nettoyage
Dernière réponse : dans Sécurité
Bonjour,
Je suis très débutante et J'ai changé récemment d'anti-virus . Avast a détecté de nombreux virus.
Pouvez-vous me dire comment nettoyer mon PC ?
SVP en language très simple !
Merci d'avance
Je suis très débutante et J'ai changé récemment d'anti-virus . Avast a détecté de nombreux virus.
Pouvez-vous me dire comment nettoyer mon PC ?
SVP en language très simple !
Merci d'avance
Autres pages sur : nettoyage
Lassé par la pub ? Créez un compte
Bonjour,
- Télécharge Hijackthis de Merjin
- Mets le dans un dossier ou sur ton bureau
-- Clique Droit sur Hijackthis :
-> Choisis " Renommer "
-> Tape Scanner.exe puis valide
- Lance l'application
- Choisis l'option Do a system scan and save a logfile
-- Le Bloc-Notes s'ouvre :
-> Edition / Sélectionner Tout
-> Edition / Copier
- Colle le rapport ici.
Aide sur Hijackthis
Installe Ewido
Lance Ewido puis mets le à jour en cliquant sur " Update Now "
Ferme le programme.
Aide sur Ewido de Rub_Mic
Redémarre en mode sans échec
Relance Ewido puis choisis l'onglet " Scanner "
Puis sur l'onglet " Settings ", pour " How to Act " sélectionne " Quarantine ".
Reviens dans l'onglet " Scan " puis réalise un " Complete System Scan "
* Si un fichier est infecté, choisis l'option " Apply All Actions " en fin d'analyse *
Clique sur " Save Report " puis sur " Save Report As "
Enregistre ce fichier .txt sur ton bureau, Copie/Colle le ici en mode normal.
Si tu as des questions, pose les moi.
- Télécharge Hijackthis de Merjin
- Mets le dans un dossier ou sur ton bureau
-- Clique Droit sur Hijackthis :
-> Choisis " Renommer "
-> Tape Scanner.exe puis valide
- Lance l'application
- Choisis l'option Do a system scan and save a logfile
-- Le Bloc-Notes s'ouvre :
-> Edition / Sélectionner Tout
-> Edition / Copier
- Colle le rapport ici.
Aide sur Hijackthis
Installe Ewido
Lance Ewido puis mets le à jour en cliquant sur " Update Now "
Ferme le programme.
Aide sur Ewido de Rub_Mic
Redémarre en mode sans échec
Relance Ewido puis choisis l'onglet " Scanner "
Puis sur l'onglet " Settings ", pour " How to Act " sélectionne " Quarantine ".
Reviens dans l'onglet " Scan " puis réalise un " Complete System Scan "
* Si un fichier est infecté, choisis l'option " Apply All Actions " en fin d'analyse *
Clique sur " Save Report " puis sur " Save Report As "
Enregistre ce fichier .txt sur ton bureau, Copie/Colle le ici en mode normal.
Si tu as des questions, pose les moi.
Tu veux dire la croix ????
Voilà le rapport hijackthisJ'ai trouvé le bon fichier Hijackthis !!!
Ci dessous le fichier copié-collé
Logfile of HijackThis v1.99.1
Scan saved at 17:41:39, on 27/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\DSentry.exe
C:\WINDOWS\system32\gsicon.exe
C:\WINDOWS\system32\dslagent.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\luc asselbergh\Bureau\scanner.exe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries [...] efault.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries [...] efault.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Nothing - {686a161d-5bd1-4999-8832-6393f41e564c} - C:\WINDOWS\system32\hp100.tmp (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [sp2ctr] c:\windows\system32\sp2ctr.exe /nocomm
O4 - HKLM\..\Run: [EvtHtm] c:\windows\system32\evthtm.exe /nocomm
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [dxvid] c:\windows\system32\dxvid.exe /nocomm
O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\IPYCVQRC\WFI_FRA[1].exe"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\MHPD03KX\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat 3.72\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat 3.72\Camfrog Video Chat.exe
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusea [...] ZSzeb00136
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.linkautomatici.com
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.sgrunt.biz
O15 - Trusted Zone: www.skymasters.biz
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://kit.carpediem.fr/10083/perversion-fetish.exe
O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} - http://akamai.downloadv3.com/binar [...] 064_XP.cab
O16 - DPF: {02C20140-76F8-4763-83D5-B660107B7A90} (Moniker32 Class) - http://63.219.181.7/cax.cab
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - http://scripts.downloadv3.com/bina [...] 071_XP.cab
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} (EGEGAUTH Class) - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {0E4796D6-A990-4372-9069-72FBDB4AE868} - http://www.one2one.com/static/class/one2oneSvc.cab
O16 - DPF: {14325268-79E0-4D2A-89A4-FFFC6E22741E} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/ [...] e-c420.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocac [...] .0.0.8.cab
O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/bina [...] 070_XP.cab
O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://63.217.31.12/dial/058361be.exe
O16 - DPF: {50AD557E-3426-41FD-AFDD-2AF39BB1C387} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {7CAA184C-91E7-4E84-8681-32F2A0D68DF1} (Apollon Class) - http://htmldialer.parisvoyeur.com/ [...] Daphne.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.f5biz.com/dial/htm/WebInstall.dll
O16 - DPF: {83252F41-71B7-492E-8B2E-A68AA3E301E7} (Ulysse Class) - http://htmldialer.parisvoyeur.com/ [...] nelope.cab
O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx
O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {91BE8DAC-957E-416C-B735-E2B63CDB915B} (MyEMessengerSetup Control) - http://www.myemessenger.com/active [...] roject.cab
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - http://scripts.downloadv3.com/bina [...] 068_XP.cab
O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {BA749BC1-143E-430D-B1DA-1D2AF67A3658} - http://scripts.downloadv3.com/bina [...] 069_XP.cab
O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} - http://www.edipole.fr/getkits/pasx/pasx01.exe
O16 - DPF: {CEFB7B49-9652-464F-8AFD-A577C0500F39} (EGP2ECOM Class) - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {D8B94E9A-A34B-4253-BF48-C7CB7F2CFDB0} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {E8EDB60C-951E-4130-93DC-FAF1AD25F8E7} - http://xbs.sea.mtree.com/mt/dialers/fc/UniDistIO.CAB
O16 - DPF: {EAAB55CB-9D6E-457A-A10B-4AAEC8317CFC} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/conten [...] loader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E43F592B-9B37-402D-8396-DAE4891A6512}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: bw+0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Voilà le rapport hijackthisJ'ai trouvé le bon fichier Hijackthis !!!
Ci dessous le fichier copié-collé
Logfile of HijackThis v1.99.1
Scan saved at 17:41:39, on 27/09/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\DSentry.exe
C:\WINDOWS\system32\gsicon.exe
C:\WINDOWS\system32\dslagent.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\luc asselbergh\Bureau\scanner.exe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/countries [...] efault.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries [...] efault.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Nothing - {686a161d-5bd1-4999-8832-6393f41e564c} - C:\WINDOWS\system32\hp100.tmp (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [sp2ctr] c:\windows\system32\sp2ctr.exe /nocomm
O4 - HKLM\..\Run: [EvtHtm] c:\windows\system32\evthtm.exe /nocomm
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [dxvid] c:\windows\system32\dxvid.exe /nocomm
O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\IPYCVQRC\WFI_FRA[1].exe"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\MHPD03KX\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat 3.72\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat 3.72\Camfrog Video Chat.exe
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusea [...] ZSzeb00136
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.linkautomatici.com
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.sgrunt.biz
O15 - Trusted Zone: www.skymasters.biz
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://kit.carpediem.fr/10083/perversion-fetish.exe
O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} - http://akamai.downloadv3.com/binar [...] 064_XP.cab
O16 - DPF: {02C20140-76F8-4763-83D5-B660107B7A90} (Moniker32 Class) - http://63.219.181.7/cax.cab
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - http://scripts.downloadv3.com/bina [...] 071_XP.cab
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} (EGEGAUTH Class) - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {0E4796D6-A990-4372-9069-72FBDB4AE868} - http://www.one2one.com/static/class/one2oneSvc.cab
O16 - DPF: {14325268-79E0-4D2A-89A4-FFFC6E22741E} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/ [...] e-c420.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocac [...] .0.0.8.cab
O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/bina [...] 070_XP.cab
O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://63.217.31.12/dial/058361be.exe
O16 - DPF: {50AD557E-3426-41FD-AFDD-2AF39BB1C387} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {7CAA184C-91E7-4E84-8681-32F2A0D68DF1} (Apollon Class) - http://htmldialer.parisvoyeur.com/ [...] Daphne.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.f5biz.com/dial/htm/WebInstall.dll
O16 - DPF: {83252F41-71B7-492E-8B2E-A68AA3E301E7} (Ulysse Class) - http://htmldialer.parisvoyeur.com/ [...] nelope.cab
O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx
O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {91BE8DAC-957E-416C-B735-E2B63CDB915B} (MyEMessengerSetup Control) - http://www.myemessenger.com/active [...] roject.cab
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - http://scripts.downloadv3.com/bina [...] 068_XP.cab
O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {BA749BC1-143E-430D-B1DA-1D2AF67A3658} - http://scripts.downloadv3.com/bina [...] 069_XP.cab
O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} - http://www.edipole.fr/getkits/pasx/pasx01.exe
O16 - DPF: {CEFB7B49-9652-464F-8AFD-A577C0500F39} (EGP2ECOM Class) - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {D8B94E9A-A34B-4253-BF48-C7CB7F2CFDB0} - http://scripts.downloadv3.com/bina [...] _FR_XP.cab
O16 - DPF: {E8EDB60C-951E-4130-93DC-FAF1AD25F8E7} - http://xbs.sea.mtree.com/mt/dialers/fc/UniDistIO.CAB
O16 - DPF: {EAAB55CB-9D6E-457A-A10B-4AAEC8317CFC} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/conten [...] loader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E43F592B-9B37-402D-8396-DAE4891A6512}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: bw+0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
J'ai continué la procédure sur Ewido et voici le rapport.
Dis-moi alors ce qu'il y a encore à faire.
Je reprends les messages demain , bonne soirée et déjà merci !
wido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 20:53:02 27/09/2006
+ Scan result:
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\salm -> Adware.180Solutions : Cleaned with backup (quarantined).
HKLM\SOFTWARE\salm -> Adware.180Solutions : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006\Software\salm -> Adware.180Solutions : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006\Software\Classes\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c} -> Adware.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006_Classes\CLSID\{5aaf6542-f4ba-4df4-873d-4902ecbe794c} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\HbTools\HbTools -> Adware.HotBar : Cleaned with backup (quarantined).
C:\Program Files\Internet Optimizer -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
C:\Program Files\Internet Optimizer\update -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\anything -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\anything\cf1 -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Internet Optimizer -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Rotue -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006\Software\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006\Software\Microsoft\Windows\CurrentVersion\Policies\AMeOpt -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006\Software\Policies\Avenue Media -> Adware.InternetOptimizer : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129242.dll -> Adware.MagicControl : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj.1 -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CLSID -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CurVer -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj.1 -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj\CLSID -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj\CurVer -> Adware.MoneyTree : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DyFuCA -> Adware.MoneyTree : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129263.dll -> Adware.NaviPromo : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129267.dll -> Adware.NaviPromo : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\NaviPromo.EGNaviScoring -> Adware.NaviPromo : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\NaviPromo.EGNaviScoring.1 -> Adware.NaviPromo : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\NaviPromo.EGNaviScoring\CLSID -> Adware.NaviPromo : Cleaned with backup (quarantined).
HKLM\SOFTWARE\FCI\DyFuCA -> Adware.SafeSurfing : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129253.exe -> Adware.Sahat : Cleaned with backup (quarantined).
C:\WINDOWS\2dpsi0m1.exe -> Adware.Sahat : Cleaned with backup (quarantined).
C:\temp\Remover.exe -> Adware.Winad : Cleaned with backup (quarantined).
C:\Program Files\Fichiers communs\WinSoftware\CrXML.dll -> Adware.Winfixer : Cleaned with backup (quarantined).
C:\Program Files\WinFixer 2005 -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Program Files\Preview AdService -> Adware.WinTaskAd : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129268.dll -> Dialer.EGroup.d : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DialXS.DialXSCtl -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DialXS.DialXSCtl.1 -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DialXS.DialXSCtl\CLSID -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\DialXS.DialXSCtl\CurVer -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\EGAUTH.EGEGAUTH -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\EGAUTH.EGEGAUTH.1 -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\EGAUTH.EGEGAUTH\CLSID -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\EGAUTH.EGEGAUTH\CurVer -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Ole32ws.Moniker32 -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Ole32ws.Moniker32.1 -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Ole32ws.Moniker32\CLSID -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Ole32ws.Moniker32\CurVer -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\P2ECOM.EGP2ECOM -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\P2ECOM.EGP2ECOM.1 -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\P2ECOM.EGP2ECOM\CLSID -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\P2ECOM.EGP2ECOM\CurVer -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Instant Access -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SCom -> Dialer.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SCom\Dialers -> Dialer.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006\Software\Coulomb -> Dialer.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006\Software\Coulomb\Hardcore -> Dialer.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006\Software\Coulomb\Porn Turbo -> Dialer.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006\Software\DialXS -> Dialer.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006\Software\EGDHTML -> Dialer.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006\Software\SCom -> Dialer.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-1715941125-3953442808-2644657398-1006\Software\SCom\Dialers -> Dialer.Generic : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129273.dll -> Dialer.InstantAccess.e : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\syswbsvc32.dll -> Dialer.InstantAccess.e : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129256.dll -> Dialer.InstantAccess.f : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129257.dll -> Dialer.InstantAccess.f : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129258.dll -> Dialer.InstantAccess.f : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129259.dll -> Dialer.InstantAccess.f : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129260.dll -> Dialer.InstantAccess.f : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129261.dll -> Dialer.InstantAccess.f : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129245.dll -> Downloader.Agent.ad : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129264.dll -> Downloader.Dyfuca.dn : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Temporary Internet Files\Content.IE5\GZE1YHMN\popup[1].htm -> Downloader.IstBar.ai : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Temporary Internet Files\Content.IE5\GZE1YHMN\popup[2].htm -> Downloader.IstBar.ai : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\Ole32ws.inf -> Downloader.Small : Cleaned with backup (quarantined).
C:\WINDOWS\Q1153859.exe -> Downloader.Small.ac : Cleaned with backup (quarantined).
C:\WINDOWS\Q19122312.exe -> Downloader.Small.ac : Cleaned with backup (quarantined).
C:\WINDOWS\Q7071515.exe -> Downloader.Small.ac : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129247.dll -> Downloader.Wintrim.az : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129250.dll -> Downloader.Wintrim.az : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129248.dll -> Downloader.Wintrim.ba : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129249.dll -> Downloader.Wintrim.ba : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129269.dll -> Downloader.Wintrim.bb : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129246.dll -> Downloader.Wintrim.ci : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129265.dll -> Downloader.Wintrim.cu : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-487b52a0-6dc18022.zip/Beyond.class -> Dropper.Beyond.g : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-487b52a0-6dc18022.zip/BlackBox.class -> Dropper.Beyond.g : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129266.dll -> Logger.Mslagent : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\IRIJQP2B\new[1].htm -> Not-A-Virus.Constructor.Perl.Msdds.b : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-1199dff7-74ce9e51.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-4f65e3a2-3beba9cd.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-5157872c-66773f20.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\ar3.jar-71002e85-461eab92.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-7c973d62-3b7bd73c.zip/Dummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jar.jar-2a251b3-76a8c523.zip/Gummy.class -> Not-A-Virus.Exploit.ByteVerify : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129254.dll -> Not-A-Virus.Hoax.Win32.Renos.dj : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129255.sys -> Rootkit.Agent.af : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned with backup (quarantined).
:mozilla.225:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.230:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.27:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.28:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.29:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.30:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.75:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@aolfr.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
:mozilla.72:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.73:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.74:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@adbrite[1].txt -> TrackingCookie.Adbrite : Cleaned with backup (quarantined).
:mozilla.156:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Adengage : Cleaned with backup (quarantined).
:mozilla.157:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Adengage : Cleaned with backup (quarantined).
:mozilla.158:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Adengage : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@rotator.adjuggler[1].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
:mozilla.222:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.223:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
:mozilla.20:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.21:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
:mozilla.22:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@adviva[2].txt -> TrackingCookie.Adviva : Cleaned with backup (quarantined).
:mozilla.275:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@bfast[1].txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
:mozilla.7:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@iv2.bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
:mozilla.217:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@casinopays[2].txt -> TrackingCookie.Casinopays : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@crbanner.casinopays[2].txt -> TrackingCookie.Casinopays : Cleaned with backup (quarantined).
:mozilla.710:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined).
:mozilla.711:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined).
:mozilla.715:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined).
:mozilla.716:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined).
:mozilla.717:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@www.casinotropez[2].txt -> TrackingCookie.Casinotropez : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
:mozilla.160:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.161:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.162:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.163:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.164:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.165:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.856:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
:mozilla.857:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@cz11.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@cz3.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@cz4.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@banner.clubdicecasino[2].txt -> TrackingCookie.Clubdicecasino : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@clubdicecasino[1].txt -> TrackingCookie.Clubdicecasino : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@com[1].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).
:mozilla.67:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup (quarantined).
:mozilla.152:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup (quarantined).
:mozilla.8:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\fabienne degueldre\Cookies\fabienne degueldre@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@www.epilot[1].txt -> TrackingCookie.Epilot : Cleaned with backup (quarantined).
:mozilla.266:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.273:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@e-2dj6wgkigmazilo.stats.esomniture[1].txt -> TrackingCookie.Esomniture : Cleaned with backup (quarantined).
:mozilla.209:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@tracking.g3x[1].txt -> TrackingCookie.G3x : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@c.goclick[1].txt -> TrackingCookie.Goclick : Cleaned with backup (quarantined).
:mozilla.611:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Goldenpalace : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@www.goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Cleaned with backup (quarantined).
:mozilla.587:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Grandonline : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@ehg-dig.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@ehg-edgebe.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@ehg-eline.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@ehg-firstchoice.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@ehg-salonmedia.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@ehg-touring.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@ehg-wmc.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@hg1.hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@phg.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter.hitslink[2].txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter2.hitslink[2].txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).
:mozilla.18:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
:mozilla.19:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\fabienne degueldre\Cookies\fabienne degueldre@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@banner.newyorkcasino[2].txt -> TrackingCookie.Newyorkcasino : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@newyorkcasino[1].txt -> TrackingCookie.Newyorkcasino : Cleaned with backup (quarantined).
:mozilla.970:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.971:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.972:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
:mozilla.299:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.302:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@data3.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@overture[2].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
:mozilla.271:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@paycounter[2].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@popunder.paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@www.popuptraffic[2].txt -> TrackingCookie.Popuptraffic : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@aphrodite.porntrack[2].txt -> TrackingCookie.Porntrack : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@hekate.porntrack[1].txt -> TrackingCookie.Porntrack : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@stats3.porntrack[2].txt -> TrackingCookie.Porntrack : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@pro-market[1].txt -> TrackingCookie.Pro-market : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
:mozilla.835:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
:mozilla.114:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.115:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.116:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.117:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.118:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.119:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.803:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.804:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
:mozilla.166:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.167:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.168:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.169:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.170:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.171:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.172:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.173:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.174:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.175:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.176:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.177:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.178:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
:mozilla.179:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@sexlist[1].txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@sexlist[1].txt -> TrackingCookie.Sexlist : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter1.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter10.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter11.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter12.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter14.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter15.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter16.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter2.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter3.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter4.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter5.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter7.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter8.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@counter9.sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@sextracker[2].txt -> TrackingCookie.Sextracker : Cleaned with backup (quarantined).
:mozilla.388:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Shopathomeselect : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@www.shopathomeselect[2].txt -> TrackingCookie.Shopathomeselect : Cleaned with backup (quarantined).
:mozilla.939:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup (quarantined).
:mozilla.10:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
:mozilla.11:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
:mozilla.12:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
:mozilla.17:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@spylog[1].txt -> TrackingCookie.Spylog : Cleaned with backup (quarantined).
:mozilla.913:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.914:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.915:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.916:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.937:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.938:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.941:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.943:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.944:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.945:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.946:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.949:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.950:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.951:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.952:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.954:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.955:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.957:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.958:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
:mozilla.959:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@sunpalacecasino[1].txt -> TrackingCookie.Sunpalacecasino : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
:mozilla.899:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
:mozilla.120:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.121:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.122:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.123:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.124:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.125:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
:mozilla.852:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
:mozilla.821:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup (quarantined).
:mozilla.848:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
:mozilla.829:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
:mozilla.849:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@vegasred[1].txt -> TrackingCookie.Vegasred : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@vegasred[2].txt -> TrackingCookie.Vegasred : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@www.vegasred[1].txt -> TrackingCookie.Vegasred : Cleaned with backup (quarantined).
:mozilla.312:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
:mozilla.314:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
:mozilla.777:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
:mozilla.779:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
:mozilla.780:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@web-stat[1].txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@webstat[2].txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
:mozilla.278:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@weborama[1].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
:mozilla.261:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.263:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.285:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
:mozilla.286:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@clickthrough.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@free.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@programs.wegcash[2].txt -> TrackingCookie.Wegcash : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@count.xhit[1].txt -> TrackingCookie.Xhit : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@xxxcounter[2].txt -> TrackingCookie.Xxxcounter : Cleaned with backup (quarantined).
:mozilla.305:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@yadro[1].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
:mozilla.76:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\Cookies\luc asselbergh@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
:mozilla.48:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.49:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.51:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
:mozilla.52:C:\Documents and Settings\luc asselbergh\Application Data\Mozilla\Firefox\Profiles\or714e9u.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Cookies\luc asselbergh@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Local Settings\Temp\dfiTempA.exe -> Trojan.Dialer.di : Cleaned with backup (quarantined).
C:\WINDOWS\LiveCams.exe -> Trojan.Dialer.g : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129240.exe -> Trojan.Dialer.k : Cleaned with backup (quarantined).
C:\Documents and Settings\luc asselbergh\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\archive.jar-6140d4eb-7b6b8722.zip/Dummy.class -> Trojan.NoCheat.240 : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129272.dll -> Trojan.P2E.ai : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129270.dll -> Trojan.P2E.al : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129241.dll -> Trojan.P2E.ch : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129252.dll -> Trojan.P2E.ch : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{2D081E92-40B0-4D11-86A6-AF667022EB05}\RP556\A0129262.dll -> Trojan.P2E.ch : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024 -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld11D2.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld1265.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld15F4.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld1F58.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld24C5.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld26BB.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld2BF9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld2DE0.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld2EA9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld358B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld3DBD.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld49B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld4A22.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld4DCF.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld55FB.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld5B8B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld5C92.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld663A.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld69CC.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld6D6F.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld6EB4.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld6F76.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld7629.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld83D0.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld8BAF.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld9667.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ld99EE.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldA0FD.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldA1FA.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldA3C1.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldAAE5.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldB309.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldB5A4.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldBC9B.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldBCB9.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldC561.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldC788.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldC944.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldCB6C.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM32\1024\ldCDC7.tmp -> Trojan.Small : Cleaned with backup (quarantined).
C:\WIND
Infcetion Smitfraud.
Télécharge Smitfraudfix
Dézippe-le sur le Bureau.
Ouvre le dossier SmitfraudFix et lance SmitfraudFix(.cmd)
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.
NOTE :
process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Redémarre en mode sans échec
Relance SmitfraudFix et choisis cette fois l’Option 2 et réponds oui à la ou les questions
Sauvegarde puis poste le rapport.
Télécharge Smitfraudfix
Dézippe-le sur le Bureau.
Ouvre le dossier SmitfraudFix et lance SmitfraudFix(.cmd)
Choisis l'Option 1 (Recherche)
Poste le premier rapport ici.
NOTE :
process.exe est détecté par certains antivirus (AntiVir, Dr.Web, Kaspersky Anti-Virus) comme étant un RiskTool. Il ne s'agit pas d'un virus, mais d'un utilitaire destiné à mettre fin à des processus. Mis entre de mauvaises mains, cet utilitaire pourrait arrêter des logiciels de sécurité (Antivirus, Firewall...) d'où l'alerte émise par ces antivirus.
Redémarre en mode sans échec
Relance SmitfraudFix et choisis cette fois l’Option 2 et réponds oui à la ou les questions
Sauvegarde puis poste le rapport.
Je crois avoir trouvé : déplacer ???
En tout cas voici le 1° rapport
SmitFraudFix v2.100
Rapport fait à 18:15:44,84, jeu. 28/09/2006
Executé à partir de C:\Documents and Settings\luc asselbergh\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\ot.ico PRESENT !
C:\WINDOWS\system32\simpole.tlb PRESENT !
C:\WINDOWS\system32\stdole3.tlb PRESENT !
C:\WINDOWS\system32\ts.ico PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\luc asselbergh
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\luc asselbergh\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\LUCASS~1\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\SpywareQuake.com\ PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5aaf6542-f4ba-4df4-873d-4902ecbe794c}"="acheweed"
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Bonne nouvelle, j'ai trouvé le mode sans échec !
Après quelques essais je suis quand même arrivée à avoir le rapport n° 2
SmitFraudFix v2.100
Rapport fait à 19:22:20,34, jeu. 28/09/2006
Executé à partir de C:\Documents and Settings\luc asselbergh\Bureau\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{5aaf6542-f4ba-4df4-873d-4902ecbe794c}"="acheweed"
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\system32\ot.ico supprimé
C:\WINDOWS\system32\simpole.tlb supprimé
C:\WINDOWS\system32\stdole3.tlb supprimé
C:\WINDOWS\system32\ts.ico supprimé
C:\Program Files\SpywareQuake.com\ supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Bon courage, en attendant l'étape suivante !
Merci
Je suis ravie de l'instruction, ça fera le plus grand bien à mon mari.
Je l'aurais juré que cela proviendrait de ces sites .
Voilà le nouveau rapport, et je reste dans l'attente de la suite
Logfile of HijackThis v1.99.1
Scan saved at 18:09:57, on 3/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\DSentry.exe
C:\WINDOWS\system32\gsicon.exe
C:\WINDOWS\system32\dslagent.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
C:\Program Files\Camfrog\Camfrog Video Chat 3.72\Camfrog Video Chat.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\WX2JCP6N\HijackThis[1].exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [sp2ctr] c:\windows\system32\sp2ctr.exe /nocomm
O4 - HKLM\..\Run: [EvtHtm] c:\windows\system32\evthtm.exe /nocomm
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [dxvid] c:\windows\system32\dxvid.exe /nocomm
O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\IPYCVQRC\WFI_FRA[1].exe"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\MHPD03KX\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [MailSkinner] c:\program files\mailskinner\mailskinner.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat 3.72\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat 3.72\Camfrog Video Chat.exe
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb00136
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.linkautomatici.com
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.sgrunt.biz
O15 - Trusted Zone: www.skymasters.biz
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://kit.carpediem.fr/10083/perversion-fetish.exe
O16 - DPF: {01BE5BD7-B2DD-48B3-A759-59265A91E787} - http://akamai.downloadv3.com/binaries/EGDAccess/EGDACCE...
O16 - DPF: {02C20140-76F8-4763-83D5-B660107B7A90} (Moniker32 Class) - http://63.219.181.7/cax.cab
O16 - DPF: {04CCFF26-7D52-4E42-BF6A-F8ECE0896EB7} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACC...
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} (EGEGAUTH Class) - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_...
O16 - DPF: {0E4796D6-A990-4372-9069-72FBDB4AE868} - http://www.one2one.com/static/class/one2oneSvc.cab
O16 - DPF: {14325268-79E0-4D2A-89A4-FFFC6E22741E} - http://akamai.downloadv3.com/binaries/LiveService/LiveS...
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/AgeVerifier/ie/bridge...
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/...
O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binaries/IA/netia32_FR_XP....
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {3DAD912E-D2B9-4323-B7C9-7F2C5CC0C57B} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACC...
O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://63.217.31.12/dial/058361be.exe
O16 - DPF: {50AD557E-3426-41FD-AFDD-2AF39BB1C387} - http://akamai.downloadv3.com/binaries/LiveService/LiveS...
O16 - DPF: {7CAA184C-91E7-4E84-8681-32F2A0D68DF1} (Apollon Class) - http://htmldialer.parisvoyeur.com/CABSPOLY/cd/1,0,3,8/f...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.f5biz.com/dial/htm/WebInstall.dll
O16 - DPF: {83252F41-71B7-492E-8B2E-A68AA3E301E7} (Ulysse Class) - http://htmldialer.parisvoyeur.com/CABSPOLY/cd/1,0,3,8/f...
O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx
O16 - DPF: {8B3B8135-9DAA-40E7-8941-962795F9C1CB} - http://scripts.downloadv3.com/binaries/IA/syswbsvc32_FR...
O16 - DPF: {91BE8DAC-957E-416C-B735-E2B63CDB915B} (MyEMessengerSetup Control) - http://www.myemessenger.com/activex/MyEMessengerSetupPr...
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - http://akamai.downloadv3.com/binaries/LiveService/LiveS...
O16 - DPF: {95460ABD-946A-46FF-9F56-268718323EEE} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACC...
O16 - DPF: {B2B0AEDF-7CDF-4792-BB67-7654AD1E1B13} - http://scripts.downloadv3.com/binaries/IA/sysinetsvc32_...
O16 - DPF: {BA749BC1-143E-430D-B1DA-1D2AF67A3658} - http://scripts.downloadv3.com/binaries/EGDAccess/EGDACC...
O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} - http://www.edipole.fr/getkits/pasx/pasx01.exe
O16 - DPF: {CEFB7B49-9652-464F-8AFD-A577C0500F39} (EGP2ECOM Class) - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_...
O16 - DPF: {D8B94E9A-A34B-4253-BF48-C7CB7F2CFDB0} - http://scripts.downloadv3.com/binaries/P2EClient/EGAUTH...
O16 - DPF: {E8EDB60C-951E-4130-93DC-FAF1AD25F8E7} - http://xbs.sea.mtree.com/mt/dialers/fc/UniDistIO.CAB
O16 - DPF: {EAAB55CB-9D6E-457A-A10B-4AAEC8317CFC} - http://akamai.downloadv3.com/binaries/LiveService/LiveS...
O16 - DPF: {EEECA057-AD0F-44A7-8BE5-8634CEDBDBD1} - http://akamai.downloadv3.com/binaries/IA/netpe32_FR_XP....
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/i...
O17 - HKLM\System\CCS\Services\Tcpip\..\{E43F592B-9B37-402D-8396-DAE4891A6512}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: bw+0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
On continue.
Télécharge Blacklight (F-Secure), clique sur " I ACCEPT " en bas de la page :
Clique sur le premier " Download " afin de télécharger le programme
Sauvegarde le sur ton Bureau
Double-clique blbeta.exe et accepte la licence; clique Scan puis Next.
A la fin du scan, NE TOUCHE A RIEN !
Tu verras un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Nous devons analyser ce rapport, ferme donc le BlackLight.
Poste le rapport sur le forum.
Aide sur BlackLight de Malekal_Morte
Télécharge Blacklight (F-Secure), clique sur " I ACCEPT " en bas de la page :
Clique sur le premier " Download " afin de télécharger le programme
Sauvegarde le sur ton Bureau
Double-clique blbeta.exe et accepte la licence; clique Scan puis Next.
A la fin du scan, NE TOUCHE A RIEN !
Tu verras un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Nous devons analyser ce rapport, ferme donc le BlackLight.
Poste le rapport sur le forum.
Aide sur BlackLight de Malekal_Morte
désolée, je ne le fais pas exprès mais il me semble finalement y être arrivée.
Voici un rapport, j'espère que c'est le bon, il est assez court maisbon ...!.
Fais-moi savoir si non !
Si oui, j'attends la suite.
0/03/06 20:14:22 [Info]: BlackLight Engine 1.0.47 initialized
10/03/06 20:14:22 [Info]: OS: 5.1 build 2600 (Service Pack 2)
10/03/06 20:14:22 [Note]: 7019 4
10/03/06 20:14:22 [Note]: 7005 0
10/03/06 20:14:26 [Note]: 7006 0
10/03/06 20:14:26 [Note]: 7011 556
10/03/06 20:14:26 [Note]: 7026 0
10/03/06 20:14:26 [Note]: 7026 0
10/03/06 20:14:26 [Note]: 7024 3
10/03/06 20:14:26 [Info]: Hidden process: C:\windows\system32\jcvwkutfy.exe
10/03/06 20:14:26 [Note]: FSRAW library version 1.7.1020
10/03/06 20:17:47 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\jcvwkutfy.dat
10/03/06 20:17:47 [Note]: 10002 1
10/03/06 20:17:47 [Info]: Hidden file: C:\windows\system32\jcvwkutfy.exe
10/03/06 20:17:47 [Note]: 10002 1
10/03/06 20:17:48 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\jcvwkutfy_nav.dat
10/03/06 20:17:48 [Note]: 10002 1
10/03/06 20:17:48 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\jcvwkutfy_navps.dat
10/03/06 20:17:48 [Note]: 10002 1
10/03/06 20:18:06 [Info]: Hidden file: c:\WINDOWS\Prefetch\JCVWKUTFY.EXE-26C4EE5F.pf
10/03/06 20:18:06 [Note]: 10002 1
désolée, je ne le fais pas exprès mais il me semble finalement y être arrivée.
Voici un rapport, j'espère que c'est le bon, il est assez court maisbon ...!.
Fais-moi savoir si non !
Si oui, j'attends la suite.
0/03/06 20:14:22 [Info]: BlackLight Engine 1.0.47 initialized
10/03/06 20:14:22 [Info]: OS: 5.1 build 2600 (Service Pack 2)
10/03/06 20:14:22 [Note]: 7019 4
10/03/06 20:14:22 [Note]: 7005 0
10/03/06 20:14:26 [Note]: 7006 0
10/03/06 20:14:26 [Note]: 7011 556
10/03/06 20:14:26 [Note]: 7026 0
10/03/06 20:14:26 [Note]: 7026 0
10/03/06 20:14:26 [Note]: 7024 3
10/03/06 20:14:26 [Info]: Hidden process: C:\windows\system32\jcvwkutfy.exe
10/03/06 20:14:26 [Note]: FSRAW library version 1.7.1020
10/03/06 20:17:47 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\jcvwkutfy.dat
10/03/06 20:17:47 [Note]: 10002 1
10/03/06 20:17:47 [Info]: Hidden file: C:\windows\system32\jcvwkutfy.exe
10/03/06 20:17:47 [Note]: 10002 1
10/03/06 20:17:48 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\jcvwkutfy_nav.dat
10/03/06 20:17:48 [Note]: 10002 1
10/03/06 20:17:48 [Info]: Hidden file: c:\WINDOWS\SYSTEM32\jcvwkutfy_navps.dat
10/03/06 20:17:48 [Note]: 10002 1
10/03/06 20:18:06 [Info]: Hidden file: c:\WINDOWS\Prefetch\JCVWKUTFY.EXE-26C4EE5F.pf
10/03/06 20:18:06 [Note]: 10002 1
C'est bon ![;)]( ";)")
Pourquoi vouloir un rapport long, tu veux qu'on ait plus de boulot ?![:)]( ":)")
La procédure est longue et en partie en mode sans échec,
imprime ou mets dans un fichier texte les instructions.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.
Télécharge:
Brute Force Uninstaller
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)
FAIS UN CLIC-DROIT ICI et choisis "Enregistrer la cible sous..." afin de
télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).
Ouvre le Bloc-Notes et copie-colle les lignes en bleu ci-dessous :
RegDeleteKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jcvwkutfy
RegDelValue HKLM\Software\Microsoft\Windows\CurrentVersion\Run|jcvwkutfy
FileDelete %SYSDIR%\jcvwkutfy_navps.dat
FileDelete %SYSDIR%\jcvwkutfy_nav.dat
FileDelete %SYSDIR%\jcvwkutfy.dat
FileDelete %SYSDIR%\jcvwkutfy.exe
FileDelete %WINDIR%\PREFETCH\jcvwkutfy.exe*.pf
SystemEmptyRecycleBin
FileDelete C:\egd.txt
SystemRun regedit|/e C:\egd.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"|0
OptionBFUExit
Sauvegarde dans le dossier créé (C:\BFU) (Nom du fichier : "Fixme.bfu " -sans inclure les guillemets- ; Type : Tous les fichiers).
Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)
- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :
EGDACCESS.bfu
- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.
Clique Exit pour fermer le programme BFU.
Relance ensuite BFU
- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :
Fixme.bfu
Clique sur Execute et laisse-le faire son travail.
Redémarre normalement.
Poste les rapports situés ici :
C:\egd.txt
accompagné d'un rapport Hijackthis.
NOTE :
Si tu ne sais pas où trouver le Bloc-Notes, voici comment le trouver rapidement :
Démarrer-> Exécuter...-> Tape Notepad puis valide
Pourquoi vouloir un rapport long, tu veux qu'on ait plus de boulot ?
La procédure est longue et en partie en mode sans échec,
imprime ou mets dans un fichier texte les instructions.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.
Télécharge:
Brute Force Uninstaller
Créé un nouveau dossier directement sur le C:\ et nomme-le BFU. Décompresse le fichier téléchargé dans ce nouveau dossier (C:\BFU)
FAIS UN CLIC-DROIT ICI et choisis "Enregistrer la cible sous..." afin de
télécharger EGDACCESS.bfu (de Metallica). Sauvegarde dans le dossier créé (C:\BFU). **Note : si tu utlises Internet Explorer; lors de la sauvegarde, assure-toi que le champs "Type :" affiche "Tous les fichiers". Tu dois maintenant avoir deux fichiers dans le dossier C:\BFU : EGDACCESS.bfu et BFU.exe (très important).
Ouvre le Bloc-Notes et copie-colle les lignes en bleu ci-dessous :
RegDeleteKey HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\jcvwkutfy
RegDelValue HKLM\Software\Microsoft\Windows\CurrentVersion\Run|jcvwkutfy
FileDelete %SYSDIR%\jcvwkutfy_navps.dat
FileDelete %SYSDIR%\jcvwkutfy_nav.dat
FileDelete %SYSDIR%\jcvwkutfy.dat
FileDelete %SYSDIR%\jcvwkutfy.exe
FileDelete %WINDIR%\PREFETCH\jcvwkutfy.exe*.pf
SystemEmptyRecycleBin
FileDelete C:\egd.txt
SystemRun regedit|/e C:\egd.txt "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"|0
OptionBFUExit
Sauvegarde dans le dossier créé (C:\BFU) (Nom du fichier : "Fixme.bfu " -sans inclure les guillemets- ; Type : Tous les fichiers).
Redémarre en mode Sans Échec : au redémarrage, tapote immédiatement la touche F8; tu verras un écran avec choix de démarrages apparaître. Utilisant les flèches du clavier, choisis "Mode Sans Échec" et valide avec "Entrée". Choisis ton compte usuel, et non Administrateur.
Démarre le "Brute Force Uninstaller" en double-cliquant BFU.exe (du dossier C:\BFU)
- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :
EGDACCESS.bfu
- Dans la boîte "Scriptline to execute", tu devrais maintenant voir ceci : C:\BFU\EGDACCESS.bfu
Clique sur Execute et laisse-le faire son travail.
Attendre que Complete script execution apparaîsse et clique sur OK.
Clique Exit pour fermer le programme BFU.
Relance ensuite BFU
- Clique sur le petit dossier jaune, à la droite de la boîte Scriptline to execute, et double-clique sur :
Fixme.bfu
Clique sur Execute et laisse-le faire son travail.
Redémarre normalement.
Poste les rapports situés ici :
C:\egd.txt
accompagné d'un rapport Hijackthis.
NOTE :
Si tu ne sais pas où trouver le Bloc-Notes, voici comment le trouver rapidement :
Démarrer-> Exécuter...-> Tape Notepad puis valide
Oui, bien reçu ! merci
Avant de commencer, donc, si j'ai bien compris, après sauvegarde sur le c:\BFU, je ferme le poste et je redémarre
Combien de temps doit +/- durer ce boulot que je sache de combien je dois disposer de temps sans interruption; il faut bien faire le souper aussi ( petit bonhomme qui rit !!!)
Avant de commencer, donc, si j'ai bien compris, après sauvegarde sur le c:\BFU, je ferme le poste et je redémarre
Combien de temps doit +/- durer ce boulot que je sache de combien je dois disposer de temps sans interruption; il faut bien faire le souper aussi ( petit bonhomme qui rit !!!)
Help !!
Bon !!! lancement avorté !
Je cherche BFU, je clique sur la pastille rouge "download, il me place dans un autre écran avec entête "softias ou quelquechose comme ça", là, il y a des consignes à lire pour les Windows XP afin d'autoriser temporairement ce chargement mais je ne trouve pas la petite icone qui devrait être sous l'adresse pour permettre de lancer le téléchargement.
Qu'est ce que je pourrais faire de travers ?
me revoilà !!!Problème du téléchargement résolu !
Si cela peut vous aider: sur le site BFU via softpedia, cliquer sur le bouton rouge download puis sur la seconde page, cliquer sur "internal mirror 1" et c'est parti !!!
Par contre maintenant, je ne sais pas le décompresser.avez-vous une idée ???? le double clic ne suffit pas.
Me revoilà !
Je te poste le rapport ci-dessous.
Avant, je voudrais juste te donner les quelques tuyaux que j'ai trouvé. Cela pourrait rendre la tâche plus facile à d'autres pas trop doués comme moi.
1° pour télécharger BFU, via softpedia, il faut donc cliquer sur le bouton rouge "download" et sur l'écran suivant, sur "Internal Mirror 1" et ça va tout seul !
2° j'ai eu quelques soucis aussi pour décompresser le BFU. Ici, télécharger "winzip" et le faire tourner sur le BFU et c'est fait !
Pour le reste, il n'y a eu qu'à suivre votre procédure. C'est très bien expliqué, comme d'hab et ça ne prend pas 1h quand BFU est téléchargé et décompressé.
Voici donc les deux rapports et à très bientôt pour la suite,
PS: mon mari est toujours à la diette
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\\WINDOWS\\system32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\system32\\hkcmd.exe"
"SunJavaUpdateSched"="C:\\Program Files\\Java\\j2re1.4.2_03\\bin\\jusched.exe"
"dla"="C:\\WINDOWS\\system32\\dla\\tfswctrl.exe"
"StorageGuard"="\"C:\\Program Files\\Fichiers communs\\Sonic\\Update Manager\\sgtray.exe\" /r"
"PCMService"="\"C:\\Program Files\\Dell\\Media Experience\\PCMService.exe\""
"DVDSentry"="C:\\WINDOWS\\System32\\DSentry.exe"
"GSICONEXE"="gsicon.exe"
"DSLAGENTEXE"="dslagent.exe USB"
"MyWebSearch Email Plugin"="C:\\PROGRA~1\\MYWEBS~1\\bar\\1.bin\\mwsoemon.exe"
"sp2ctr"="c:\\windows\\system32\\sp2ctr.exe /nocomm"
"EvtHtm"="c:\\windows\\system32\\evthtm.exe /nocomm"
"EPSON Stylus C46 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_S4I0T1.EXE /P23 \"EPSON Stylus C46 Series\" /O6 \"USB001\" /M \"Stylus C46\""
"dxvid"="c:\\windows\\system32\\dxvid.exe /nocomm"
"NI.UWFX5V_0001_0802"="\"C:\\Documents and Settings\\luc asselbergh\\Local Settings\\Temporary Internet Files\\Content.IE5\\IPYCVQRC\\WFI_FRA[1].exe\""
"NI.UWFX5V_0001_LP"="\"C:\\Documents and Settings\\luc asselbergh\\Local Settings\\Temporary Internet Files\\Content.IE5\\MHPD03KX\\WinFixer2005ScannerInstallFRA[1].exe\""
"LVCOMSX"="C:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="C:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="C:\\Program Files\\Logitech\\Video\\LogiTray.exe"
"WinampAgent"="C:\\Program Files\\Winamp\\winampa.exe"
"avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
"!ewido"="\"C:\\Program Files\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"
Logfile of HijackThis v1.99.1
Scan saved at 11:35:14, on 8/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\DSentry.exe
C:\WINDOWS\system32\gsicon.exe
C:\WINDOWS\system32\dslagent.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Camfrog\Camfrog Video Chat 3.72\Camfrog Video Chat.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\WINZIP\winzip32.exe
C:\Documents and Settings\luc asselbergh\Mes documents\Unzipped\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [sp2ctr] c:\windows\system32\sp2ctr.exe /nocomm
O4 - HKLM\..\Run: [EvtHtm] c:\windows\system32\evthtm.exe /nocomm
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [dxvid] c:\windows\system32\dxvid.exe /nocomm
O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\IPYCVQRC\WFI_FRA[1].exe"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\MHPD03KX\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat 3.72\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat 3.72\Camfrog Video Chat.exe
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb00136
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.linkautomatici.com
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.sgrunt.biz
O15 - Trusted Zone: www.skymasters.biz
O15 - Trusted Zone: http://www.softpedia.com
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://kit.carpediem.fr/10083/perversion-fetish.exe
O16 - DPF: {02C20140-76F8-4763-83D5-B660107B7A90} (Moniker32 Class) - http://63.219.181.7/cax.cab
O16 - DPF: {0E4796D6-A990-4372-9069-72FBDB4AE868} - http://www.one2one.com/static/class/one2oneSvc.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/AgeVerifier/ie/bridge...
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/...
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://63.217.31.12/dial/058361be.exe
O16 - DPF: {7CAA184C-91E7-4E84-8681-32F2A0D68DF1} (Apollon Class) - http://htmldialer.parisvoyeur.com/CABSPOLY/cd/1,0,3,8/f...
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.f5biz.com/dial/htm/WebInstall.dll
O16 - DPF: {83252F41-71B7-492E-8B2E-A68AA3E301E7} (Ulysse Class) - http://htmldialer.parisvoyeur.com/CABSPOLY/cd/1,0,3,8/f...
O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx
O16 - DPF: {91BE8DAC-957E-416C-B735-E2B63CDB915B} (MyEMessengerSetup Control) - http://www.myemessenger.com/activex/MyEMessengerSetupPr...
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - http://akamai.downloadv3.com/binaries/LiveService/LiveS...
O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} - http://www.edipole.fr/getkits/pasx/pasx01.exe
O16 - DPF: {E8EDB60C-951E-4130-93DC-FAF1AD25F8E7} - http://xbs.sea.mtree.com/mt/dialers/fc/UniDistIO.CAB
O16 - DPF: {EAAB55CB-9D6E-457A-A10B-4AAEC8317CFC} - http://akamai.downloadv3.com/binaries/LiveService/LiveS...
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/i...
O17 - HKLM\System\CCS\Services\Tcpip\..\{E43F592B-9B37-402D-8396-DAE4891A6512}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: bw+0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O16 - DPF: {7CAA184C-91E7-4E84-8681-32F2A0D68DF1} (Apollon Class) - http://htmldialer.parisvoyeur.com/ [...] Daphne.cab
Encore des pornos ^^
Encore des pornos ^^
Désolé du retard.
La procédure est longue et en partie en mode sans échec,
imprime ou mets dans un fichier texte les instructions.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.
Télécharge:
Ccleaner
Installe le dans un répertoire dédié.
Lors de l'installation décoche: "Ajouter la Barre d'Outils Yahoo! Ccleaner"
Aide sur Ccleaner de Rub_Mic
Clean.zip (de Malekal),
décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
Redémarre en mode sans échec
Ferme TOUS les fenêtres ouvertes (sauf Hijackthis)
et les logiciels de protection en temps réel (antivirus...)
- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLLB
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [sp2ctr] c:\windows\system32\sp2ctr.exe /nocomm
O4 - HKLM\..\Run: [EvtHtm] c:\windows\system32\evthtm.exe /nocomm
O4 - HKLM\..\Run: [dxvid] c:\windows\system32\dxvid.exe /nocomm
O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\IPYCVQRC\WFI_FRA[1].exe"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\MHPD03KX\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.linkautomatici.com
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.sgrunt.biz
O15 - Trusted Zone: www.skymasters.biz
O15 - Trusted Zone: http://www.softpedia.com
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://kit.carpediem.fr/10083/perversion-fetish.exe
O16 - DPF: {02C20140-76F8-4763-83D5-B660107B7A90} (Moniker32 Class) - http://63.219.181.7/cax.cab
O16 - DPF: {0E4796D6-A990-4372-9069-72FBDB4AE868} - http://www.one2one.com/static/class/one2oneSvc.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/ [...] e-c420.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocac [...] .0.0.8.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://63.217.31.12/dial/058361be.exe
O16 - DPF: {7CAA184C-91E7-4E84-8681-32F2A0D68DF1} (Apollon Class) - http://htmldialer.parisvoyeur.com/ [...] Daphne.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.f5biz.com/dial/htm/WebInstall.dll
O16 - DPF: {83252F41-71B7-492E-8B2E-A68AA3E301E7} (Ulysse Class) - http://htmldialer.parisvoyeur.com/ [...] nelope.cab
O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx
O16 - DPF: {91BE8DAC-957E-416C-B735-E2B63CDB915B} (MyEMessengerSetup Control) - http://www.myemessenger.com/active [...] roject.cab
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} - http://www.edipole.fr/getkits/pasx/pasx01.exe
O16 - DPF: {E8EDB60C-951E-4130-93DC-FAF1AD25F8E7} - http://xbs.sea.mtree.com/mt/dialers/fc/UniDistIO.CAB
O16 - DPF: {EAAB55CB-9D6E-457A-A10B-4AAEC8317CFC} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/conten [...] loader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E43F592B-9B37-402D-8396-DAE4891A6512}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: bw+0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
Clique sur Fix checked (en bas à gauche)
- Assure toi d'avoir accès aux dossiers/fichiers cachés
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation
- Suppime ces fichiers et/ou dossiers s'ils existent encore :
c:\windows\system32\sp2ctr.exe
c:\windows\system32\evthtm.exe
c:\windows\system32\dxvid.exe
c\program files\mywebsearch
- Lance un nettoyage Ccleaner :
Clique sur le bouton "Analyse" puis "Lancer le Néttoyage"
- Ouvre le dossier clean qui se trouve sur ton bureau, et double-clic sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laisse la ouverte.
Redémarre normalement.
- Poste un nouveau rapport Hijackthis.
- Le rapport clean : Poste de travail / double clic sur disque C / double-clic sur rapport_clean.txt et copier/coller le contenu ici C:\rapport_clean.txt
Télécharge Blacklight (F-Secure), clique sur " I ACCEPT " en bas de la page :
Clique sur le premier " Download " afin de télécharger le programme
Sauvegarde le sur ton Bureau
Double-clique blbeta.exe et accepte la licence; clique Scan puis Next.
A la fin du scan, NE TOUCHE A RIEN !
Tu verras un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Nous devons analyser ce rapport, ferme donc le BlackLight.
Poste le rapport sur le forum.
Aide sur BlackLight de Malekal_Morte
La procédure est longue et en partie en mode sans échec,
imprime ou mets dans un fichier texte les instructions.
Les manipulations sont à faire sans interruption et dans l'ordre.
Si tu ne comprends pas quelque chose, demande des explications avant de commencer.
Télécharge:
Ccleaner
Installe le dans un répertoire dédié.
Lors de l'installation décoche: "Ajouter la Barre d'Outils Yahoo! Ccleaner"
Aide sur Ccleaner de Rub_Mic
Clean.zip (de Malekal),
décompresse-le sur ton bureau (clic droit / extraire tout), tu dois obtenir un dossier clean.
Redémarre en mode sans échec
Ferme TOUS les fenêtres ouvertes (sauf Hijackthis)
et les logiciels de protection en temps réel (antivirus...)
- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {008DB894-99ED-445D-8547-0E7C9808898D} - (no file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLLB
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [sp2ctr] c:\windows\system32\sp2ctr.exe /nocomm
O4 - HKLM\..\Run: [EvtHtm] c:\windows\system32\evthtm.exe /nocomm
O4 - HKLM\..\Run: [dxvid] c:\windows\system32\dxvid.exe /nocomm
O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\IPYCVQRC\WFI_FRA[1].exe"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\MHPD03KX\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - Global Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O15 - Trusted Zone: www.archiviosex.net
O15 - Trusted Zone: www.linkautomatici.com
O15 - Trusted Zone: www.redfunny.com
O15 - Trusted Zone: www.sgrunt.biz
O15 - Trusted Zone: www.skymasters.biz
O15 - Trusted Zone: http://www.softpedia.com
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} - http://kit.carpediem.fr/10083/perversion-fetish.exe
O16 - DPF: {02C20140-76F8-4763-83D5-B660107B7A90} (Moniker32 Class) - http://63.219.181.7/cax.cab
O16 - DPF: {0E4796D6-A990-4372-9069-72FBDB4AE868} - http://www.one2one.com/static/class/one2oneSvc.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/ [...] e-c420.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocac [...] .0.0.8.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {42F2D240-B23C-11D6-8C73-70A05DC10000} - http://63.217.31.12/dial/058361be.exe
O16 - DPF: {7CAA184C-91E7-4E84-8681-32F2A0D68DF1} (Apollon Class) - http://htmldialer.parisvoyeur.com/ [...] Daphne.cab
O16 - DPF: {7DBFDA8E-D33B-11D4-9269-00600868E56E} (WWWInstall Class) - http://www.f5biz.com/dial/htm/WebInstall.dll
O16 - DPF: {83252F41-71B7-492E-8B2E-A68AA3E301E7} (Ulysse Class) - http://htmldialer.parisvoyeur.com/ [...] nelope.cab
O16 - DPF: {841A9192-5690-11D4-A258-0040954A01BE} (DialXSCtl Object) - http://dialxs.nl/install/dialxs.ocx
O16 - DPF: {91BE8DAC-957E-416C-B735-E2B63CDB915B} (MyEMessengerSetup Control) - http://www.myemessenger.com/active [...] roject.cab
O16 - DPF: {94F5DCB7-816C-4B94-A2C1-856C6E323C5B} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} - http://www.edipole.fr/getkits/pasx/pasx01.exe
O16 - DPF: {E8EDB60C-951E-4130-93DC-FAF1AD25F8E7} - http://xbs.sea.mtree.com/mt/dialers/fc/UniDistIO.CAB
O16 - DPF: {EAAB55CB-9D6E-457A-A10B-4AAEC8317CFC} - http://akamai.downloadv3.com/binar [...] _FR_XP.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/conten [...] loader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{E43F592B-9B37-402D-8396-DAE4891A6512}: NameServer = 195.238.2.22 195.238.2.21
O18 - Protocol: bw+0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {816B2097-6AE8-4A1D-BD51-D0623CA91F61} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
Clique sur Fix checked (en bas à gauche)
- Assure toi d'avoir accès aux dossiers/fichiers cachés
-> Démarrer
-> Panneau de configuration
-> Options des Dossiers, onglet Affichage :
. Clique sur Afficher les dossiers cachés
. Décoche Masquer les extensions des fichiers dont le type est connu
. Décoche Masquer les fichiers protégés du système d'exploitation
- Suppime ces fichiers et/ou dossiers s'ils existent encore :
c:\windows\system32\sp2ctr.exe
c:\windows\system32\evthtm.exe
c:\windows\system32\dxvid.exe
c\program files\mywebsearch
- Lance un nettoyage Ccleaner :
Clique sur le bouton "Analyse" puis "Lancer le Néttoyage"
- Ouvre le dossier clean qui se trouve sur ton bureau, et double-clic sur clean.cmd, une fenêtre noire va apparaître pendant un instant, laisse la ouverte.
Redémarre normalement.
- Poste un nouveau rapport Hijackthis.
- Le rapport clean : Poste de travail / double clic sur disque C / double-clic sur rapport_clean.txt et copier/coller le contenu ici C:\rapport_clean.txt
Télécharge Blacklight (F-Secure), clique sur " I ACCEPT " en bas de la page :
Clique sur le premier " Download " afin de télécharger le programme
Sauvegarde le sur ton Bureau
Double-clique blbeta.exe et accepte la licence; clique Scan puis Next.
A la fin du scan, NE TOUCHE A RIEN !
Tu verras un rapport, sur ton Bureau, nommé fsbl.xxxxxxx.log (les xxxxxxx sont des chiffres).
Nous devons analyser ce rapport, ferme donc le BlackLight.
Poste le rapport sur le forum.
Aide sur BlackLight de Malekal_Morte
Je me suis assurée d'avoir accès aux fichiers cachés.
Vu la longueur du boulot, je ne pourrai sans doute pas le faire avant vendredi. Patience donc s'il te plait.
Au vu de ton message, c'est quasiment tout le rapport Hijakthis qu'il faut cocher .... ou je me trompe ???
Je fais ça au plus vite mais demain soir, ce ne sera sans doute pas possible.
pour finir, j'ai trouvé !!!
Je ne sais pas si tout c'est bien passé car cela a été parfois un peu différent de ce que tu disais !
Voici donc les rapports et si quelque chose n'allait pas, dis-moi, s'il te plait,ce que je dois faire pour corriger.
Logfile of HijackThis v1.99.1
Scan saved at 20:20:51, on 13/10/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\DSentry.exe
C:\WINDOWS\system32\gsicon.exe
C:\WINDOWS\system32\dslagent.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\Winamp\winampa.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Logitech\Profiler\lwemon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Camfrog\Camfrog Video Chat 3.72\Camfrog Video Chat.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Documents and Settings\luc asselbergh\Bureau\scanner.exe.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [GSICONEXE] gsicon.exe
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [EPSON Stylus C46 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I0T1.EXE /P23 "EPSON Stylus C46 Series" /O6 "USB001" /M "Stylus C46"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\IPYCVQRC\WFI_FRA[1].exe"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\MHPD03KX\WinFixer2005ScannerInstallFRA[1].exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKCU\..\Run: [Start WingMan Profiler] "C:\Program Files\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe"
O4 - HKCU\..\Run: [Camfrog] "C:\Program Files\Camfrog\Camfrog Video Chat 3.72\CamfrogNet.exe" 0 C:\Program Files\Camfrog\Camfrog Video Chat 3.72\Camfrog Video Chat.exe
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb00136
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
Ensuite ....
cript clean par Malekal_morte - http://www.malekal.com
Microsoft Windows XP [version 5.1.2600]
Script execute en mode sans echec
*** Suppression de fichiers sur C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des clefs du registre effectuee..
et enfin blacklight
0/13/06 20:26:10 [Info]: BlackLight Engine 1.0.47 initialized
10/13/06 20:26:10 [Info]: OS: 5.1 build 2600 (Service Pack 2)
10/13/06 20:26:10 [Note]: 7019 4
10/13/06 20:26:10 [Note]: 7005 0
10/13/06 20:26:13 [Note]: 7006 0
10/13/06 20:26:13 [Note]: 7011 416
10/13/06 20:26:13 [Note]: 7026 0
10/13/06 20:26:13 [Note]: 7026 0
10/13/06 20:26:28 [Note]: FSRAW library version 1.7.1020
J'espère que tout ira bien, bonne analyse à l'équipe et à bientôt,
Bon WE,
Re,
- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :
O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\IPYCVQRC\WFI_FRA[1].exe"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\MHPD03KX\WinFixer2005ScannerInstallFRA[1].exe"
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusea [...] ZSzeb00136
Clique sur Fix checked (en bas à gauche)
Supprime :
C:\Program Files\MyWebSearch\
Vide :
C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\
- Lance Hijackthis ->Do a system scan only
->Coche les lignes ci-dessous :
O4 - HKLM\..\Run: [NI.UWFX5V_0001_0802] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\IPYCVQRC\WFI_FRA[1].exe"
O4 - HKLM\..\Run: [NI.UWFX5V_0001_LP] "C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\MHPD03KX\WinFixer2005ScannerInstallFRA[1].exe"
O4 - Startup: MyWebSearch Email Plugin.lnk = C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusea [...] ZSzeb00136
Clique sur Fix checked (en bas à gauche)
Supprime :
C:\Program Files\MyWebSearch\
Vide :
C:\Documents and Settings\luc asselbergh\Local Settings\Temporary Internet Files\Content.IE5\
Bonsoir,
Sorry, cette fois, c'était mon tour d'être fort occupée.
Alors, je fais tourner Hijakthis et scan only.
Je "fix checked"
Ensuite, il me demande si je veux supprimer ou réparer les fichiers checkés puis après avoir dit Yes, il me dit que des erreurs sont arrivées. Je dis Yes pour continuer.
Je ne vois pas où je dois aller pour "supprimer C:\program files\myweb search, ni où je dois vider L'autre fichier.
Rien de tel ne m'est proposé via le Hijakthis
J'ai relancé Hijaktis pour voir la différence et les deux premières lignes commencant par 04 sont toujours là mais pas les 2 autres.
Est-ce normal et ou dois-je aller pour supprimer et vider ???
Merci à toi,
Lassé par la pub ? Créez un compte
