UC à 100%
Dernière réponse : dans Sécurité
Salut à tous mon pb c'est que mon UC ne descent pas en dessous de 100(même si mon pc ne ram pas pour autant ce qui est étrange) :-( avant que vous me sortiez tous vos noms d'antispywares, j'ai scanné avec :
spybot, adaware, counterspy, kaspersky pro, xoftspy et j'ai spyware blaster...
En fait c'est depuisque je me suis fait avoir avec un faux crack téléchargé sur emule :-? bon voila j'suis pas très fier mais si vous aviez une solution... (je vous colle ici mon log de HijackThis) ....
Logfile of HijackThis v1.99.1
Scan saved at 00:20:32, on 04/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\winamp\winamp.exe
C:\Documents and Settings\yep\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678912345678] C:\Program Files\user32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt....
O17 - HKLM\System\CCS\Services\Tcpip\..\{B388A18E-AE51-4377-B276-D1E87B83AA8A}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\win_5d.dll
O20 - Winlogon Notify: App Paths - C:\WINDOWS\system32\guard.tmp (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe
Merci.
spybot, adaware, counterspy, kaspersky pro, xoftspy et j'ai spyware blaster...
En fait c'est depuisque je me suis fait avoir avec un faux crack téléchargé sur emule :-? bon voila j'suis pas très fier mais si vous aviez une solution... (je vous colle ici mon log de HijackThis) ....
Logfile of HijackThis v1.99.1
Scan saved at 00:20:32, on 04/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\winamp\winamp.exe
C:\Documents and Settings\yep\Bureau\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678912345678] C:\Program Files\user32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt....
O17 - HKLM\System\CCS\Services\Tcpip\..\{B388A18E-AE51-4377-B276-D1E87B83AA8A}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - AppInit_DLLs: C:\WINDOWS\system32\win_5d.dll
O20 - Winlogon Notify: App Paths - C:\WINDOWS\system32\guard.tmp (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe
Merci.
Autres pages sur : 100
Lassé par la pub ? Créez un compte
Salut,
je pense que t'as un virus installé sous programme files qui s'appelle user32
1/ redémarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
2/ va sous ajouter/supp program et supprime le programme user 32
3/relance hijackthis et choche ces deux lignes:
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O4 - HKLM\..\Run: [012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678912345678] C:\Program Files\user32.exe
4/ fermes toutes les applications et les fenetres ouvertes et appuis sur fix checked.
5/ refait un nouveau scan et poste le.
Quel était le résultat de tes différents scans effectués avec ces antivirus en ligne?
je pense que t'as un virus installé sous programme files qui s'appelle user32
1/ redémarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Appuye sur la touche F8 jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionne Mode sans échec et appuye sur Entrée.
2/ va sous ajouter/supp program et supprime le programme user 32
3/relance hijackthis et choche ces deux lignes:
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O4 - HKLM\..\Run: [012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678912345678] C:\Program Files\user32.exe
4/ fermes toutes les applications et les fenetres ouvertes et appuis sur fix checked.
5/ refait un nouveau scan et poste le.
Quel était le résultat de tes différents scans effectués avec ces antivirus en ligne?
essai de pas te connecter sur tes comptes bancaires avant de supprimer ce virus car j'ai vu qu'il collecte tes mots de passe et les envoi vers une adresse email au Brésil.
Citation:
http://www.symantec.com/security_response/writeup.
jsp?docid=2003-081016-1817-99&tabid=2
When Infostealer.Pport runs, it performs the following actions:
1. Drops the following files in the %System% folder:
* user32.exe
* user128.dll
NOTE: %System% is a variable. The Trojan locates the System folder and copies itself to that location. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
2. Adds the value:
"Windows_VXD"="%sysdir%\user32.exe"
to the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
so that the Trojan runs when you start Windows.
3. Collects passwords and sends them via free SMTP servers to an email address in Brazil.
Citation:
http://www.symantec.com/security_response/writeup.
jsp?docid=2003-081016-1817-99&tabid=2
When Infostealer.Pport runs, it performs the following actions:
1. Drops the following files in the %System% folder:
* user32.exe
* user128.dll
NOTE: %System% is a variable. The Trojan locates the System folder and copies itself to that location. By default, this is C:\Windows\System (Windows 95/98/Me), C:\Winnt\System32 (Windows NT/2000), or C:\Windows\System32 (Windows XP).
2. Adds the value:
"Windows_VXD"="%sysdir%\user32.exe"
to the registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
so that the Trojan runs when you start Windows.
3. Collects passwords and sends them via free SMTP servers to an email address in Brazil.
okay je vais faire ça, par rapport à l'UC en fait un prog espio à du me le mettre sur pause dans le temps de rafraichissement du graph.
Donc il restait toujours à 100 ...bon jvais tester ta solution.
-par rapport à suppr user32 dans le gestionnaire in n'apparait pas mais bo je vais voir ça en mode sans echec ...
Donc il restait toujours à 100 ...bon jvais tester ta solution.
-par rapport à suppr user32 dans le gestionnaire in n'apparait pas mais bo je vais voir ça en mode sans echec ...
Non le programme user32 n'apparait pas dans le ajout/suppr ...donc je n'ai pas mis fixe machin dans hijackthis...
Par rapport à user32...j'ai le logiciel easycleaner dans la liste des programmes de démarage qui m'indique la présence de [01234567890123456789.....] mais il me dit que l'entrée est obsolete et je ne peux pas la supprimer...en plus de ça user32 n'est pas présent dans program files :-o
Par rapport à user32...j'ai le logiciel easycleaner dans la liste des programmes de démarage qui m'indique la présence de [01234567890123456789.....] mais il me dit que l'entrée est obsolete et je ne peux pas la supprimer...en plus de ça user32 n'est pas présent dans program files :-o
La procédure est longue et en partie en mode sans échec. Attention, tu n'as pas accès à Internet dans ce mode, enregistre cette page Web (clique sur fichier/enregistrer sous/choisis « Bureau ») ou imprime ce que tu as à faire.
1/ Télécharge ces utilitaires mais ne fait les utilises pas pour l’instant :
- Ccleaner
http://www.filehippo.com/download_ccleaner/
Installe le dans un répertoire dédié car précédemment pour HJT (attention à l'installation pense à decocher l'installation de Yahoo toolbar).
- Ewido
http://www.ewido.net/en/download/
Installe Ewido puis mets le à jour en cliquant sur " Update Now ".
2/ Redémarre en mode sans échec.
Redémarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Tapotes sur la touche F8 (si F8 ne fonctionne pas essaie avec la touche F5) jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionnes le mode sans échec approprié et appuies sur Entrée.
3/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about :blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about :blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about :blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about :blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about :blank
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678912345678] C:\Program Files\user32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt....
O20 - AppInit_DLLs: C:\WINDOWS\system32\win_5d.dll
O20 - Winlogon Notify: App Paths - C:\WINDOWS\system32\guard.tmp (file missing)
Apres avoir coché les cases :
(ferme toutes les fenêtres sauf HJT)
Appuies --> Fix checked
puis oui à la question de confirmation
4/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->clique dessus
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché
Valide les changements.
5/ Ensuite supprime les fichiers et/ou dossiers suivants si présents :
C:\Program Files\user32.exe
C:\WINDOWS\system32\win_5d.dll
6/ Lance Ccleaner puis clique sur le bouton « Analyse » ensuite bouton « Lancer le Nettoyage ». Ensuite fait de même sur le bouton « Erreurs » puis « chercher des erreurs » et « réparer les erreurs sélectionnées ».
7/ - Relance Ewido puis choisis l'onglet " Scanner "
Fais un " Complete System Scan "
** Si un fichier est infecté, choisis l'option " Apply All Actions " en fin d'analyse **
Clique sur " Save Report " puis sur " Save Report As "
Enregistre le fichier .txt généré sur ton bureau.
Voici une aide sur Ewido : (merci à Malekal)
http://www.malekal.com/tutorial_ewidoV4.html
8/ Redémarre normalement et post le rapport Ewido, puis un nouveau rapport Hijackthis.
1/ Télécharge ces utilitaires mais ne fait les utilises pas pour l’instant :
- Ccleaner
http://www.filehippo.com/download_ccleaner/
Installe le dans un répertoire dédié car précédemment pour HJT (attention à l'installation pense à decocher l'installation de Yahoo toolbar).
- Ewido
http://www.ewido.net/en/download/
Installe Ewido puis mets le à jour en cliquant sur " Update Now ".
2/ Redémarre en mode sans échec.
Redémarre l'ordinateur.
Une fois le chargement du BIOS terminé, il y a un écran noir. Tapotes sur la touche F8 (si F8 ne fonctionne pas essaie avec la touche F5) jusqu'à l'affichage du menu des options avancées de Windows.
En utilisant les touches du curseur, sélectionnes le mode sans échec approprié et appuies sur Entrée.
3/ Lance HijackThis
puis --> Do a system scan only
coche les lignes indiquées ci-dessous
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about :blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about :blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about :blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about :blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about :blank
R3 - URLSearchHook: {1A03F196-9617-4CA0-842B-A83CEECB022B} - - (no file)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678912345678] C:\Program Files\user32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) - http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab312...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by107fd.bay107.hotmail.msn.com/activex/HMAtchmt....
O20 - AppInit_DLLs: C:\WINDOWS\system32\win_5d.dll
O20 - Winlogon Notify: App Paths - C:\WINDOWS\system32\guard.tmp (file missing)
Apres avoir coché les cases :
(ferme toutes les fenêtres sauf HJT)
Appuies --> Fix checked
puis oui à la question de confirmation
4/ Assure-toi que tu as accès aux fichiers cachés.
(Démarrer->Poste de travail->Outils->Options des dossiers...->Affichage
"Afficher les fichiers et dossiers cachés" ->clique dessus
"Masquer les extensions des fichiers dont le type est connu" ->décoché
"Masquer les fichiers protégés du système d'exploitation" ->décoché
Valide les changements.
5/ Ensuite supprime les fichiers et/ou dossiers suivants si présents :
C:\Program Files\user32.exe
C:\WINDOWS\system32\win_5d.dll
6/ Lance Ccleaner puis clique sur le bouton « Analyse » ensuite bouton « Lancer le Nettoyage ». Ensuite fait de même sur le bouton « Erreurs » puis « chercher des erreurs » et « réparer les erreurs sélectionnées ».
7/ - Relance Ewido puis choisis l'onglet " Scanner "
Fais un " Complete System Scan "
** Si un fichier est infecté, choisis l'option " Apply All Actions " en fin d'analyse **
Clique sur " Save Report " puis sur " Save Report As "
Enregistre le fichier .txt généré sur ton bureau.
Voici une aide sur Ewido : (merci à Malekal)
http://www.malekal.com/tutorial_ewidoV4.html
8/ Redémarre normalement et post le rapport Ewido, puis un nouveau rapport Hijackthis.
Ok c'est fait...
Logfile of HijackThis v1.99.1
Scan saved at 18:50:42, on 04/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\WINDOWS\Logi_MwX.Exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\divxsm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\yep\Mes documents\Sylvain\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O17 - HKLM\System\CCS\Services\Tcpip\..\{B388A18E-AE51-4377-B276-D1E87B83AA8A}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe (file missing)
_________________________________________
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 18:35:15 04/08/2006
+ Scan result:
C:\WINDOWS\system32\aeicap32.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\enp8l17u1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\gp02l3do1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ibaapi.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\k6js0g17e6.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mv22l9fo1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\p4n8le5u1h.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\pQpgraph.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\q0rqla951d.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\sWfrcdlg.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\tBpiui.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\wjhnetbs.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Beast 2.07.zip/Beast2.07.exe -> Backdoor.Beastdoor.205 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/bo2k2.zip/bo2k_1.0_intl.exe/\bo2k\installer\intl\BO2K\650MB\DISK1\SETUP.ISS -> Backdoor.BO2K : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/bo2k2.zip/bo2k_1.0_intl.exe/\bo2k\installer\intl\BO2K\650MB\DISK1\SETUP.PDF -> Backdoor.BO2K : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/seek.zip/Controller.exe -> Backdoor.Executor.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/seek.zip/Exec.exe -> Backdoor.Executor.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/netbus1.71.zip/NetBus.exe -> Backdoor.Netbus.170 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/netbus1.71.zip/Patch.exe -> Backdoor.Netbus.170 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Builder/alternativecgilogger.zip/back4/cgi_log.php -> Backdoor.Optix.Pro.131 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Builder/alternativecgilogger.zip/back4/config.inc.php -> Backdoor.Optix.Pro.131 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Builder/alternativecgilogger.zip/back4/install.php -> Backdoor.Optix.Pro.131 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Client/Client.exe -> Backdoor.Optix.Pro.132 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Builder/Builder.exe -> Backdoor.Optix.Pro.143 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/undetectable version 2005\Optix pro undetectable version + Password 20 aout 2005 By enet.rar/Optix pro undetectable version\Optix undetectable version by enet.rar/Optix undetectable version by enet.exe -> Backdoor.Optix.Pro.i : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Pro RAT 1.9.zip/ProRat.exe -> Backdoor.Prorat.19 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\ProRat19.rar/ProRat19\ProRat.exe -> Backdoor.Prorat.19 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/server.exe -> Backdoor.SubSeven.22 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Builder/cgilogger.zip/setup.cgi -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Builder/cgilogger.zip/subseven.cgi -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/EditServer.exe -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/cgi/setup.cgi -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/cgi/subseven.cgi -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/sin.exe -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/sub7.exe -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7capture.dll -> Backdoor.SubSeven.22.b2 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/icqpwsteal.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/matrix.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7advanced.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7fun1.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7fun2.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7keys.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7moreinfo.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7passwords.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7scanner.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7sniffer.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7takeover.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/SubSeven 2.2 undetected server.zip/server.exe -> Backdoor.SubSeven.pac : Error during cleaning.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\721D61UV\dlkjvlxcc[1].htm -> Downloader.Agent.asa : Cleaned with backup (quarantined).
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Beast 2.07.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Pro RAT 1.9.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/SubSeven 2.2 undetected server.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/bo2k2.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/netbus1.71.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/seek.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/seek.zip/Decryptor.exe -> Not-A-Virus.VirTool.DOS.Decryptor : Ignored.
:mozilla.616:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.520:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.522:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.523:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.628:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.693:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.301:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Addcontrol : Cleaned.
:mozilla.302:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Addcontrol : Cleaned.
:mozilla.275:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Adition : Cleaned.
:mozilla.276:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Adition : Cleaned.
:mozilla.32:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.33:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.479:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.480:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.488:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.489:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.490:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.498:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.491:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.218:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.219:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.220:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.221:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.222:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.223:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.636:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Com : Cleaned.
:mozilla.476:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.477:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.478:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.468:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.41:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.530:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.531:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.34:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.35:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.36:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.37:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.578:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.579:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.580:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.581:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.582:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.583:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.605:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.483:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.528:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.789:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.790:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.791:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.792:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.473:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.542:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Ivwbox : Cleaned.
:mozilla.261:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.262:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.263:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.502:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.500:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.501:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.603:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.604:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.598:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.599:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.600:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.768:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.769:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.770:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.771:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.772:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.708:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.162:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.163:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.164:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.165:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.166:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.277:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.278:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.279:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.280:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.281:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.282:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.283:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.284:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.196:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.405:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.407:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.408:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.445:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.495:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.496:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.497:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.268:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.269:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.270:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.271:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.272:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.273:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.274:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.516:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.517:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.484:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.611:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.38:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.39:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.40:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.395:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Xhit : Cleaned.
:mozilla.396:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Xhit : Cleaned.
:mozilla.719:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.21:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.22:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.23:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.24:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.25:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.26:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.27:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.28:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.485:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.486:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.487:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
HKU\S-1-5-21-823518204-287218729-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C} -> Trojan.Ciadoor.m : Cleaned with backup (quarantined).
::Report end
Note : "tous les Error during cleaning" c'est parce que j'ai décidé des les garder...
Logfile of HijackThis v1.99.1
Scan saved at 18:50:42, on 04/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\LVCOMSX.EXE
C:\WINDOWS\Logi_MwX.Exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\RamBoost XP\rambxpfr.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\Fichiers communs\Logitech\KhalShared\KHALMNPR.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Program Files\winamp\winamp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\divxsm.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\yep\Mes documents\Sylvain\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [RamBoostXp] C:\Program Files\RamBoost XP\rambxpfr.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: &Traduire à partir de l'anglais - res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Pages liées - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Pages similaires - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Recherche &Google - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Version de la page actuelle disponible dans le cache Google - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O17 - HKLM\System\CCS\Services\Tcpip\..\{B388A18E-AE51-4377-B276-D1E87B83AA8A}: NameServer = 80.10.246.1 80.10.246.132
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Pacsptisvr.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - C:\Program Files\Fichiers communs\Sony Shared\AVLib\Sptisrv.exe (file missing)
_________________________________________
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 18:35:15 04/08/2006
+ Scan result:
C:\WINDOWS\system32\aeicap32.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\enp8l17u1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\gp02l3do1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ibaapi.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\k6js0g17e6.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\mv22l9fo1.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\p4n8le5u1h.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\pQpgraph.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\q0rqla951d.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\sWfrcdlg.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\tBpiui.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\WINDOWS\system32\wjhnetbs.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Beast 2.07.zip/Beast2.07.exe -> Backdoor.Beastdoor.205 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/bo2k2.zip/bo2k_1.0_intl.exe/\bo2k\installer\intl\BO2K\650MB\DISK1\SETUP.ISS -> Backdoor.BO2K : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/bo2k2.zip/bo2k_1.0_intl.exe/\bo2k\installer\intl\BO2K\650MB\DISK1\SETUP.PDF -> Backdoor.BO2K : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/seek.zip/Controller.exe -> Backdoor.Executor.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/seek.zip/Exec.exe -> Backdoor.Executor.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/netbus1.71.zip/NetBus.exe -> Backdoor.Netbus.170 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/netbus1.71.zip/Patch.exe -> Backdoor.Netbus.170 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Builder/alternativecgilogger.zip/back4/cgi_log.php -> Backdoor.Optix.Pro.131 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Builder/alternativecgilogger.zip/back4/config.inc.php -> Backdoor.Optix.Pro.131 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Builder/alternativecgilogger.zip/back4/install.php -> Backdoor.Optix.Pro.131 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Client/Client.exe -> Backdoor.Optix.Pro.132 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Builder/Builder.exe -> Backdoor.Optix.Pro.143 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/undetectable version 2005\Optix pro undetectable version + Password 20 aout 2005 By enet.rar/Optix pro undetectable version\Optix undetectable version by enet.rar/Optix undetectable version by enet.exe -> Backdoor.Optix.Pro.i : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Pro RAT 1.9.zip/ProRat.exe -> Backdoor.Prorat.19 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\ProRat19.rar/ProRat19\ProRat.exe -> Backdoor.Prorat.19 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/server.exe -> Backdoor.SubSeven.22 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Builder/cgilogger.zip/setup.cgi -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Builder/cgilogger.zip/subseven.cgi -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/EditServer.exe -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/cgi/setup.cgi -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/cgi/subseven.cgi -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/sin.exe -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/sub7.exe -> Backdoor.SubSeven.22.a : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7capture.dll -> Backdoor.SubSeven.22.b2 : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/icqpwsteal.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/matrix.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7advanced.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7fun1.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7fun2.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7keys.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7moreinfo.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7passwords.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7scanner.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7sniffer.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/plugins/s7takeover.dll -> Backdoor.SubSeven.22.plugin : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/SubSeven 2.2 undetected server.zip/server.exe -> Backdoor.SubSeven.pac : Error during cleaning.
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5\721D61UV\dlkjvlxcc[1].htm -> Downloader.Agent.asa : Cleaned with backup (quarantined).
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Beast 2.07.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Optix Pro 1.33.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/Pro RAT 1.9.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/SubSeven 2.2 undetected server.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/bo2k2.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/netbus1.71.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/seek.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/ss2.2.zip/Manual.exe -> Dropper.Agent.b : Error during cleaning.
C:\Documents and Settings\yep\Mes documents\Sylvain\hack\Best Trojans Manual - Netbus, Sub7, Beast, Prorat Undetectable Version Optix.rar/seek.zip/Decryptor.exe -> Not-A-Virus.VirTool.DOS.Decryptor : Ignored.
:mozilla.616:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.520:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.522:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.523:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.628:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.693:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.301:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Addcontrol : Cleaned.
:mozilla.302:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Addcontrol : Cleaned.
:mozilla.275:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Adition : Cleaned.
:mozilla.276:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Adition : Cleaned.
:mozilla.32:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.33:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.479:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.480:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.488:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.489:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.490:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.498:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.491:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.218:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.219:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.220:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.221:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.222:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.223:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.636:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Com : Cleaned.
:mozilla.476:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.477:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.478:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Comclick : Cleaned.
:mozilla.468:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.41:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.530:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.531:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.34:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.35:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.36:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.37:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.578:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.579:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.580:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.581:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.582:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.583:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.605:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.483:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.528:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.789:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.790:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.791:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.792:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.473:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.542:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Ivwbox : Cleaned.
:mozilla.261:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.262:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.263:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.502:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.500:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.501:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.603:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.604:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.598:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.599:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.600:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.768:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.769:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.770:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.771:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.772:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.708:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.162:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.163:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.164:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.165:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.166:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.277:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.278:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.279:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.280:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.281:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.282:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.283:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.284:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.196:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.405:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.407:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.408:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.445:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.495:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.496:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.497:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.268:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.269:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.270:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.271:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.272:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.273:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.274:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.516:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.517:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.484:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.611:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.38:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.39:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.40:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.395:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Xhit : Cleaned.
:mozilla.396:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Xhit : Cleaned.
:mozilla.719:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.21:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.22:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.23:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.24:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.25:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.26:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.27:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.28:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.485:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.486:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.487:C:\Documents and Settings\yep\Application Data\Mozilla\Firefox\Profiles\exqoym17.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned.
HKU\S-1-5-21-823518204-287218729-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E14DCE67-8FB7-4721-8149-179BAA4D792C} -> Trojan.Ciadoor.m : Cleaned with backup (quarantined).
::Report end
Note : "tous les Error during cleaning" c'est parce que j'ai décidé des les garder...
Lassé par la pub ? Créez un compte
