problème avec winfixer
Dernière réponse : dans Sécurité
Bonjour,j'ai un problème avec winfixer j'ai besoin d'aide pour m'en debarrasser . J'ai fait un scan par HiJackThis.Merci a ceux qui sauront m'aider
Logfile of HijackThis v1.99.1
Scan saved at 11:52:55, on 21/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\Dit.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Documents and Settings\farouck\Bureau\jeux\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\SoftPerfect Personal Firewall\fw.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\farouck\Mes documents\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://in.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://in.search.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Anonymizer Core Browser Helper Object - {2F2FBF0D-254F-11D5-B1E5-0050DAD7AF62} - C:\Program Files\Anonymizer\Core\Anonymizer.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {50D0F110-F865-4364-A19D-97A1F3C01D91} - C:\Program Files\Online Services\horecow.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Anonymizer 2005 Toolbar - {DB264E15-F83B-4603-BFC1-4EA7E3204686} - C:\Program Files\Anonymizer\Anon2005\AnonIEBar.dll
O3 - Toolbar: Anonymizer Toolbar - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - C:\Program Files\Anonymizer\Toolbar\AnonymizerBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Documents and Settings\farouck\Bureau\jeux\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SoftPerfect Personal Firewall] "C:\Program Files\SoftPerfect Personal Firewall\fw.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [XoftSpy] C:\Program Files\XoftSpy\XoftSpy.exe -s
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.maalaimalar.com/wfplayer/tdserver.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink.com/winxp/CheckDVD.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {E504AD79-2E1A-4EE6-814D-53DE1EEB75AF} (Canal+ Active MSWAY) - https://www.canalplay.com/cabs/msway43.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by109fd.bay109.hotmail.msn.com/activex/HMAtchmt....
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E4FA825-D0CD-4A7A-AAE5-61AF03C78DBA}: NameServer = 194.117.200.10,194.117.200.15
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SABWinLogon - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (file missing)
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: McAfee.com Personal Firewall Service (MpfService) - Unknown owner - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe (file missing)
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Logfile of HijackThis v1.99.1
Scan saved at 11:52:55, on 21/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\Dit.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Documents and Settings\farouck\Bureau\jeux\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\SoftPerfect Personal Firewall\fw.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\farouck\Mes documents\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://in.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://in.search.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Anonymizer Core Browser Helper Object - {2F2FBF0D-254F-11D5-B1E5-0050DAD7AF62} - C:\Program Files\Anonymizer\Core\Anonymizer.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {50D0F110-F865-4364-A19D-97A1F3C01D91} - C:\Program Files\Online Services\horecow.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Anonymizer 2005 Toolbar - {DB264E15-F83B-4603-BFC1-4EA7E3204686} - C:\Program Files\Anonymizer\Anon2005\AnonIEBar.dll
O3 - Toolbar: Anonymizer Toolbar - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - C:\Program Files\Anonymizer\Toolbar\AnonymizerBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Documents and Settings\farouck\Bureau\jeux\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SoftPerfect Personal Firewall] "C:\Program Files\SoftPerfect Personal Firewall\fw.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [XoftSpy] C:\Program Files\XoftSpy\XoftSpy.exe -s
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.maalaimalar.com/wfplayer/tdserver.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink.com/winxp/CheckDVD.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {E504AD79-2E1A-4EE6-814D-53DE1EEB75AF} (Canal+ Active MSWAY) - https://www.canalplay.com/cabs/msway43.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by109fd.bay109.hotmail.msn.com/activex/HMAtchmt....
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E4FA825-D0CD-4A7A-AAE5-61AF03C78DBA}: NameServer = 194.117.200.10,194.117.200.15
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SABWinLogon - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (file missing)
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: McAfee.com Personal Firewall Service (MpfService) - Unknown owner - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe (file missing)
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Autres pages sur : probleme winfixer
Lassé par la pub ? Créez un compte
salut, suis cette procédure
1] Téléchargement de CCleaner
http://telechargement.zebulon.fr/239-ccleaner.html
Retourne dans la section Nettoyeur, et clique sur Analyse puis une fois l'analyse achevée, clique sur Lancer le Nettoyage.
2] Téléchargement de Ewido
http://download.ewido.net/ewido-setup.exe
L'installer (important: pendant l'installation, sur la page "Additional Options" puis décoche les deux options "Install background guard" et "Install scan via context menu"). Démarre Ewido. Clique sur mise à jour, attends la fin de cette mise à jour puis, ferme le programme. Passe en mode sans échec ( en tapotant sur F8 au démarrage du pc ) puis fais un scan et sauve le rapport Ewido sur le bureau.
3] Téléchargement d'Hijackthis
http://www.bleepingcomputer.com/files/Merijn/HijackThis...
fais un scan en mode sans échec et sauve le rapport sur le bureau
4] Colle les 2 rapports ( Ewido et Hijackthis )
1] Téléchargement de CCleaner
http://telechargement.zebulon.fr/239-ccleaner.html
Retourne dans la section Nettoyeur, et clique sur Analyse puis une fois l'analyse achevée, clique sur Lancer le Nettoyage.
2] Téléchargement de Ewido
http://download.ewido.net/ewido-setup.exe
L'installer (important: pendant l'installation, sur la page "Additional Options" puis décoche les deux options "Install background guard" et "Install scan via context menu"). Démarre Ewido. Clique sur mise à jour, attends la fin de cette mise à jour puis, ferme le programme. Passe en mode sans échec ( en tapotant sur F8 au démarrage du pc ) puis fais un scan et sauve le rapport Ewido sur le bureau.
3] Téléchargement d'Hijackthis
http://www.bleepingcomputer.com/files/Merijn/HijackThis...
fais un scan en mode sans échec et sauve le rapport sur le bureau
4] Colle les 2 rapports ( Ewido et Hijackthis )
voici les rapports
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 13:26:48, 21/05/2006
+ Somme de contrôle: 81F33CDA
+ Résultats du scan:
:mozilla.37:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Estat : Ignoré
:mozilla.52:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré
:mozilla.55:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Clickbank : Ignoré
:mozilla.56:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Clickbank : Ignoré
:mozilla.60:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré
:mozilla.62:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Com : Ignoré
:mozilla.63:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Com : Nettoyer et sauvegarder
:mozilla.76:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.77:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.78:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.79:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.80:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.92:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.118:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder
:mozilla.119:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder
:mozilla.126:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
:mozilla.127:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
:mozilla.139:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
:mozilla.140:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
:mozilla.144:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Adition : Nettoyer et sauvegarder
:mozilla.145:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Adition : Nettoyer et sauvegarder
:mozilla.37:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
:mozilla.52:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.55:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder
:mozilla.56:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder
:mozilla.60:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.62:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Com : Nettoyer et sauvegarder
:mozilla.63:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Com : Nettoyer et sauvegarder
:mozilla.76:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.77:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.78:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.79:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.80:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.92:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.118:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder
:mozilla.119:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder
:mozilla.126:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
:mozilla.127:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
:mozilla.139:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
:mozilla.140:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
:mozilla.144:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Adition : Nettoyer et sauvegarder
:mozilla.145:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Adition : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@ads1.revenue[1].txt -> TrackingCookie.Revenue : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@banners.searchingbooth[1].txt -> TrackingCookie.Searchingbooth : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@c.enhance[1].txt -> TrackingCookie.Enhance : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@media.top-banners[1].txt -> TrackingCookie.Top-banners : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Local Settings\Temporary Internet Files\Content.IE5\0OT3VJXC\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Nettoyer et sauvegarder
C:\mousepad16.exe_tobedeleted -> Trojan.VB.ali : Nettoyer et sauvegarder
C:\Program Files\Online Services\horecow.dll -> Downloader.Small.ctp : Nettoyer et sauvegarder
C:\WINDOWS\keyboard13.exe -> Downloader.VB.abj : Nettoyer et sauvegarder
C:\WINDOWS\keyboard14.exe -> Hijacker.StartPage.aiy : Nettoyer et sauvegarder
C:\WINDOWS\keyboard15.exe -> Downloader.Adload.ay : Nettoyer et sauvegarder
C:\WINDOWS\keyboard16.exe -> Downloader.VB.zg : Nettoyer et sauvegarder
C:\WINDOWS\mousepad12.exe -> Hijacker.VB.mo : Nettoyer et sauvegarder
C:\WINDOWS\mousepad13.exe -> Hijacker.VB.mo : Nettoyer et sauvegarder
C:\WINDOWS\mousepad14.exe -> Hijacker.VB.mo : Nettoyer et sauvegarder
C:\WINDOWS\mousepad15.exe -> Hijacker.VB.mo : Nettoyer et sauvegarder
C:\WINDOWS\mousepad16.exe -> Trojan.VB.ali : Nettoyer et sauvegarder
C:\WINDOWS\newname12.exe -> Downloader.VB.aaf : Nettoyer et sauvegarder
::Fin du rapport
Logfile of HijackThis v1.99.1
Scan saved at 13:27:58, on 21/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\farouck\Mes documents\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://in.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://in.search.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Anonymizer Core Browser Helper Object - {2F2FBF0D-254F-11D5-B1E5-0050DAD7AF62} - C:\Program Files\Anonymizer\Core\Anonymizer.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {50D0F110-F865-4364-A19D-97A1F3C01D91} - C:\Program Files\Online Services\horecow.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Anonymizer 2005 Toolbar - {DB264E15-F83B-4603-BFC1-4EA7E3204686} - C:\Program Files\Anonymizer\Anon2005\AnonIEBar.dll
O3 - Toolbar: Anonymizer Toolbar - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - C:\Program Files\Anonymizer\Toolbar\AnonymizerBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Documents and Settings\farouck\Bureau\jeux\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SoftPerfect Personal Firewall] "C:\Program Files\SoftPerfect Personal Firewall\fw.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [XoftSpy] C:\Program Files\XoftSpy\XoftSpy.exe -s
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.maalaimalar.com/wfplayer/tdserver.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink.com/winxp/CheckDVD.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {E504AD79-2E1A-4EE6-814D-53DE1EEB75AF} (Canal+ Active MSWAY) - https://www.canalplay.com/cabs/msway43.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by109fd.bay109.hotmail.msn.com/activex/HMAtchmt....
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E4FA825-D0CD-4A7A-AAE5-61AF03C78DBA}: NameServer = 194.117.200.10,194.117.200.15
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SABWinLogon - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (file missing)
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: McAfee.com Personal Firewall Service (MpfService) - Unknown owner - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe (file missing)
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 13:26:48, 21/05/2006
+ Somme de contrôle: 81F33CDA
+ Résultats du scan:
:mozilla.37:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Estat : Ignoré
:mozilla.52:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré
:mozilla.55:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Clickbank : Ignoré
:mozilla.56:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Clickbank : Ignoré
:mozilla.60:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Googleadservices : Ignoré
:mozilla.62:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Com : Ignoré
:mozilla.63:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Com : Nettoyer et sauvegarder
:mozilla.76:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.77:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.78:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.79:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.80:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.92:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.118:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder
:mozilla.119:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder
:mozilla.126:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
:mozilla.127:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
:mozilla.139:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
:mozilla.140:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
:mozilla.144:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Adition : Nettoyer et sauvegarder
:mozilla.145:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookies.txt -> TrackingCookie.Adition : Nettoyer et sauvegarder
:mozilla.37:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
:mozilla.52:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.55:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder
:mozilla.56:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder
:mozilla.60:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.62:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Com : Nettoyer et sauvegarder
:mozilla.63:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Com : Nettoyer et sauvegarder
:mozilla.76:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.77:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.78:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.79:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.80:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Onestat : Nettoyer et sauvegarder
:mozilla.92:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.118:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder
:mozilla.119:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Burstnet : Nettoyer et sauvegarder
:mozilla.126:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
:mozilla.127:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Statcounter : Nettoyer et sauvegarder
:mozilla.139:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
:mozilla.140:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Yadro : Nettoyer et sauvegarder
:mozilla.144:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Adition : Nettoyer et sauvegarder
:mozilla.145:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Adition : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@ads1.revenue[1].txt -> TrackingCookie.Revenue : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@banners.searchingbooth[1].txt -> TrackingCookie.Searchingbooth : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@c.enhance[1].txt -> TrackingCookie.Enhance : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@estat[1].txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@media.top-banners[1].txt -> TrackingCookie.Top-banners : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Cookies\farouck@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
C:\Documents and Settings\farouck\Local Settings\Temporary Internet Files\Content.IE5\0OT3VJXC\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Nettoyer et sauvegarder
C:\mousepad16.exe_tobedeleted -> Trojan.VB.ali : Nettoyer et sauvegarder
C:\Program Files\Online Services\horecow.dll -> Downloader.Small.ctp : Nettoyer et sauvegarder
C:\WINDOWS\keyboard13.exe -> Downloader.VB.abj : Nettoyer et sauvegarder
C:\WINDOWS\keyboard14.exe -> Hijacker.StartPage.aiy : Nettoyer et sauvegarder
C:\WINDOWS\keyboard15.exe -> Downloader.Adload.ay : Nettoyer et sauvegarder
C:\WINDOWS\keyboard16.exe -> Downloader.VB.zg : Nettoyer et sauvegarder
C:\WINDOWS\mousepad12.exe -> Hijacker.VB.mo : Nettoyer et sauvegarder
C:\WINDOWS\mousepad13.exe -> Hijacker.VB.mo : Nettoyer et sauvegarder
C:\WINDOWS\mousepad14.exe -> Hijacker.VB.mo : Nettoyer et sauvegarder
C:\WINDOWS\mousepad15.exe -> Hijacker.VB.mo : Nettoyer et sauvegarder
C:\WINDOWS\mousepad16.exe -> Trojan.VB.ali : Nettoyer et sauvegarder
C:\WINDOWS\newname12.exe -> Downloader.VB.aaf : Nettoyer et sauvegarder
::Fin du rapport
Logfile of HijackThis v1.99.1
Scan saved at 13:27:58, on 21/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\farouck\Mes documents\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://in.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://in.search.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Anonymizer Core Browser Helper Object - {2F2FBF0D-254F-11D5-B1E5-0050DAD7AF62} - C:\Program Files\Anonymizer\Core\Anonymizer.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {50D0F110-F865-4364-A19D-97A1F3C01D91} - C:\Program Files\Online Services\horecow.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Anonymizer 2005 Toolbar - {DB264E15-F83B-4603-BFC1-4EA7E3204686} - C:\Program Files\Anonymizer\Anon2005\AnonIEBar.dll
O3 - Toolbar: Anonymizer Toolbar - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - C:\Program Files\Anonymizer\Toolbar\AnonymizerBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Documents and Settings\farouck\Bureau\jeux\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SoftPerfect Personal Firewall] "C:\Program Files\SoftPerfect Personal Firewall\fw.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [XoftSpy] C:\Program Files\XoftSpy\XoftSpy.exe -s
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.maalaimalar.com/wfplayer/tdserver.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink.com/winxp/CheckDVD.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {E504AD79-2E1A-4EE6-814D-53DE1EEB75AF} (Canal+ Active MSWAY) - https://www.canalplay.com/cabs/msway43.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by109fd.bay109.hotmail.msn.com/activex/HMAtchmt....
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E4FA825-D0CD-4A7A-AAE5-61AF03C78DBA}: NameServer = 194.117.200.10,194.117.200.15
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SABWinLogon - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (file missing)
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: McAfee.com Personal Firewall Service (MpfService) - Unknown owner - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe (file missing)
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Bonjour,
1/ Télécharge et installe CCleaner
http://www.clubic.com/telecharger-fiche14492-ccleaner-c...
Télécharge, installe et mets à jour ewido
Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".
http://www.infos-du-net.com/telecharger/Ewido-Security-...
2/ Redémarre en mode sans échec (Pour cela : démarrer le PC en tapotant sur la touche F8 du clavier jusqu'à ce que le menu des options avancées de Windows apparaisse puis avec les touches fléchées du clavier, sélectionner Mode sans échec puis appuyer sur la touche Entrée...)
Attention tu n'as pas accès à Internet dans ce mode donc note ou imprime les consignes qui suivent.
3/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about :blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about :blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about :blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about :blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://in.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://in.search.yahoo.com
O2 - BHO: (no name) - {50D0F110-F865-4364-A19D-97A1F3C01D91} - C:\Program Files\Online Services\horecow.dll (file missing)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.maalaimalar.com/wfplayer/tdserver.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink.com/winxp/CheckDVD.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {E504AD79-2E1A-4EE6-814D-53DE1EEB75AF} (Canal+ Active MSWAY) - https://www.canalplay.com/cabs/msway43.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by109fd.bay109.hotmail.msn.com/activex/HMAtchmt....
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
4/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->coché
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché)
5/ ensuite supprime les fichiers et/ou dossiers suivants si présents :
C:\Program Files\Fichiers communs\BOONTY Shared <== le dossier
6/ Lance CCleaner puis bouton Analyse ensuite Bouton Lancer le Nettoyage
8/ Lance ewido (Scan complet du système) et supprime tout ce qu'il trouve. Sauvegarde le rapport sur le bureau.
9/ Redémarre normalement et poste le rapport Ewido et un nouveau rapport HijackThis.
10/ Fait une analyse en ligne chez Kaspersky et poste le rapport :
http://webscanner.kaspersky.fr/
1/ Télécharge et installe CCleaner
http://www.clubic.com/telecharger-fiche14492-ccleaner-c...
Télécharge, installe et mets à jour ewido
Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".
http://www.infos-du-net.com/telecharger/Ewido-Security-...
2/ Redémarre en mode sans échec (Pour cela : démarrer le PC en tapotant sur la touche F8 du clavier jusqu'à ce que le menu des options avancées de Windows apparaisse puis avec les touches fléchées du clavier, sélectionner Mode sans échec puis appuyer sur la touche Entrée...)
Attention tu n'as pas accès à Internet dans ce mode donc note ou imprime les consignes qui suivent.
3/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
puis --> Fix checked
puis oui à la question de confirmation
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about :blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about :blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about :blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fr/0SEFRFR/SAOS02
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about :blank
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://in.rd.yahoo.com/customize/ie/defaults/su/msgr7/*http://in.search.yahoo.com
O2 - BHO: (no name) - {50D0F110-F865-4364-A19D-97A1F3C01D91} - C:\Program Files\Online Services\horecow.dll (file missing)
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267....
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) - http://www.maalaimalar.com/wfplayer/tdserver.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {54823A9D-6BAE-11D5-B519-0050BA2413EB} (ChkDVDCtl Class) - http://www.cyberlink.com/winxp/CheckDVD.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Cont...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} (SABScanProcesses Class) - http://www.superadblocker.com/activex/sabspx.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdown...
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.ca...
O16 - DPF: {E504AD79-2E1A-4EE6-814D-53DE1EEB75AF} (Canal+ Active MSWAY) - https://www.canalplay.com/cabs/msway43.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by109fd.bay109.hotmail.msn.com/activex/HMAtchmt....
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/controls/msnchat45.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Fichiers communs\BOONTY Shared\Service\Boonty.exe
4/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->coché
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché)
5/ ensuite supprime les fichiers et/ou dossiers suivants si présents :
C:\Program Files\Fichiers communs\BOONTY Shared <== le dossier
6/ Lance CCleaner puis bouton Analyse ensuite Bouton Lancer le Nettoyage
8/ Lance ewido (Scan complet du système) et supprime tout ce qu'il trouve. Sauvegarde le rapport sur le bureau.
9/ Redémarre normalement et poste le rapport Ewido et un nouveau rapport HijackThis.
10/ Fait une analyse en ligne chez Kaspersky et poste le rapport :
http://webscanner.kaspersky.fr/
ok voila les rapports
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 18:49:42, 21/05/2006
+ Somme de contrôle: 1CE91A85
+ Résultats du scan:
:mozilla.28:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
:mozilla.33:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.34:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.35:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.36:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.62:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.101:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.103:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder
:mozilla.104:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder
:mozilla.108:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.110:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Com : Nettoyer et sauvegarder
::Fin du rapport
Logfile of HijackThis v1.99.1
Scan saved at 19:12:53, on 21/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Documents and Settings\farouck\Bureau\jeux\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\SoftPerfect Personal Firewall\fw.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\BONECH~1\FIREFOX.EXE
C:\Documents and Settings\farouck\Mes documents\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Anonymizer Core Browser Helper Object - {2F2FBF0D-254F-11D5-B1E5-0050DAD7AF62} - C:\Program Files\Anonymizer\Core\Anonymizer.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Anonymizer 2005 Toolbar - {DB264E15-F83B-4603-BFC1-4EA7E3204686} - C:\Program Files\Anonymizer\Anon2005\AnonIEBar.dll
O3 - Toolbar: Anonymizer Toolbar - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - C:\Program Files\Anonymizer\Toolbar\AnonymizerBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Documents and Settings\farouck\Bureau\jeux\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SoftPerfect Personal Firewall] "C:\Program Files\SoftPerfect Personal Firewall\fw.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [XoftSpy] C:\Program Files\XoftSpy\XoftSpy.exe -s
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E4FA825-D0CD-4A7A-AAE5-61AF03C78DBA}: NameServer = 194.117.200.10,194.117.200.15
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SABWinLogon - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (file missing)
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: McAfee.com Personal Firewall Service (MpfService) - Unknown owner - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe (file missing)
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
dimanche 21 mai 2006 20:38:59
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Version de Kaspersky On-line Scanner: 5.0.78.0
Dernière mise à jour de la base antivirus Kaspersky : 21/05/2006
Enregistrements dans la base antivirus Kaspersky : 183666
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie. vrai
Cible de l'analyse Dossiers
C:\
Statistiques de l'analyse
Total d'objets analysés : 78376
Nombre de virus trouvés 42
Nombre d'objets infectés 290
Nombre d'objets suspects 4
Durée de l'analyse 00:53:38
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC1.zip/drsmartload46a.exe Suspect : Password-protected-EXE ignoré
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC1.zip ZIP: suspect - 1 ignoré
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC2.zip/drsmartload45a.exe Suspect : Password-protected-EXE ignoré
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC2.zip ZIP: suspect - 1 ignoré
C:\Documents and Settings\farouck\Application Data\Microsoft\Internet Explorer\Desktop.htt Infecté: Trojan-Clicker.JS.Agent.e ignoré
C:\Documents and Settings\farouck\Menu Démarrer\Programmes\Startup\Adobe Gamma Loader.exe Infecté: Trojan-Clicker.Win32.VB.la ignoré
C:\Program Files\Microsoft AntiSpyware\Quarantine\70957C79-E1B0-4B3D-8F80-0BEC38\4C0B6386-45DC-480A-ACD7-147291/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\Program Files\Microsoft AntiSpyware\Quarantine\70957C79-E1B0-4B3D-8F80-0BEC38\4C0B6386-45DC-480A-ACD7-147291 NSIS: infecté - 1 ignoré
C:\Program Files\NetMeeting\howymym.html Infecté: Trojan-Clicker.JS.Agent.e ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\01C64EFC Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03574C27.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03E4768D Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\04276C90 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\045C6DDA Infecté: Trojan-Downloader.Win32.Small.ya ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\04997D68 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\07543874 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\083650E7 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0FAA7BBD.exe Infecté: Trojan.Win32.VB.aad ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\12681087 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\12D1212E Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\140C016B.exe Infecté: P2P-Worm.Win32.Krepper.c ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\16115D54 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\16475AB5.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\17417847 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\17773922 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1B880450 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BBA7566 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E8C5F11 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E8F090D Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E955D06 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E990702 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E9C30FF Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E9F5AFB Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1EA304F8 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\274A3164 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27B0276C Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2A0F5935 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2C727BE6 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2D6935EB Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\30DA77D2 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3341636A Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33924DE2 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33CE0854 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\34C723A8 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\34CA4DA4 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\34FE401D Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\35B0725C Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\35CD2844 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\36303CB5.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3656361B Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\36CC783B Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37CB4833 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB21FDE Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AF427D0.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3CD74E41 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3DF228D8 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E7913FC.zip/BlackBox.class Infecté: Exploit.Java.ByteVerify ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E7913FC.zip/VerifierBug.class Infecté: Exploit.Java.ByteVerify ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E7913FC.zip/Beyond.class Infecté: Trojan-Downloader.Java.OpenConnection.aa ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E7913FC.zip ZIP: infecté - 3 ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E7913FC.zip CryptFF: infecté - 3 ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3ED11F69 Infecté: Trojan-Downloader.Win32.Small.ya ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\40C77568 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\412634AE Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\414D113C Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\43FE2A26 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44603282.exe Infecté: Trojan.Win32.Small.dq ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44D84096 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\455F5294.exe Infecté: Trojan.Win32.Small.dq ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\495D4D31 Infecté: Trojan-Dropper.Win32.Agent.hh ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\49F14D05 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A615B68 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A854CD8 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4B194CAC Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4BAD4C80 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4C404C54 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4D4F293F Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4D6E6BBB Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\52F342F9 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\554E26DC.zip/BlackBox.class Infecté: Exploit.Java.ByteVerify ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\554E26DC.zip/VerifierBug.class Infecté: Exploit.Java.ByteVerify ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\554E26DC.zip/Beyond.class Infecté: Trojan-Downloader.Java.OpenConnection.aa ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\554E26DC.zip ZIP: infecté - 3 ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\554E26DC.zip CryptFF: infecté - 3 ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\55F21766 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\570B4044.exe Infecté: Trojan.Win32.VB.aad ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\58483E52.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\588B4943 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\59771DD0 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\597C3FA5 Infecté: Trojan-Dropper.Win32.Agent.kd ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5A5F372F Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5BDD5D39 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5DCF7916 Infecté: Trojan-Dropper.Win32.Agent.hh ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5DE401F6 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\61825365 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\64F05AFA.exe Infecté: Trojan.Win32.VB.aad ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\659F1260 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\678B6CBE.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6A2237E4.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6BA44A6E.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6C0B04B9 Infecté: Trojan-Downloader.Win32.Small.ya ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6D120F63 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6D79056B Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6E277CDC Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6FC9014A Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\713E532C Infecté: Trojan-Downloader.Win32.Small.ya ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\73163C02.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\764C103F Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\774B6037 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7833794A Infecté: Trojan-Downloader.Win32.Small.ya ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7909416A Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\79F45F7F Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7B2B1A7C.exe Infecté: Worm.Win32.VB.an ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP100\A0052605.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP100\A0052606.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP100\A0052615.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP100\A0052615.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP100\A0052615.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP100\A0052635.dll Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP101\A0052639.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP101\A0052640.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP103\A0052869.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP104\A0052873.exe Infecté: Trojan.Win32.VB.ali ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP104\A0052874.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP104\A0052875.exe Infecté: Trojan-Downloader.Win32.VB.vr ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP104\A0052876.exe Infecté: Trojan-Downloader.Win32.Adload.az ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP104\A0052877.exe Infecté: Trojan-Downloader.Win32.Adload.az ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP104\A0052878.exe Infecté: Trojan-Downloader.Win32.Adload.ba ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP111\A0053153.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP124\A0054405.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP142\A0055670.exe Infecté: Trojan-Downloader.Win32.VB.aaf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP142\A0055671.exe Infecté: Trojan-Downloader.Win32.VB.ri ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP142\A0055672.exe Infecté: Trojan-Downloader.Win32.Adload.ay ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP142\A0055673.exe Infecté: Trojan-Downloader.Win32.VB.vr ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP155\A0055954.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP158\A0055995.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP161\A0056215.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP173\A0057802.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060701.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060702.dll Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060703.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060703.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060703.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060705.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060706.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060706.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060706.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060818.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060819.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060819.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060819.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060820.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060821.exe Infecté: Trojan.Win32.VB.ali ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060822.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060868.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060869.exe Infecté: Trojan-Downloader.Win32.VB.aad ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060870.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060871.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060872.exe Infecté: Trojan-Downloader.Win32.Adload.ay ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060884.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060884.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060886.exe Infecté: Trojan-Downloader.Win32.Adload.ap ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060887.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060913.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060914.exe Infecté: Trojan.Win32.StartPage.aiy ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061015.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061055.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061055.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061067.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061067.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061074.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061076.exe Infecté: Trojan-Downloader.Win32.VB.abm ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061077.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061078.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061079.exe Infecté: Trojan-Downloader.Win32.VB.abj ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061837.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061838.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061855.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061856.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP200\A0062056.exe Infecté: Flooder.Win32.VB.cq ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063791.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063792.dll Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063793.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063793.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063793.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063795.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063796.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063796.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063796.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063908.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063909.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063909.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063909.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063910.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063911.exe Infecté: Trojan.Win32.VB.ali ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063912.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063954.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063955.exe Infecté: Trojan-Downloader.Win32.VB.aad ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063956.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063957.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063958.exe Infecté: Trojan-Downloader.Win32.Adload.ay ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063970.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063970.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063972.exe Infecté: Trojan-Downloader.Win32.Adload.ap ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063973.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063999.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064000.exe Infecté: Trojan.Win32.StartPage.aiy ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064101.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064141.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064141.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064153.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064153.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064160.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064162.exe Infecté: Trojan-Downloader.Win32.VB.abm ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064163.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064164.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064165.exe Infecté: Trojan-Downloader.Win32.VB.abj ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064923.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064924.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064941.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064942.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065383.dll Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065384.exe Infecté: Trojan-Downloader.Win32.VB.abj ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065385.exe Infecté: Trojan.Win32.StartPage.aiy ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065386.exe Infecté: Trojan-Downloader.Win32.Adload.ay ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065387.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065388.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065389.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065390.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065391.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065392.exe Infecté: Trojan.Win32.VB.ali ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065393.exe Infecté: Trojan-Downloader.Win32.VB.aaf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP67\A0043345.exe/Chrunch-It-Cracked By l1nd0/Chrunch-It-Cracked By l1nd0.exe Infecté: Flooder.Win32.VB.cq ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP67\A0043345.exe ZIP: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047431.exe Infecté: Trojan-Downloader.Win32.Small.buy ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047432.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047433.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047699.exe Infecté: Trojan-Downloader.Win32.Adload.au ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047806.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047807.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047809.exe Infecté: Trojan-Downloader.Win32.Adload.be ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0049926.exe Infecté: Trojan-Downloader.Win32.Adload.be ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0049927.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0049929.exe Infecté: Trojan-Downloader.Win32.VB.aaf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0049930.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0049931.exe Infecté: Trojan-Downloader.Win32.VB.abj ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050049.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050057.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050058.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050157.exe Infecté: Trojan-Downloader.Win32.Adload.au ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050189.exe Infecté: Trojan-Downloader.Win32.Small.buy ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050190.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050191.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050282.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050282.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050283.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050283.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050334.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050335.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050337.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050337.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050348.exe Infecté: Trojan-Downloader.Win32.VB.abm ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050349.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP83\A0050396.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP83\A0050396.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP83\A0050409.exe Infecté: Trojan-Downloader.Win32.Adload.ay ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP84\A0051565.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP84\A0051567.exe Infecté: Trojan-Downloader.Win32.VB.abm ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP84\A0051591.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP84\A0051591.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP89\A0051965.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP89\A0051965.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP89\A0051968.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP89\A0051969.exe Infecté: Trojan-Downloader.Win32.Adload.ap ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP89\A0051970.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP90\A0052045.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP90\A0052045.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP90\A0052046.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP90\A0052046.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP90\A0052074.exe/-Big-Killer-v7.0-/-Big-Killer-V7.0-.exe Infecté: IM-Flooder.Win32.KillBig.51 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP90\A0052074.exe ZIP: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP94\A0052502.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052560.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052562.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052563.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052563.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052563.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052564.exe Infecté: Trojan-Downloader.Win32.VB.aad ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052565.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP99\A0052600.dll Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\VSL02.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\VSL02.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\VSL02.exe NSIS: infecté - 2 ignoré
C:\WINDOWS\secure32.html Infecté: Trojan.Win32.Harnig.a ignoré
Analyse terminée.
---------------------------------------------------------
ewido anti-malware - Rapport de scan
---------------------------------------------------------
+ Créé le: 18:49:42, 21/05/2006
+ Somme de contrôle: 1CE91A85
+ Résultats du scan:
:mozilla.28:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Estat : Nettoyer et sauvegarder
:mozilla.33:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.34:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.35:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.36:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Reliablestats : Nettoyer et sauvegarder
:mozilla.62:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Weborama : Nettoyer et sauvegarder
:mozilla.101:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.103:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder
:mozilla.104:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Clickbank : Nettoyer et sauvegarder
:mozilla.108:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Googleadservices : Nettoyer et sauvegarder
:mozilla.110:C:\Documents and Settings\farouck\Application Data\Mozilla\Firefox\Profiles\y27kxnl6.default\cookiesnew.txt -> TrackingCookie.Com : Nettoyer et sauvegarder
::Fin du rapport
Logfile of HijackThis v1.99.1
Scan saved at 19:12:53, on 21/05/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\UAService7.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Documents and Settings\farouck\Bureau\jeux\DAEMON Tools\daemon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\SoftPerfect Personal Firewall\fw.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\Program Files\Athan\Athan.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\system32\LVComS.exe
C:\Program Files\Club-Internet\Lanceur\lanceur.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\cidaemon.exe
C:\PROGRA~1\BONECH~1\FIREFOX.EXE
C:\Documents and Settings\farouck\Mes documents\Downloads\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.club-internet.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer avec Club-Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Anonymizer Core Browser Helper Object - {2F2FBF0D-254F-11D5-B1E5-0050DAD7AF62} - C:\Program Files\Anonymizer\Core\Anonymizer.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Anonymizer 2005 Toolbar - {DB264E15-F83B-4603-BFC1-4EA7E3204686} - C:\Program Files\Anonymizer\Anon2005\AnonIEBar.dll
O3 - Toolbar: Anonymizer Toolbar - {C14DC52F-B4D9-11D5-B1E6-0050DAD7AF62} - C:\Program Files\Anonymizer\Toolbar\AnonymizerBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X83.exe
O4 - HKLM\..\Run: [Lexmark X83 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X83.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Documents and Settings\farouck\Bureau\jeux\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [SoftPerfect Personal Firewall] "C:\Program Files\SoftPerfect Personal Firewall\fw.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKLM\..\Run: [Athan] C:\Program Files\Athan\Athan.exe
O4 - HKLM\..\Run: [XoftSpy] C:\Program Files\XoftSpy\XoftSpy.exe -s
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Club Internet.lnk = C:\Program Files\Club-Internet\Lanceur\lanceur.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Recherche AOL Toolbar - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E4FA825-D0CD-4A7A-AAE5-61AF03C78DBA}: NameServer = 194.117.200.10,194.117.200.15
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SABWinLogon - C:\Program Files\SuperAdBlocker.com\Super Ad Blocker\SABWINLO.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - Unknown owner - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe (file missing)
O23 - Service: AOL Spyware Protection Service (AOLService) - Unknown owner - C:\Program Files\Fichiers communs\AOL\AOL Spyware Protection\\aolserv.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: McAfee.com Personal Firewall Service (MpfService) - Unknown owner - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe (file missing)
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
dimanche 21 mai 2006 20:38:59
Système d'exploitation : Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Version de Kaspersky On-line Scanner: 5.0.78.0
Dernière mise à jour de la base antivirus Kaspersky : 21/05/2006
Enregistrements dans la base antivirus Kaspersky : 183666
Paramètres d'analyse
Analyser avec la base antivirus suivante standard
Analyser les archives vrai
Analyser les bases de messagerie. vrai
Cible de l'analyse Dossiers
C:\
Statistiques de l'analyse
Total d'objets analysés : 78376
Nombre de virus trouvés 42
Nombre d'objets infectés 290
Nombre d'objets suspects 4
Durée de l'analyse 00:53:38
Nom de l'objet infecté Nom du virus Dernière action
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC1.zip/drsmartload46a.exe Suspect : Password-protected-EXE ignoré
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC1.zip ZIP: suspect - 1 ignoré
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC2.zip/drsmartload45a.exe Suspect : Password-protected-EXE ignoré
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy\Recovery\SmitfraudC2.zip ZIP: suspect - 1 ignoré
C:\Documents and Settings\farouck\Application Data\Microsoft\Internet Explorer\Desktop.htt Infecté: Trojan-Clicker.JS.Agent.e ignoré
C:\Documents and Settings\farouck\Menu Démarrer\Programmes\Startup\Adobe Gamma Loader.exe Infecté: Trojan-Clicker.Win32.VB.la ignoré
C:\Program Files\Microsoft AntiSpyware\Quarantine\70957C79-E1B0-4B3D-8F80-0BEC38\4C0B6386-45DC-480A-ACD7-147291/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\Program Files\Microsoft AntiSpyware\Quarantine\70957C79-E1B0-4B3D-8F80-0BEC38\4C0B6386-45DC-480A-ACD7-147291 NSIS: infecté - 1 ignoré
C:\Program Files\NetMeeting\howymym.html Infecté: Trojan-Clicker.JS.Agent.e ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\01C64EFC Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03574C27.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\03E4768D Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\04276C90 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\045C6DDA Infecté: Trojan-Downloader.Win32.Small.ya ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\04997D68 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\07543874 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\083650E7 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\0FAA7BBD.exe Infecté: Trojan.Win32.VB.aad ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\12681087 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\12D1212E Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\140C016B.exe Infecté: P2P-Worm.Win32.Krepper.c ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\16115D54 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\16475AB5.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\17417847 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\17773922 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1B880450 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1BBA7566 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E8C5F11 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E8F090D Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E955D06 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E990702 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E9C30FF Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1E9F5AFB Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\1EA304F8 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\274A3164 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\27B0276C Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2A0F5935 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2C727BE6 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\2D6935EB Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\30DA77D2 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3341636A Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33924DE2 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\33CE0854 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\34C723A8 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\34CA4DA4 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\34FE401D Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\35B0725C Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\35CD2844 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\36303CB5.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3656361B Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\36CC783B Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\37CB4833 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AB21FDE Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3AF427D0.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3CD74E41 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3DF228D8 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E7913FC.zip/BlackBox.class Infecté: Exploit.Java.ByteVerify ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E7913FC.zip/VerifierBug.class Infecté: Exploit.Java.ByteVerify ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E7913FC.zip/Beyond.class Infecté: Trojan-Downloader.Java.OpenConnection.aa ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E7913FC.zip ZIP: infecté - 3 ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3E7913FC.zip CryptFF: infecté - 3 ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\3ED11F69 Infecté: Trojan-Downloader.Win32.Small.ya ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\40C77568 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\412634AE Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\414D113C Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\43FE2A26 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44603282.exe Infecté: Trojan.Win32.Small.dq ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\44D84096 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\455F5294.exe Infecté: Trojan.Win32.Small.dq ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\495D4D31 Infecté: Trojan-Dropper.Win32.Agent.hh ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\49F14D05 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A615B68 Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4A854CD8 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4B194CAC Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4BAD4C80 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4C404C54 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4D4F293F Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\4D6E6BBB Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\52F342F9 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\554E26DC.zip/BlackBox.class Infecté: Exploit.Java.ByteVerify ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\554E26DC.zip/VerifierBug.class Infecté: Exploit.Java.ByteVerify ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\554E26DC.zip/Beyond.class Infecté: Trojan-Downloader.Java.OpenConnection.aa ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\554E26DC.zip ZIP: infecté - 3 ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\554E26DC.zip CryptFF: infecté - 3 ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\55F21766 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\570B4044.exe Infecté: Trojan.Win32.VB.aad ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\58483E52.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\588B4943 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\59771DD0 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\597C3FA5 Infecté: Trojan-Dropper.Win32.Agent.kd ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5A5F372F Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5BDD5D39 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5DCF7916 Infecté: Trojan-Dropper.Win32.Agent.hh ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\5DE401F6 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\61825365 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\64F05AFA.exe Infecté: Trojan.Win32.VB.aad ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\659F1260 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\678B6CBE.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6A2237E4.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6BA44A6E.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6C0B04B9 Infecté: Trojan-Downloader.Win32.Small.ya ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6D120F63 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6D79056B Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6E277CDC Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\6FC9014A Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\713E532C Infecté: Trojan-Downloader.Win32.Small.ya ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\73163C02.exe Infecté: Worm.Win32.VB.an ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\764C103F Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\774B6037 Infecté: Trojan.Win32.Dialer.jr ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7833794A Infecté: Trojan-Downloader.Win32.Small.ya ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7909416A Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\79F45F7F Infecté: Trojan.Win32.StartPage.nk ignoré
C:\Program Files\Norton SystemWorks\Norton Antivirus\Quarantine\7B2B1A7C.exe Infecté: Worm.Win32.VB.an ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP100\A0052605.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP100\A0052606.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP100\A0052615.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP100\A0052615.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP100\A0052615.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP100\A0052635.dll Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP101\A0052639.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP101\A0052640.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP103\A0052869.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP104\A0052873.exe Infecté: Trojan.Win32.VB.ali ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP104\A0052874.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP104\A0052875.exe Infecté: Trojan-Downloader.Win32.VB.vr ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP104\A0052876.exe Infecté: Trojan-Downloader.Win32.Adload.az ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP104\A0052877.exe Infecté: Trojan-Downloader.Win32.Adload.az ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP104\A0052878.exe Infecté: Trojan-Downloader.Win32.Adload.ba ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP111\A0053153.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP124\A0054405.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP142\A0055670.exe Infecté: Trojan-Downloader.Win32.VB.aaf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP142\A0055671.exe Infecté: Trojan-Downloader.Win32.VB.ri ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP142\A0055672.exe Infecté: Trojan-Downloader.Win32.Adload.ay ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP142\A0055673.exe Infecté: Trojan-Downloader.Win32.VB.vr ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP155\A0055954.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP158\A0055995.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP161\A0056215.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP173\A0057802.exe Infecté: Trojan-Clicker.Win32.Agent.gp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060701.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060702.dll Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060703.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060703.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060703.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060705.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060706.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060706.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060706.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060818.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060819.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060819.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060819.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060820.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060821.exe Infecté: Trojan.Win32.VB.ali ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060822.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060868.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060869.exe Infecté: Trojan-Downloader.Win32.VB.aad ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060870.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060871.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060872.exe Infecté: Trojan-Downloader.Win32.Adload.ay ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060884.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060884.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060886.exe Infecté: Trojan-Downloader.Win32.Adload.ap ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060887.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060913.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0060914.exe Infecté: Trojan.Win32.StartPage.aiy ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061015.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061055.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061055.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061067.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061067.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061074.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061076.exe Infecté: Trojan-Downloader.Win32.VB.abm ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061077.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061078.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061079.exe Infecté: Trojan-Downloader.Win32.VB.abj ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061837.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061838.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061855.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP188\A0061856.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP200\A0062056.exe Infecté: Flooder.Win32.VB.cq ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063791.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063792.dll Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063793.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063793.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063793.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063795.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063796.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063796.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063796.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063908.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063909.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063909.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063909.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063910.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063911.exe Infecté: Trojan.Win32.VB.ali ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063912.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063954.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063955.exe Infecté: Trojan-Downloader.Win32.VB.aad ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063956.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063957.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063958.exe Infecté: Trojan-Downloader.Win32.Adload.ay ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063970.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063970.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063972.exe Infecté: Trojan-Downloader.Win32.Adload.ap ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063973.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0063999.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064000.exe Infecté: Trojan.Win32.StartPage.aiy ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064101.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064141.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064141.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064153.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064153.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064160.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064162.exe Infecté: Trojan-Downloader.Win32.VB.abm ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064163.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064164.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064165.exe Infecté: Trojan-Downloader.Win32.VB.abj ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064923.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064924.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064941.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\A0064942.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065383.dll Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065384.exe Infecté: Trojan-Downloader.Win32.VB.abj ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065385.exe Infecté: Trojan.Win32.StartPage.aiy ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065386.exe Infecté: Trojan-Downloader.Win32.Adload.ay ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065387.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065388.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065389.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065390.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065391.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065392.exe Infecté: Trojan.Win32.VB.ali ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP224\A0065393.exe Infecté: Trojan-Downloader.Win32.VB.aaf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP67\A0043345.exe/Chrunch-It-Cracked By l1nd0/Chrunch-It-Cracked By l1nd0.exe Infecté: Flooder.Win32.VB.cq ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP67\A0043345.exe ZIP: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047431.exe Infecté: Trojan-Downloader.Win32.Small.buy ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047432.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047433.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047699.exe Infecté: Trojan-Downloader.Win32.Adload.au ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047806.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047807.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP80\A0047809.exe Infecté: Trojan-Downloader.Win32.Adload.be ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0049926.exe Infecté: Trojan-Downloader.Win32.Adload.be ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0049927.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0049929.exe Infecté: Trojan-Downloader.Win32.VB.aaf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0049930.exe Infecté: Trojan-Clicker.Win32.VB.mo ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0049931.exe Infecté: Trojan-Downloader.Win32.VB.abj ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050049.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050057.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050058.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050157.exe Infecté: Trojan-Downloader.Win32.Adload.au ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050189.exe Infecté: Trojan-Downloader.Win32.Small.buy ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050190.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050191.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050282.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050282.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050283.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050283.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050334.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050335.exe Infecté: Trojan-Dropper.Win32.Small.qn ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050337.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050337.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050348.exe Infecté: Trojan-Downloader.Win32.VB.abm ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP82\A0050349.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP83\A0050396.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP83\A0050396.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP83\A0050409.exe Infecté: Trojan-Downloader.Win32.Adload.ay ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP84\A0051565.exe Infecté: Trojan-Downloader.Win32.TSUpdate.o ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP84\A0051567.exe Infecté: Trojan-Downloader.Win32.VB.abm ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP84\A0051591.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP84\A0051591.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP89\A0051965.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP89\A0051965.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP89\A0051968.exe Infecté: Trojan-Downloader.Win32.Adload.as ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP89\A0051969.exe Infecté: Trojan-Downloader.Win32.Adload.ap ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP89\A0051970.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP90\A0052045.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP90\A0052045.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP90\A0052046.exe/data0002 Infecté: Trojan-Clicker.Win32.Small.jf ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP90\A0052046.exe NSIS: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP90\A0052074.exe/-Big-Killer-v7.0-/-Big-Killer-V7.0-.exe Infecté: IM-Flooder.Win32.KillBig.51 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP90\A0052074.exe ZIP: infecté - 1 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP94\A0052502.exe Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052560.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052562.exe Infecté: Trojan-Downloader.Win32.VB.zg ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052563.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052563.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052563.exe NSIS: infecté - 2 ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052564.exe Infecté: Trojan-Downloader.Win32.VB.aad ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP98\A0052565.exe Infecté: Trojan-Downloader.Win32.Adload.aw ignoré
C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP99\A0052600.dll Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\VSL02.exe/data0004 Infecté: Trojan-Downloader.Win32.Small.ctp ignoré
C:\VSL02.exe/data0005 Infecté: Trojan-Downloader.Win32.Small.ajc ignoré
C:\VSL02.exe NSIS: infecté - 2 ignoré
C:\WINDOWS\secure32.html Infecté: Trojan.Win32.Harnig.a ignoré
Analyse terminée.
démarre ton pc en mode sans échec, vide la quarantaine de norton car ça commence à déborder
vérifie que tu as accès aux fichiers cachés et aux fichiers du système d'exploitation, pour cela: outils+options des dossiers+affichage et coche la case "afficher les fichiers et dossiers cachés" et décoche la case "masquer les fichiers protégés du système d'exploitation"
ensuite vide ce dossier: C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\
ainsi que tous les autres fichiers trouvés lors du scan kaspersky
vérifie que tu as accès aux fichiers cachés et aux fichiers du système d'exploitation, pour cela: outils+options des dossiers+affichage et coche la case "afficher les fichiers et dossiers cachés" et décoche la case "masquer les fichiers protégés du système d'exploitation"
ensuite vide ce dossier: C:\System Volume Information\_restore{B9E2A72D-1A55-435B-94E6-503D13FAC150}\RP212\
ainsi que tous les autres fichiers trouvés lors du scan kaspersky
Bonjour,
0/ Désactive ta restauration systeme :
clik droit sur poste de travail/proprietes/restauration systeme/coche la case desactiver la restauration systeme
1/ Vide la quarantaine de :
- Spybot - Search & Destroy
- Norton Antivirus
- Microsoft AntiSpyware
- Norton SystemWorks
2/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->coché
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché)
3/ ensuite supprime les fichiers et/ou dossiers suivants si présents :
C:\Documents and Settings\farouck\Application Data\Microsoft\Internet Explorer\Desktop.htt
C:\Documents and Settings\farouck\Menu Démarrer\Programmes\Startup\Adobe Gamma Loader.exe
C:\VSL02.exe <== le dossier
C:\WINDOWS\secure32.html
4/ Télécharge SmitfraudFix de S!Ri :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
- Tu le dézippes sur le Bureau.
- Tu ouvres SmitfraudFix, tu double cliques sur SmitfraudFix.cmd et tu choisis l’option 1
Postes le rapport.
- Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarres l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuyes sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionnes le mode sans échec approprié et appuyes sur Entrée.
- Relances SmitfraudFix et choisis cette fois l’option 2 et réponds oui à tout.
- Redémarres normalement, réactive ta restauration systeme, et communiques le deuxième rapport de SmitfraudFix avec un nouveau rapport Hijackthis.
0/ Désactive ta restauration systeme :
clik droit sur poste de travail/proprietes/restauration systeme/coche la case desactiver la restauration systeme
1/ Vide la quarantaine de :
- Spybot - Search & Destroy
- Norton Antivirus
- Microsoft AntiSpyware
- Norton SystemWorks
2/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->coché
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché)
3/ ensuite supprime les fichiers et/ou dossiers suivants si présents :
C:\Documents and Settings\farouck\Application Data\Microsoft\Internet Explorer\Desktop.htt
C:\Documents and Settings\farouck\Menu Démarrer\Programmes\Startup\Adobe Gamma Loader.exe
C:\VSL02.exe <== le dossier
C:\WINDOWS\secure32.html
4/ Télécharge SmitfraudFix de S!Ri :
http://siri.urz.free.fr/Fix/SmitfraudFix.php
- Tu le dézippes sur le Bureau.
- Tu ouvres SmitfraudFix, tu double cliques sur SmitfraudFix.cmd et tu choisis l’option 1
Postes le rapport.
- Redémarre en mode sans échec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarres l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuyes sur la touche F8 ou F5 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionnes le mode sans échec approprié et appuyes sur Entrée.
- Relances SmitfraudFix et choisis cette fois l’option 2 et réponds oui à tout.
- Redémarres normalement, réactive ta restauration systeme, et communiques le deuxième rapport de SmitfraudFix avec un nouveau rapport Hijackthis.
Lassé par la pub ? Créez un compte
