id=7

* Ferme toutes les fenêtres actives avant de passer à l'étape suivante.
* Double-clique Look2Me-Destroyer.exe afin de lancer l'outil.
* Coche Run this program as a task
* Un message s'affichera, te disant ceci : "Look2Me-Destroyer will close and re-open in approximately 10 seconds". Clique OK
* Il se relancera après les 10 secondes, puis clique sur le bouton Scan for L2M; les icônes de ton Bureau vont disparaître : c'est normal.
* Lorsque le scan termine, clique sur le bouton Remove L2M
* Un message Done Scanning apparaîtra, clique OK.
* Un nouveau message s'affichera : Done removing infected files! Look2Me-Destroyer will now shutdown your computer; clique OK.
* Ton PC va maintenant s'éteindre.
* Démarre ton PC normalement.
* Colle le rapport généré, situé ici : C:\Look2Me-Destroyer.txt dans ta prochaine réponse.

#Si Look2Me-Destroyer ne se relance pas automatiquement après les 10 secondes, redémarre et essaie à nouveau.

##Si tu reçois un message de ton parefeu que l'outil tente d'accéder à l'internet : accepte.

###Si un message runtime error '339' s'affiche : télécharge MSWINSCK.OCX du lien ci-bas, et place-le dans le dossier C:\Windows\System32.
http://www.ascentive.com/support/n [...] WINSCK.OCX

2/ Télécharge Brute Force Uninstaller (de Merijn)
http://www.merijn.org/files/bfu.zip
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)

Va sur cette page
http://www.google.fr/search?hl=fr& [...] ogle&meta=
Tu fais le clic droit puis Enregistrer la cible du lien sous
Afin de télécharger Alcanshorty.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : Alcanshorty.bfu et BFU.exe (très important).

Redémarre en mode sans echec Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.

Lance le nettoyage avec CCleaner.

Démarre le "Brute Force Uninstaller" en double-cliquant [/b]BFU.exe[/b] (du dossier C:\BFU)
Sous Scriptline to execute copie/colle cette ligne :

c:\bfu\Alcanshorty.bfu

Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.
Clique Exit pour fermer le programme BFU.

Redemarre normalement

3/ 1/ Télécharge et installe CCleaner

http://www.clubic.com/telecharger- [...] aner-.html

- Télécharge, installe et mets à jour ewido
Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".

http://www.infos-du-net.com/telech [...] Suite.html

- Redémarre en mode sans échec (Pour cela : démarrer le PC en tapotant sur la touche F8 du clavier jusqu'à ce que le menu des options avancées de Windows apparaisse puis avec les touches fléchées du clavier, sélectionner Mode sans échec puis appuyer sur la touche Entrée...)
Attention tu n'as pas accès à Internet dans ce mode donc note ou imprime les consignes qui suivent.

- Lance CCleaner puis bouton Analyse ensuite Bouton Lancer le Nettoyage

- Lance ewido (Scan complet du système) et supprime tout ce qu'il trouve. Sauvegarde le rapport sur le bureau.

9/ Redémarre normalement et poste le rapport Ewido, le rapport Look2me Destroyer et un nouveau rapport HijackThis.

Répondre à bob_

Bonjour

Prière d'imprimer ces instructions, ou de les coller dans un fichier texte, pour lecture durant ce fix.

@@ Télécharge
Look2Me-Destroyer.exe sur ton Bureau.
http://www.atribune.org/ccount/click.php?id=7

CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.

@@ Lance le nettoyage avec CCleaner.

@@ Ferme toutes les fenêtres actives avant de passer à l'étape suivante.
* Double-clique Look2Me-Destroyer.exe afin de lancer l'outil.
* Coche Run this program as a task
* Un message s'affichera, te disant ceci : "Look2Me-Destroyer will close and re-open in approximately 1 minute". Clique OK
* Il se relancera après la minute, puis clique sur le bouton Scan for L2M; les icônes de ton Bureau vont disparaître : c'est normal.
* Lorsque le scan termine, clique sur le bouton Remove L2M
* Un message Done Scanning apparaîtra, clique OK.
* Un nouveau message s'affichera : Done removing infected files! Look2Me-Destroyer will now shutdown your computer; clique OK.
* Ton PC va maintenant s'éteindre.
* Démarre ton PC normalement.

* Colle le rapport généré, situé ici : C:\Look2Me-Destroyer.txt , ainsi qu'un rapport HijackThis! dans ta prochaine réponse.

#Si Look2Me-Destroyer ne se relance pas automatiquement après la minute, redémarre et essaie à nouveau.

Pour HijackThis
http://telechargement.zebulon.fr/160-Patch-fran%E7ais-pour-HijackThis-1.99.1.html
Tutorial
http://sitethemacs.free.fr/aide_enregistrement_de_hijackthi.htm
Démo en image
http://pageperso.aol.fr/balltrap34/demohijack.htm

Répondre à chercheur_

On se met aussi a BFU Bob ;-)

On est face a un petit pervers (pas mechant)

C:\WINDOWS\Temp\MT\ALIZEE_NUE_VIDEO[1].exe
C:\WINDOWS\Temp\MT\AnnaSexe[1].exe High
C:\WINDOWS\Temp\MT\clara1[1].exe
C:\WINDOWS\Temp\MT\NueOlivia.exe
C:\WINDOWS\Temp\MT\NueOlivia[1].exe C:\WINDOWS\Temp\MT\o_adriaco[1].exe C:\WINDOWS\Temp\MT\video_petite_chanteuse[1].exe
:-D et apres on a des problemes...

Répondre à Angeldark

La procedure parait compliquée mais prend ton temps pour la realiser !

PS : Evite les sites douteux car toutes les semaines tu va venir nous rendre visite

C:\WINDOWS\Temp\MT\AnnaSexe[1].exe
C:\WINDOWS\Temp\MT\clara1[1].exe C:\WINDOWS\Temp\MT\NueOlivia.exe
C:\WINDOWS\Temp\MT\NueOlivia[1].exe

Donc dit aurevoir et à jamais à Anna, Clara et Olivia :panolol:

EDIT : Bonjour Angeldark bah ouai j'essaie de m'y mettre doucement

Répondre à bob_

ouais mais le truc c ke c video elle sont pas de moi pck alizee nue ca me dit rien ki vaille
;-) ;-) ;-) ;-) ;-)

Répondre à timb91

deplus dans la liste des programme je n'ai plus kazaa

Répondre à timb91

voici le rapport de look2me destroyer merrci pour l'aide ke vous m'avez donne et pour l'aide ke vous allez me donner juste une kestion a koi sert brutforce :Look2Me-Destroyer V1.0.12

Scanning for infected files.....
Scan started at 26/04/2006 20:21:17

Infected! C:\WINDOWS\system32\l6n40g5qe6.dll
Infected! C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131459.dll
Infected! C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131468.dll
Infected! C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP305\A0147171.dll
Infected! C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP305\A0148171.dll
Infected! C:\WINDOWS\system32\e6jmlg1116.dll
Infected! C:\WINDOWS\system32\hr8m05l1e.dll
Infected! C:\WINDOWS\system32\l6n40g5qe6.dll
Infected! C:\WINDOWS\system32\mvl8l93u1.dll
Infected! C:\WINDOWS\system32\wmnshfhc.dll

Attempting to delete infected files...

Attempting to delete: C:\WINDOWS\system32\l6n40g5qe6.dll
C:\WINDOWS\system32\l6n40g5qe6.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131459.dll
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131459.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131468.dll
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP284\A0131468.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP305\A0147171.dll
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP305\A0147171.dll Deleted successfully!

Attempting to delete: C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP305\A0148171.dll
C:\System Volume Information\_restore{02154015-BE0F-4EA2-9B01-6F19FB6A5D01}\RP305\A0148171.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\e6jmlg1116.dll
C:\WINDOWS\system32\e6jmlg1116.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\hr8m05l1e.dll
C:\WINDOWS\system32\hr8m05l1e.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\l6n40g5qe6.dll
C:\WINDOWS\system32\l6n40g5qe6.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\mvl8l93u1.dll
C:\WINDOWS\system32\mvl8l93u1.dll Deleted successfully!

Attempting to delete: C:\WINDOWS\system32\wmnshfhc.dll
C:\WINDOWS\system32\wmnshfhc.dll Deleted successfully!

Making registry repairs.

Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellCompatibility

Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{50B2CC60-E799-4BF9-8196-701B504404A1}"
HKCR\Clsid\{50B2CC60-E799-4BF9-8196-701B504404A1}

Restoring Windows certificates.

Replaced hosts file with default windows hosts file

Restoring SeDebugPrivilege for Administrateurs - Succeeded

Répondre à timb91

voila mon rapport hijackthis ke doisje supprime ??? Logfile of HijackThis v1.99.1
Scan saved at 21:34:48, on 26/04/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\AceGain\LiveUpdate\LiveUpdate.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\eoRezo\EoEngine.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AceGain\LiveUpdate\aceagent.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Hijackthis Version Française\VERSION TRADUITE ORIGINALE.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - Default URLSearchHook is missing
O3 - Toolbar: HP View - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AceGain LiveUpdate] C:\Program Files\AceGain\LiveUpdate\LiveUpdate.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [EoEngine] "C:\Program Files\eoRezo\EoEngine.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Démarrage d'Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O4 - Startup: Microsoft Recherche accélérée.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Sagem - Utilitaire réseau pour Clé USB Wi-Fi 802.11g.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O8 - Extra context menu item: &Search - http://ko.bar.need2find.com/KO/menusearch.html?p=KO
O8 - Extra context menu item: Ouvrir dans un nouvel onglet d'arrière-plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/229?f7d95f25a36849d7a1e75c84f28ccaf5
O8 - Extra context menu item: Ouvrir dans un nouvel onglet de premier plan - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fr-fr\msntabres.dll/230?f7d95f25a36849d7a1e75c84f28ccaf5
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Ajouter un Pop-Up - {DE39E849-A37D-4126-8AE1-1551364ADA96} - C:\Program Files\VoissaNoPubs\VoissaNoPubs.exe (file missing)
O9 - Extra 'Tools' menuitem: Tools Menu Item - {DE39E849-A37D-4126-8AE1-1551364ADA96} - C:\Program Files\VoissaNoPubs\VoissaNoPubs.exe (file missing)
O9 - Extra button: MoneySide - {E023F504-0C5A-4750-A1E7-A9046DEA8A21} - C:\Program Files\Microsoft Money\System\mnyside.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} - http://www.tbcode.com/ist/software [...] egular.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/window [...] 2068662515
O16 - DPF: {86EEF11E-FF16-48CE-B1A2-474B663041A9} - http://11731.kit.carpediem.fr/NueOlivia.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{7724BDCF-E980-4E89-AA9E-717F0B5FF8CC}: NameServer = 192.168.0.1
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe

8-) 8-) 8-)

Répondre à timb91

probleme spyware voici le log de mon analyse

Forum Sécurité - Virus : probleme spyware voici le log de mon analyse

Attention