cheval de troie
Dernière réponse : dans Sécurité
Salut
Je n'arrive pas a me separer d'un cheval de troie ( fichier)
C:\Program Files\WindowsNT\VSL.dl_
( logiciel )
Win32:Small-ALB[Tri]
Merci d'avance.
Je n'arrive pas a me separer d'un cheval de troie ( fichier)
C:\Program Files\WindowsNT\VSL.dl_
( logiciel )
Win32:Small-ALB[Tri]
Merci d'avance.
Autres pages sur : cheval troie
Lassé par la pub ? Créez un compte
ok alor telcharger spybot et ad-aware:
http://www.01net.com/telecharger/windows/Internet/inter...
http://www.01net.com/telecharger/windows/Internet/inter...
et fais une annalyse et ne suprime pas avast garde-le
avec ad-aware un moment tu auras 4 possibilité d' annalyse prend la 2 en partent du haut.
et avec spybot tu doit faire les mise a jour du logiciel avant si tu a un problème fais moi en par ;-)
http://www.01net.com/telecharger/windows/Internet/inter...
http://www.01net.com/telecharger/windows/Internet/inter...
et fais une annalyse et ne suprime pas avast garde-le
avec ad-aware un moment tu auras 4 possibilité d' annalyse prend la 2 en partent du haut.
et avec spybot tu doit faire les mise a jour du logiciel avant si tu a un problème fais moi en par ;-)
Si va voir la:
http://www.01net.com/telecharger/windows/Internet/inter...
entre ça dans ta bar de recherche sur le net, je vien de le voir ;-)
http://www.01net.com/telecharger/windows/Internet/inter...
entre ça dans ta bar de recherche sur le net, je vien de le voir ;-)
Bonjour "CMG" alors pour un cheval de trois ésséye ma technique tu vera il n'y a pas mieux.
télécharge hijackthis (sur google tu trouve en 2 minute)
ensuite fais comme suit :
double clik sur hijackthis , ensuite clik sur
"open the misc tool section" , ensuite clike sur
"delete a file on roboot , ensuite
"rentre dans "chemin a suivre" le chemin ENTIER de l'emplacement de ton trojan (cheval de trois)
refais un scan avec avast mais normalement tu na plus de probléme.
télécharge hijackthis (sur google tu trouve en 2 minute)
ensuite fais comme suit :
double clik sur hijackthis , ensuite clik sur
"open the misc tool section" , ensuite clike sur
"delete a file on roboot , ensuite
"rentre dans "chemin a suivre" le chemin ENTIER de l'emplacement de ton trojan (cheval de trois)
refais un scan avec avast mais normalement tu na plus de probléme.
a tu redemarer ton ordinateur ?
Si tu ne la pas redemarrer c'est normal que ton ordinateur soi encore infecter,
car la suprétion prend effet apres le redémarage du pc.
Autre chose quand tu fait un scan avec avast , il te le détécte plusieur fois ou une seul fois ?
Sinon sa veux dire que le virus se trouve dans plusieur fichier en même temp, et donc tu dois supprimer TOUS les fichier qui contienne le virus.
Si tu ne la pas redemarrer c'est normal que ton ordinateur soi encore infecter,
car la suprétion prend effet apres le redémarage du pc.
Autre chose quand tu fait un scan avec avast , il te le détécte plusieur fois ou une seul fois ?
Sinon sa veux dire que le virus se trouve dans plusieur fichier en même temp, et donc tu dois supprimer TOUS les fichier qui contienne le virus.
Bonjour
1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
Ewido
http://www.ewido.net/en/download/
Tu l'installes.
Lance Ewido et clique sur le bouton Update (barre d'outils - au haut).
Sous Manual Update clique Start update. Patiente jusqu'à l'affichage "Update successful".
2 Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
3 Lance le nettoyage avec CCleaner.
4 Lance Ewido.
Clique sur le bouton Scanner (de la barre d'outils) et ensuite clique sur Complete System Scan.
A la fin du scan, choisis l'option " Apply All Actions " en bas. Puis, Yes pour mettre en quarantaine.
Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit facile à retrouver.
5 Redémarre normalement et poste un log HijackThis avec le rapport d'Ewido.
1 Télécharge
CCleaner.
http://www.filehippo.com/download_ccleaner.html
Installe le dans un répertoire dédié.
Ewido
http://www.ewido.net/en/download/
Tu l'installes.
Lance Ewido et clique sur le bouton Update (barre d'outils - au haut).
Sous Manual Update clique Start update. Patiente jusqu'à l'affichage "Update successful".
2 Redémarre en mode sans echec. Attention, tu n'as pas accès à internet dans ce mode, note bien ce que tu as à faire.
Démarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
3 Lance le nettoyage avec CCleaner.
4 Lance Ewido.
Clique sur le bouton Scanner (de la barre d'outils) et ensuite clique sur Complete System Scan.
A la fin du scan, choisis l'option " Apply All Actions " en bas. Puis, Yes pour mettre en quarantaine.
Clique sur "Save Report", puis "Save Report As". Ceci génère un rapport en fichier texte. Assure-toi de le sauvegarder dans un endroit facile à retrouver.
5 Redémarre normalement et poste un log HijackThis avec le rapport d'Ewido.
12/07/2006 06:20:28 mercier-gallay 3404 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\Documents and Settings\mercier-gallay\Local Settings\Temporary Internet Files\Content.IE5\MTIP23GH\v1201[1].exe" file.
12/07/2006 06:24:44 mercier-gallay 1448 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 06:27:05 mercier-gallay 1448 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 06:27:10 mercier-gallay 1448 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 06:27:10 mercier-gallay 1448 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 06:27:11 mercier-gallay 1448 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\Windows Media Player\mebezavev.html" file.
12/07/2006 06:27:11 mercier-gallay 1448 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\ComPlus Applications\podocix.html" file.
12/07/2006 06:33:50 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 06:38:28 mercier-gallay 1460 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 06:38:36 mercier-gallay 1460 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 06:38:56 mercier-gallay 1460 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 06:42:09 mercier-gallay 1460 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\RECYCLER\S-1-5-21-960976807-1052830132-407011210-1006\Dc1.htm" file.
12/07/2006 06:45:03 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 06:45:19 mercier-gallay 1460 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 06:45:32 mercier-gallay 1460 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 06:45:35 mercier-gallay 1460 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 06:48:21 mercier-gallay 1460 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 06:48:26 mercier-gallay 1460 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\Windows Media Player\mebezavev.html" file.
12/07/2006 06:53:56 mercier-gallay 1460 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-TA66T.tmp" file.
12/07/2006 06:54:15 mercier-gallay 1460 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-FUK2V.tmp" file.
12/07/2006 06:55:17 mercier-gallay 1460 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-141PH.tmp" file.
12/07/2006 06:55:33 mercier-gallay 1460 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-HDNTL.tmp" file.
12/07/2006 07:42:21 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 07:42:57 mercier-gallay 1456 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 07:43:31 mercier-gallay 1456 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 07:43:34 mercier-gallay 1456 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 08:39:39 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 08:47:03 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 12:32:53 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 12:34:06 mercier-gallay 1456 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-9GMSQ.tmp" file.
12/07/2006 12:34:17 mercier-gallay 1456 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 12:34:37 mercier-gallay 1456 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 12:34:44 mercier-gallay 1456 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 12:39:06 mercier-gallay 3036 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\Documents and Settings\mercier-gallay\Local Settings\Temporary Internet Files\Content.IE5\MTIP23GH\v1201[1].exe" file.
12/07/2006 12:43:00 mercier-gallay 3036 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\VSL.dl_" file.
12/07/2006 13:23:26 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 14:18:06 mercier-gallay 1452 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 14:18:15 mercier-gallay 1452 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-JDAQH.tmp" file.
12/07/2006 14:19:10 mercier-gallay 1452 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-RETFP.tmp" file.
12/07/2006 14:19:39 mercier-gallay 1452 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-KR4FB.tmp" file.
12/07/2006 14:24:13 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 14:28:10 mercier-gallay 1468 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 15:02:26 mercier-gallay 1476 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 15:18:46 mercier-gallay 1476 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 15:20:51 mercier-gallay 1476 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 15:20:55 mercier-gallay 1476 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\Documents and Settings\mercier-gallay\Local Settings\Temporary Internet Files\Content.IE5\C9EFODQ3\v1201[1].exe" file.
12/07/2006 15:21:17 mercier-gallay 1476 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 15:21:17 mercier-gallay 1476 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 15:21:17 mercier-gallay 1476 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 15:23:09 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 15:24:31 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 15:44:03 mercier-gallay 1464 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 15:44:10 mercier-gallay 1464 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 15:44:30 mercier-gallay 1464 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 15:44:30 mercier-gallay 1464 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 16:23:24 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 17:04:28 mercier-gallay 1460 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\Documents and Settings\mercier-gallay\Local Settings\Temporary Internet Files\Content.IE5\C9EFODQ3\v1201[1].exe" file.
12/07/2006 17:04:28 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 17:05:52 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 17:08:21 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 17:09:38 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 17:12:36 mercier-gallay 928 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\Documents and Settings\mercier-gallay\Local Settings\Temporary Internet Files\Content.IE5\C9EFODQ3\v1201[1].exe" file.
12/07/2006 17:16:37 mercier-gallay 928 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 17:30:30 mercier-gallay 928 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 17:38:05 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 17:47:03 mercier-gallay 1464 Sign of "Win32:Adan-007 [Adw]" has been found in "C:\WINDOWS\system32\winbbb.dat" file.
12/07/2006 17:47:20 mercier-gallay 1464 Sign of "Win32:Adan-007 [Adw]" has been found in "C:\WINDOWS\system32\winbbb.dat" file.
12/07/2006 17:51:39 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:03:50 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:05:48 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:06:03 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:06:03 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:06:04 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:07:33 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:08:07 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:10:06 mercier-gallay 1452 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:11:33 mercier-gallay 1452 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:11:33 mercier-gallay 1452 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:13:06 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:13:24 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:14:50 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:14:52 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:14:54 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:16:20 mercier-gallay 1452 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:16:45 mercier-gallay 1452 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:18:10 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:20:30 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:20:51 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 19:10:40 mercier-gallay 1444 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 19:13:51 mercier-gallay 1444 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 19:22:30 mercier-gallay 1444 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 19:24:20 mercier-gallay 1468 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 19:25:34 mercier-gallay 1468 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 20:25:23 mercier-gallay 1540 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 20:35:27 mercier-gallay 3652 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 21:04:33 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 06:00:49 mercier-gallay 1520 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 12:24:21 mercier-gallay 1472 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 12:45:20 mercier-gallay 1556 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 17:41:57 mercier-gallay 1568 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 18:12:52 mercier-gallay 1480 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 18:14:02 mercier-gallay 1476 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 18:39:17 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 18:44:59 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 18:47:46 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 06:24:44 mercier-gallay 1448 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 06:27:05 mercier-gallay 1448 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 06:27:10 mercier-gallay 1448 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 06:27:10 mercier-gallay 1448 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 06:27:11 mercier-gallay 1448 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\Windows Media Player\mebezavev.html" file.
12/07/2006 06:27:11 mercier-gallay 1448 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\ComPlus Applications\podocix.html" file.
12/07/2006 06:33:50 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 06:38:28 mercier-gallay 1460 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 06:38:36 mercier-gallay 1460 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 06:38:56 mercier-gallay 1460 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 06:42:09 mercier-gallay 1460 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\RECYCLER\S-1-5-21-960976807-1052830132-407011210-1006\Dc1.htm" file.
12/07/2006 06:45:03 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 06:45:19 mercier-gallay 1460 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 06:45:32 mercier-gallay 1460 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 06:45:35 mercier-gallay 1460 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 06:48:21 mercier-gallay 1460 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 06:48:26 mercier-gallay 1460 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\Windows Media Player\mebezavev.html" file.
12/07/2006 06:53:56 mercier-gallay 1460 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-TA66T.tmp" file.
12/07/2006 06:54:15 mercier-gallay 1460 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-FUK2V.tmp" file.
12/07/2006 06:55:17 mercier-gallay 1460 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-141PH.tmp" file.
12/07/2006 06:55:33 mercier-gallay 1460 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-HDNTL.tmp" file.
12/07/2006 07:42:21 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 07:42:57 mercier-gallay 1456 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 07:43:31 mercier-gallay 1456 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 07:43:34 mercier-gallay 1456 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 08:39:39 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 08:47:03 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 12:32:53 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 12:34:06 mercier-gallay 1456 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-9GMSQ.tmp" file.
12/07/2006 12:34:17 mercier-gallay 1456 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 12:34:37 mercier-gallay 1456 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 12:34:44 mercier-gallay 1456 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 12:39:06 mercier-gallay 3036 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\Documents and Settings\mercier-gallay\Local Settings\Temporary Internet Files\Content.IE5\MTIP23GH\v1201[1].exe" file.
12/07/2006 12:43:00 mercier-gallay 3036 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Alwil Software\Avast4\VSL.dl_" file.
12/07/2006 13:23:26 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 14:18:06 mercier-gallay 1452 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 14:18:15 mercier-gallay 1452 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-JDAQH.tmp" file.
12/07/2006 14:19:10 mercier-gallay 1452 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-RETFP.tmp" file.
12/07/2006 14:19:39 mercier-gallay 1452 Sign of "Win32:Trojano-2062 [Trj]" has been found in "C:\Program Files\Error Safe Free\is-KR4FB.tmp" file.
12/07/2006 14:24:13 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 14:28:10 mercier-gallay 1468 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 15:02:26 mercier-gallay 1476 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 15:18:46 mercier-gallay 1476 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 15:20:51 mercier-gallay 1476 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 15:20:55 mercier-gallay 1476 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\Documents and Settings\mercier-gallay\Local Settings\Temporary Internet Files\Content.IE5\C9EFODQ3\v1201[1].exe" file.
12/07/2006 15:21:17 mercier-gallay 1476 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 15:21:17 mercier-gallay 1476 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 15:21:17 mercier-gallay 1476 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 15:23:09 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 15:24:31 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 15:44:03 mercier-gallay 1464 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html1.htm" file.
12/07/2006 15:44:10 mercier-gallay 1464 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 15:44:30 mercier-gallay 1464 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 15:44:30 mercier-gallay 1464 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 16:23:24 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 17:04:28 mercier-gallay 1460 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\Documents and Settings\mercier-gallay\Local Settings\Temporary Internet Files\Content.IE5\C9EFODQ3\v1201[1].exe" file.
12/07/2006 17:04:28 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 17:05:52 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 17:08:21 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 17:09:38 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 17:12:36 mercier-gallay 928 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\Documents and Settings\mercier-gallay\Local Settings\Temporary Internet Files\Content.IE5\C9EFODQ3\v1201[1].exe" file.
12/07/2006 17:16:37 mercier-gallay 928 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 17:30:30 mercier-gallay 928 Sign of "Win32:Trojan-gen. {VB}" has been found in "C:\WINDOWS\v1201.exe" file.
12/07/2006 17:38:05 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 17:47:03 mercier-gallay 1464 Sign of "Win32:Adan-007 [Adw]" has been found in "C:\WINDOWS\system32\winbbb.dat" file.
12/07/2006 17:47:20 mercier-gallay 1464 Sign of "Win32:Adan-007 [Adw]" has been found in "C:\WINDOWS\system32\winbbb.dat" file.
12/07/2006 17:51:39 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:03:50 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:05:48 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:06:03 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:06:03 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:06:04 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:07:33 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:08:07 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:10:06 mercier-gallay 1452 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:11:33 mercier-gallay 1452 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:11:33 mercier-gallay 1452 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:13:06 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:13:24 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:14:50 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:14:52 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:14:54 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:16:20 mercier-gallay 1452 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:16:45 mercier-gallay 1452 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 18:18:10 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:20:30 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 18:20:51 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 19:10:40 mercier-gallay 1444 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 19:13:51 mercier-gallay 1444 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 19:22:30 mercier-gallay 1444 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 19:24:20 mercier-gallay 1468 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\mevopugeb.dll" file.
12/07/2006 19:25:34 mercier-gallay 1468 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 20:25:23 mercier-gallay 1540 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
12/07/2006 20:35:27 mercier-gallay 3652 Sign of "Win32:CodBas-24 [Trj]" has been found in "C:\Program Files\html2.htm" file.
12/07/2006 21:04:33 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 06:00:49 mercier-gallay 1520 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 12:24:21 mercier-gallay 1472 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 12:45:20 mercier-gallay 1556 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 17:41:57 mercier-gallay 1568 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 18:12:52 mercier-gallay 1480 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 18:14:02 mercier-gallay 1476 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 18:39:17 mercier-gallay 1460 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 18:44:59 mercier-gallay 1464 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
13/07/2006 18:47:46 mercier-gallay 1456 Sign of "Win32:Small-ALB [Trj]" has been found in "C:\Program Files\Windows NT\VSL.dl_" file.
voici wido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 18:02:58 13/07/2006
+ Scan result:
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@banners.searchingbooth[1].txt -> TrackingCookie.Searchingbooth : Cleaned.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
::Report end
rapport EWIDO et HIJACKTHIS
---------------------------------------------------------
+ Created at: 18:02:58 13/07/2006
+ Scan result:
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@banners.searchingbooth[1].txt -> TrackingCookie.Searchingbooth : Cleaned.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\mercier-gallay\Cookies\mercier-gallay@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
::Report end
rapport EWIDO et HIJACKTHIS
rapport HIJACKTHISLogfile of HijackThis v1.99.1
Scan saved at 20:17:48, on 13/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\Dit.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\P2PNET~1\P2PNET~1.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\DitExp.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\mercier-gallay\Mes documents\Christophe MERCIER-GALLAY\hijackthis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://side.search.ke.voila.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://side.search.ke.voila.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - {007E9C9B-BF2B-803F-5DF4-337BB5F58AFA} - C:\WINDOWS\lboqslsic.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0C7C093D-83D2-4C92-8C73-B7FABECB714F} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {18F5CF38-2A7A-D4C9-90AA-37E213A8E6CC} - C:\WINDOWS\dunsnr.dll (file missing)
O2 - BHO: (no name) - {2A4412B7-1855-4C19-B257-EB17FFE45303} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {2DB7AB1F-8647-4519-8F70-6499443D8AED} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {36FDC83A-5D3F-47D8-9E74-D4EAC3D69DFB} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {3B5E591D-BC36-4812-B649-EB32AB3B1390} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {3FAF9412-6B2C-48DB-A4D1-A62469818DFE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {44F93257-E58D-49BE-9210-7AAFE909234A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {477EE7CC-3D5E-4E74-B594-DD19EFE73244} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {4A227E60-5049-4E00-AB30-C6E2EC65BB93} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {4C3336E9-26E1-4940-91CE-8075DE558984} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: Toolbar Wanadoo - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL (file missing)
O2 - BHO: (no name) - {4F7E97B7-36BA-4652-9DB2-1D6EA317C45B} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {5750D3CA-7BE9-4732-B492-BF7A9CC0E5DA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {68775DE8-6966-422F-AA35-E3BF7CDC258E} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {6AEF3E80-DBF0-4123-B55B-78BE6A500678} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {7E97EB74-88DE-4F52-AA40-D32DDFB1F8AA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {85D12B8A-6F7D-445A-AD90-B84A6AAAD53D} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {8E45786A-A755-4C59-AA7E-C4918C65E83B} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {961E0E2D-38AB-6E73-8AEA-F5D3D9B1D4CD} - C:\WINDOWS\mfgjlonca.dll (file missing)
O2 - BHO: (no name) - {98CEFD3B-23E1-493C-B1DC-49EB9AA071E4} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A51B521D-BB9B-469D-9187-8B42EC1C781A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A65D81BC-FE63-4433-9A68-19451E928612} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B57F5421-5A08-46B5-AFF9-0C755B2172DE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B7B45CBC-0A75-4C78-1499-D35E588D847C} - C:\WINDOWS\datwtbn.dll (file missing)
O2 - BHO: (no name) - {B9CE94E2-7369-4BB2-87E4-8C7DCC6C6588} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B9E08E0C-430C-40BB-A722-AEBB801AAF2C} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {BAFB6FA7-298A-1CEB-DB43-AE07C6E6F052} - C:\WINDOWS\tpav.dll (file missing)
O2 - BHO: (no name) - {C45A8B3C-7170-4839-9865-31452C46E186} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {CE6CFB2F-B207-A63C-F665-0DABB9BD6D3E} - C:\WINDOWS\fdrbjxtm.dll
O2 - BHO: (no name) - {D3E6C91E-5580-4A27-B4AE-FC79D8E304E9} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {D9A111F2-10B5-4ED9-9CD5-173B4B2E3FE8} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {DD92C6A2-BD42-43EE-8969-67DEC77E374D} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {E3DF4A8D-4281-4458-88D8-F7198528C181} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {E85972E9-339D-4B87-BF71-27136517ECAE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {EC7B5AC9-A386-4BB0-99DC-44CBC89D1380} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {F0388A84-DB65-4096-BD2C-7B9E86A78D27} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {F90A947D-383B-467F-ADD2-E9C6119A53B0} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Toolbar Wanadoo - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL (file missing)
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent
O4 - HKCU\..\Run: [wallp2.exe] C:\WINDOWS\system32\wallp2.exe
O4 - HKCU\..\Run: [VSL13.exe] C:\WINDOWS\system32\VSL13.exe
O4 - HKCU\..\Run: [1201.exe] C:\Documents and Settings\mercier-gallay\Application Data\System Restore\1201.exe
O4 - HKCU\..\Run: [ssqbn.exe] C:\WINDOWS\system32\ssqbn.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Rechercher avec Voila - file://C:\Program Files\WANADOO_TOOLBAR\Cache\SelectedContextSearch.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~3\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~3\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.medion.fr/
O16 - DPF: {4AD73894-A895-4FC2-B233-299867E08753} (Cadwkzctl Object) - http://apps.deskwizz.com/ax/adwerkz.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Scan saved at 20:17:48, on 13/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\mHotkey.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Home Cinema\PowerCinema\PCMService.exe
C:\WINDOWS\Dit.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\Program Files\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\P2PNET~1\P2PNET~1.EXE
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\SAGEM Wi-Fi USB 802.11g\WLANUTL.exe
C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
C:\WINDOWS\DitExp.exe
C:\PROGRA~1\MI3AA1~1\rapimgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\mercier-gallay\Mes documents\Christophe MERCIER-GALLAY\hijackthis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://side.search.ke.voila.fr
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.fr/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://side.search.ke.voila.fr
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Wanadoo
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - {007E9C9B-BF2B-803F-5DF4-337BB5F58AFA} - C:\WINDOWS\lboqslsic.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {0C7C093D-83D2-4C92-8C73-B7FABECB714F} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {18F5CF38-2A7A-D4C9-90AA-37E213A8E6CC} - C:\WINDOWS\dunsnr.dll (file missing)
O2 - BHO: (no name) - {2A4412B7-1855-4C19-B257-EB17FFE45303} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {2DB7AB1F-8647-4519-8F70-6499443D8AED} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {36FDC83A-5D3F-47D8-9E74-D4EAC3D69DFB} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {3B5E591D-BC36-4812-B649-EB32AB3B1390} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {3FAF9412-6B2C-48DB-A4D1-A62469818DFE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {44F93257-E58D-49BE-9210-7AAFE909234A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {477EE7CC-3D5E-4E74-B594-DD19EFE73244} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {4A227E60-5049-4E00-AB30-C6E2EC65BB93} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {4C3336E9-26E1-4940-91CE-8075DE558984} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: Toolbar Wanadoo - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL (file missing)
O2 - BHO: (no name) - {4F7E97B7-36BA-4652-9DB2-1D6EA317C45B} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {5750D3CA-7BE9-4732-B492-BF7A9CC0E5DA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {68775DE8-6966-422F-AA35-E3BF7CDC258E} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {6AEF3E80-DBF0-4123-B55B-78BE6A500678} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {7E97EB74-88DE-4F52-AA40-D32DDFB1F8AA} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {85D12B8A-6F7D-445A-AD90-B84A6AAAD53D} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {8E45786A-A755-4C59-AA7E-C4918C65E83B} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {961E0E2D-38AB-6E73-8AEA-F5D3D9B1D4CD} - C:\WINDOWS\mfgjlonca.dll (file missing)
O2 - BHO: (no name) - {98CEFD3B-23E1-493C-B1DC-49EB9AA071E4} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A51B521D-BB9B-469D-9187-8B42EC1C781A} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {A65D81BC-FE63-4433-9A68-19451E928612} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B57F5421-5A08-46B5-AFF9-0C755B2172DE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B7B45CBC-0A75-4C78-1499-D35E588D847C} - C:\WINDOWS\datwtbn.dll (file missing)
O2 - BHO: (no name) - {B9CE94E2-7369-4BB2-87E4-8C7DCC6C6588} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {B9E08E0C-430C-40BB-A722-AEBB801AAF2C} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {BAFB6FA7-298A-1CEB-DB43-AE07C6E6F052} - C:\WINDOWS\tpav.dll (file missing)
O2 - BHO: (no name) - {C45A8B3C-7170-4839-9865-31452C46E186} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {CE6CFB2F-B207-A63C-F665-0DABB9BD6D3E} - C:\WINDOWS\fdrbjxtm.dll
O2 - BHO: (no name) - {D3E6C91E-5580-4A27-B4AE-FC79D8E304E9} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {D9A111F2-10B5-4ED9-9CD5-173B4B2E3FE8} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {DD92C6A2-BD42-43EE-8969-67DEC77E374D} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {E3DF4A8D-4281-4458-88D8-F7198528C181} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {E85972E9-339D-4B87-BF71-27136517ECAE} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {EC7B5AC9-A386-4BB0-99DC-44CBC89D1380} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {F0388A84-DB65-4096-BD2C-7B9E86A78D27} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O2 - BHO: (no name) - {F90A947D-383B-467F-ADD2-E9C6119A53B0} - C:\Program Files\Windows NT\mevopugeb.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: Toolbar Wanadoo - {4E7BD74F-2B8D-469E-8FB0-B921F5DBF922} - C:\PROGRA~1\WANADO~1\WANADO~1.DLL (file missing)
O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Home Cinema\PowerCinema\PCMService.exe"
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\wcescomm.exe"
O4 - HKCU\..\Run: [License Manager] "C:\Program Files\License_Manager\license_manager.exe " /silent
O4 - HKCU\..\Run: [wallp2.exe] C:\WINDOWS\system32\wallp2.exe
O4 - HKCU\..\Run: [VSL13.exe] C:\WINDOWS\system32\VSL13.exe
O4 - HKCU\..\Run: [1201.exe] C:\Documents and Settings\mercier-gallay\Application Data\System Restore\1201.exe
O4 - HKCU\..\Run: [ssqbn.exe] C:\WINDOWS\system32\ssqbn.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Utilitaire réseau pour SAGEM Wi-Fi 11g USB adapter.lnk = ?
O8 - Extra context menu item: Rechercher avec Voila - file://C:\Program Files\WANADOO_TOOLBAR\Cache\SelectedContextSearch.htm
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra 'Tools' menuitem: Créer un favori mobile... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MI3AA1~1\INetRepl.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~3\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~3\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.medion.fr/
O16 - DPF: {4AD73894-A895-4FC2-B233-299867E08753} (Cadwkzctl Object) - http://apps.deskwizz.com/ax/adwerkz.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Lassé par la pub ? Créez un compte
- Contenus similaires :
- ForumCheval de troie tr dldr
- ForumDéloger un cheval de troie
- ForumSos virus et cheval de troie
- ForumComment detruire un cheval de troie
- ForumCheval d troie
- ForumComment supprimer le cheval de troie
- ForumProbleme avec cheval de troie hdda.exe
- ForumCheval de troie startpage ksf
- ForumCheval de troie généric
- ForumHelp cheval de troie
- Voir plus
