[RESOLU]probleme msn (C:\WINDOWS\retadpu1000627.exe\[UPX])
Dernière réponse : dans Sécurité
On m'a envoyé une adresse en me disant que c'était une photo de moi. Je l'ai ouvert et la ... PAF !!! Un virus.
AIDEZ MOI SVP
Voici le rapport d'hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 23:02:34, on 25/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\lxcecoms.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Electronic Arts\EA Link\Core.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Maxime\services.exe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Draw Scr Ford Eggs] C:\Documents and Settings\All Users\Application Data\Bone Open Draw Scr\skip wait.exe
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [phonebuild] C:\DOCUME~1\Maxime\APPLIC~1\Gplfirst\rdr dart itch.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WINDOWS\system32\agxrckml.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
AIDEZ MOI SVP
Voici le rapport d'hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 23:02:34, on 25/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\lxcecoms.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Electronic Arts\EA Link\Core.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Maxime\services.exe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Draw Scr Ford Eggs] C:\Documents and Settings\All Users\Application Data\Bone Open Draw Scr\skip wait.exe
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [phonebuild] C:\DOCUME~1\Maxime\APPLIC~1\Gplfirst\rdr dart itch.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WINDOWS\system32\agxrckml.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Autres pages sur : resolu probleme msn windows retadpu1000627 exe upx
Lassé par la pub ? Créez un compte
et voici le rapport de "clean"
25/06/2007 a 23:19:51,60
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\windebug.log FOUND
C:\WINDOWS\windebug.log FOUND
*** Recherche des fichiers dans C:\WINDOWS\system32
"C:\Documents and Settings\Maxime\Application Data\ezpinst.exe" FOUND
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Adverts\" FOUND
"C:\Program Files\PartyGaming.Net\" FOUND
"C:\Program Files\WebMediaPlayer\" FOUND
*** Fin du rapport !
25/06/2007 a 23:19:51,60
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
C:\WINDOWS\windebug.log FOUND
C:\WINDOWS\windebug.log FOUND
*** Recherche des fichiers dans C:\WINDOWS\system32
"C:\Documents and Settings\Maxime\Application Data\ezpinst.exe" FOUND
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Adverts\" FOUND
"C:\Program Files\PartyGaming.Net\" FOUND
"C:\Program Files\WebMediaPlayer\" FOUND
*** Fin du rapport !
et msn fix
MSN_Fix 1.326
C:\Documents and Settings\Maxime\Bureau\MSNFix\MSNFix
Fix exécuté le 25/06/2007 - 23:23:33,87 By Maxime
mode normal
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://246694.aceboard.fr
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
MSN_Fix 1.326
C:\Documents and Settings\Maxime\Bureau\MSNFix\MSNFix
Fix exécuté le 25/06/2007 - 23:23:33,87 By Maxime
mode normal
************************ Recherche les fichiers présents
Aucun Fichier trouvé
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://246694.aceboard.fr
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
Un bonjour ? De la patience ?
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
Search Navipromo version 2.0.3 commencé le 26/06/2007 à 19:49:00,42
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
WebMediaPlayer
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
C:\Program Files\WebMediaPlayer trouvé !
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\Maxime\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
http://www.f-secure.com/blacklight/blacklight_help.html
Fichier(s) caché(s) dans C:\WINDOWS\system32 :
c:\WINDOWS\system32\kcbbnpq.dat
C:\windows\system32\kcbbnpq.exe
c:\WINDOWS\system32\kcbbnpq_nav.dat
c:\WINDOWS\system32\kcbbnpq_navps.dat
Processus caché(s) dans C:\WINDOWS\system32 :
C:\windows\system32\kcbbnpq.exe
*** Recherche fichiers ***
C:\DOCUME~1\Maxime\Bureau\WebMediaPlayer.lnk trouvé !
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
Recherche Clé Magic Control
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_USERS\S-1-5-21-602162358-1364589140-725345543-1003\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
C:\WINDOWS\system32\gjkmp.bak1 trouvé ! infection Vundo possible non traité par cet outil !
2)Recherche Heuristique :
*
C:\WINDOWS\system32\kcbbnpq.dat trouvé !
**
C:\WINDOWS\system32\kcbbnpq.dat trouvé !
***
****
C:\WINDOWS\system32\kcbbnpq_navps.dat trouvé !
*****
******
*******
********
*** Analyse Terminé le 26/06/2007 à 19:56:57,90 ***
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Poster ce rapport sur le forum pour le faire analyser !!!
!!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!!
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO
Executé en mode normal
*** Recherche Programmes installes ***
WebMediaPlayer
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
C:\Program Files\WebMediaPlayer trouvé !
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\Maxime\Application Data ***
*** Recherche avec BlackLight Engine/F-secure ***
BlackLight Engine est un produit de F-secure, pour + d'infos :
http://www.f-secure.com/blacklight/blacklight_help.html
Fichier(s) caché(s) dans C:\WINDOWS\system32 :
c:\WINDOWS\system32\kcbbnpq.dat
C:\windows\system32\kcbbnpq.exe
c:\WINDOWS\system32\kcbbnpq_nav.dat
c:\WINDOWS\system32\kcbbnpq_navps.dat
Processus caché(s) dans C:\WINDOWS\system32 :
C:\windows\system32\kcbbnpq.exe
*** Recherche fichiers ***
C:\DOCUME~1\Maxime\Bureau\WebMediaPlayer.lnk trouvé !
C:\WINDOWS\pack.epk trouvé !
C:\WINDOWS\system32\nvs2.inf trouvé !
*** Recherche cles registre ***
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs]
Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage]
Recherche Clé Magic Control
HKEY_CURRENT_USER\Software\Lanconfig trouvé !
HKEY_USERS\S-1-5-21-602162358-1364589140-725345543-1003\Software\Lanconfig trouvé !
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
C:\WINDOWS\system32\gjkmp.bak1 trouvé ! infection Vundo possible non traité par cet outil !
2)Recherche Heuristique :
*
C:\WINDOWS\system32\kcbbnpq.dat trouvé !
**
C:\WINDOWS\system32\kcbbnpq.dat trouvé !
***
****
C:\WINDOWS\system32\kcbbnpq_navps.dat trouvé !
*****
******
*******
********
*** Analyse Terminé le 26/06/2007 à 19:56:57,90 ***
Re,
Double clique sur le raccourci de Navilog1 présent sur ton Bureau.
Suis les instructions. Choisis ensuite l'option 2 puis valide.
Laisse toi guider et réponds aux questions éventuelles.
L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
Ferme Internet Explorer puis Démarrer/Panneau de Configuration/Options Internet.
Choisis l'onglet Contenu puis onglet Certificats.
Si tu trouves les programmes suivant (en particulier dans Editeurs approuvés), supprime-les :
electronic-group
egroup
Montorgueil
VIP
"Sunny Day Design Ltd"
Double clique sur le raccourci de Navilog1 présent sur ton Bureau.
Suis les instructions. Choisis ensuite l'option 2 puis valide.
Laisse toi guider et réponds aux questions éventuelles.
L'utilitaire va t'informer qu'il va redémarrer l'ordinateur.
[#ff0000]**Ferme toutes les fenêtres ouvertes et enregistre tes documents personnels ouverts**[/#f]
Appuie maintenant sur une touche, comme demandé.
(si ton PC ne redémarre pas automatiquement, fais-le manuellement)
Patiente jusqu'à l'apparition de ce message :
"*** Nettoyage Termine le ..... ***"
Le Bloc-notes va s'ouvrir.
Sauvegarde le rapport de manière à le retrouver.
Referme le Bloc-notes. Ton bureau va maintenant réapparaître.
NOTE : Si ton Bureau ne réapparait pas, appuie simultanément sur Ctrl+Alt+Suppr pour ouvrir le Gestionnaire des tâches.
Rends-toi sur l'onglet "Processus". Clique en haut à gauche sur Fichier et choisis "Exécuter..."
Tape explorer puis valide.
Poste le rapport sauvegardé auparavant (C:\cleannavi.txt)
Ainsi qu'un nouveau rapport Hijackthis.
Ferme Internet Explorer puis Démarrer/Panneau de Configuration/Options Internet.
Choisis l'onglet Contenu puis onglet Certificats.
Si tu trouves les programmes suivant (en particulier dans Editeurs approuvés), supprime-les :
electronic-group
egroup
Montorgueil
VIP
"Sunny Day Design Ltd"
Clean Navipromo version 2.0.3 commencé le 26/06/2007 à 20:30:13,65
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO
Mode suppression automatique avec prise en charge résultats Blacklight
*** Creation backups fichiers trouvés par Blacklight ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
*** Suppression des fichiers trouvés avec Blacklight ***
c:\WINDOWS\system32\kcbbnpq.dat supprimé !
C:\windows\system32\kcbbnpq.exe supprimé !
c:\WINDOWS\system32\kcbbnpq_nav.dat supprimé !
c:\WINDOWS\system32\kcbbnpq_navps.dat supprimé !
** 2ème passage **
C:\WINDOWS\system32\kcbbnpq.exe absent !
C:\WINDOWS\system32\kcbbnpq.dat absent !
C:\WINDOWS\system32\kcbbnpq_nav.dat absent !
C:\WINDOWS\system32\kcbbnpq_navps.dat absent !
C:\WINDOWS\system32\kcbbnpq_navup.dat absent !
C:\WINDOWS\system32\kcbbnpq_navtmp.dat absent !
C:\WINDOWS\system32\kcbbnpq_m2s.xml absent !
C:\WINDOWS\prefetch\kcbbnpq*.pf trouvé !
Copie C:\WINDOWS\prefetch\kcbbnpq*.pf réalise avec succes !
C:\WINDOWS\prefetch\kcbbnpq*.pf supprimé !
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
C:\Program Files\WebMediaPlayer ...suppression...
C:\Program Files\WebMediaPlayer supprimé !
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\Maxime\Application Data ***
*** Suppression fichiers ***
C:\DOCUME~1\Maxime\Bureau\WebMediaPlayer.lnk supprimé !
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Maxime\Local Settings\Temp effectué !
*** Sauvegarde du registre vers dossier Backupnavi***
sauvegarde du registre réalise avec succes !
*** Nettoyage registre ***
Nettoyage registre Ok
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
C:\WINDOWS\system32\gjkmp.bak1 trouvé ! infection Vundo possible non traité par cet outil !
2)Recherche et Suppression Heuristique :
*
**
***
****
*****
******
*******
********
3)Contrôle présence clés Rootkit dans le registre :
Aucune autre clés présente dans le registre !
*** Nettoyage termine le 26/06/2007 à 20:34:31,46 ***
Fix lancé depuis C:\Program Files\navilog1
Mise a jour le 08.06.2007 a 17h00 by IL-MAFIOSO
Mode suppression automatique avec prise en charge résultats Blacklight
*** Creation backups fichiers trouvés par Blacklight ***
Copie vers "C:\Program Files\navilog1\Backupnavi"
*** Suppression des fichiers trouvés avec Blacklight ***
c:\WINDOWS\system32\kcbbnpq.dat supprimé !
C:\windows\system32\kcbbnpq.exe supprimé !
c:\WINDOWS\system32\kcbbnpq_nav.dat supprimé !
c:\WINDOWS\system32\kcbbnpq_navps.dat supprimé !
** 2ème passage **
C:\WINDOWS\system32\kcbbnpq.exe absent !
C:\WINDOWS\system32\kcbbnpq.dat absent !
C:\WINDOWS\system32\kcbbnpq_nav.dat absent !
C:\WINDOWS\system32\kcbbnpq_navps.dat absent !
C:\WINDOWS\system32\kcbbnpq_navup.dat absent !
C:\WINDOWS\system32\kcbbnpq_navtmp.dat absent !
C:\WINDOWS\system32\kcbbnpq_m2s.xml absent !
C:\WINDOWS\prefetch\kcbbnpq*.pf trouvé !
Copie C:\WINDOWS\prefetch\kcbbnpq*.pf réalise avec succes !
C:\WINDOWS\prefetch\kcbbnpq*.pf supprimé !
*** Suppression dossiers dans C:\WINDOWS ***
*** Suppression dossiers dans C:\Program Files ***
C:\Program Files\WebMediaPlayer ...suppression...
C:\Program Files\WebMediaPlayer supprimé !
*** Suppression dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Suppression dossiers dans C:\Documents and Settings\Maxime\Application Data ***
*** Suppression fichiers ***
C:\DOCUME~1\Maxime\Bureau\WebMediaPlayer.lnk supprimé !
C:\WINDOWS\pack.epk supprimé !
C:\WINDOWS\system32\nvs2.inf supprimé !
*** Suppression fichiers temporaires ***
Nettoyage contenu C:\WINDOWS\Temp effectué !
Nettoyage contenu C:\Documents and Settings\Maxime\Local Settings\Temp effectué !
*** Sauvegarde du registre vers dossier Backupnavi***
sauvegarde du registre réalise avec succes !
*** Nettoyage registre ***
Nettoyage registre Ok
*** Traitement Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
C:\WINDOWS\system32\gjkmp.bak1 trouvé ! infection Vundo possible non traité par cet outil !
2)Recherche et Suppression Heuristique :
*
**
***
****
*****
******
*******
********
3)Contrôle présence clés Rootkit dans le registre :
Aucune autre clés présente dans le registre !
*** Nettoyage termine le 26/06/2007 à 20:34:31,46 ***
Logfile of HijackThis v1.99.1
Scan saved at 20:36:11, on 26/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Draw Scr Ford Eggs] C:\Documents and Settings\All Users\Application Data\Bone Open Draw Scr\skip wait.exe
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [phonebuild] C:\DOCUME~1\Maxime\APPLIC~1\Gplfirst\rdr dart itch.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WINDOWS\system32\agxrckml.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Scan saved at 20:36:11, on 26/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\Program Files\Alwil Software\Avast4\setup\avast.setup
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Draw Scr Ford Eggs] C:\Documents and Settings\All Users\Application Data\Bone Open Draw Scr\skip wait.exe
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [phonebuild] C:\DOCUME~1\Maxime\APPLIC~1\Gplfirst\rdr dart itch.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WINDOWS\system32\agxrckml.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Re,
Télécharge LopResearch.zip
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier LopResearch puis double-clique sur le Scan.bat.
Un rapport sera généré, poste son contenu ici.
Télécharge LopResearch.zip
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier LopResearch puis double-clique sur le Scan.bat.
Un rapport sera généré, poste son contenu ici.
Rapport fait à 20:44:04,89 le 26/06/2007
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 787E-CD96
R‚pertoire de C:\Documents and Settings\All Users\Application Data
22/03/2007 19:46 <REP> Google
31/01/2007 14:47 1755 QTSBandwidthCache
29/01/2007 22:34 <REP> ashampoo
25/12/2006 13:09 <REP> Apple Computer
15/10/2006 20:45 <REP> Messenger Plus!
15/10/2006 20:43 <REP> Bone Open Draw Scr
19/09/2006 21:16 <REP> FaxCtr
18/09/2006 11:04 <REP> Yahoo! Companion
18/09/2006 10:57 <REP> Adobe
16/09/2006 09:26 <REP> Windows Genuine Advantage
14/09/2006 22:52 62 desktop.ini
14/09/2006 22:50 <REP> Microsoft
14/09/2006 22:50 <REP> .
14/09/2006 22:50 <REP> ..
2 fichier(s) 1817 octets
12 R‚p(s) 80373022720 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 787E-CD96
R‚pertoire de C:\Documents and Settings\Default User\Application Data
14/09/2006 22:52 62 desktop.ini
14/09/2006 22:50 <REP> ..
14/09/2006 22:50 <REP> Microsoft
14/09/2006 22:50 <REP> .
1 fichier(s) 62 octets
3 R‚p(s) 80373022720 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 787E-CD96
R‚pertoire de C:\Documents and Settings\Maxime\Application Data
05/03/2007 19:32 <REP> Command & Conquer 3 Tiberium Wars Demo
29/01/2007 22:35 <REP> Ashampoo
29/01/2007 00:11 <REP> vlc
25/12/2006 13:10 <REP> Apple Computer
06/11/2006 21:23 <REP> Help
04/11/2006 14:35 <REP> Sports Interactive
31/10/2006 16:16 <REP> Azureus
29/10/2006 00:11 <REP> Leadertech
21/10/2006 20:55 <REP> CopyToDvd
21/10/2006 20:51 33 pcouffin.log
21/10/2006 20:51 7176 pcouffin.cat
21/10/2006 20:51 81920 ezpinst.exe
21/10/2006 20:51 47360 pcouffin.sys
21/10/2006 20:51 1144 pcouffin.inf
21/10/2006 20:51 <REP> Vso
17/10/2006 19:30 <REP> DivX
16/10/2006 17:51 <REP> Sun
15/10/2006 20:43 <REP> Gplfirst
23/09/2006 16:24 <REP> AdobeAUM
20/09/2006 12:53 <REP> FaxCtr
18/09/2006 11:00 <REP> AdobeUM
18/09/2006 10:55 <REP> Adobe
14/09/2006 23:15 <REP> Mozilla
14/09/2006 21:32 <REP> Macromedia
14/09/2006 21:10 <REP> Identities
14/09/2006 21:10 62 desktop.ini
14/09/2006 21:10 <REP> ..
14/09/2006 21:10 <REP> .
14/09/2006 21:10 <REP> Microsoft
6 fichier(s) 137695 octets
23 R‚p(s) 80373022720 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 787E-CD96
R‚pertoire de C:\WINDOWS\Tasks
05/03/2007 00:15 264 A0A07C7A9187F886.job
25/12/2006 13:09 284 AppleSoftwareUpdate.job
14/09/2006 21:07 6 SA.DAT
14/09/2006 21:01 65 desktop.ini
14/09/2006 21:01 <REP> ..
14/09/2006 21:01 <REP> .
4 fichier(s) 619 octets
2 R‚p(s) 80ÿ373ÿ022ÿ720 octets libres
******************************************
Listing des dossiers dans C:\Program Files
Abbyy FineReader 6.0 Sprint
AbiSuite2
Adobe
Adverts
Alwil Software
Analog Devices
Apple Software Update
Ashampoo
Azureus
CasinoOnNet
ComPlus Applications
Dial-Messenger
DivX
Electronic Arts
eMule
Eurobarre
Fichiers communs
GameSpy
Gplfirst
Internet Explorer
iPod
iTunes
Java
L'EntraŒneur 2007 Demo
Lexmark 4300 Series
Lexmark Fax Solutions
Logitech
Lx_cats
Macrogaming
Messenger
MessengerPlus! 3
microsoft frontpage
Microsoft Games
Microsoft Office
Movie Maker
Mozilla Firefox
MSN
MSN Gaming Zone
MSN Messenger
MSXML 4.0
Navilog1
NetMeeting
Online Services
Outlook Express
PacificPoker
PartyGaming.Net
QuickTime
SAGEM
Services en ligne
Singles
VideoLAN
VSO
Wanadoo
Wanadoo Messager
WebTvX
Winamp
Windows Media Connect 2
Windows Media Player
Windows NT
xerox
Yahoo!
******************************************
Recherche des dossiers/fichiers LOP
C:\Program Files\Adverts Présent !
C:\WINDOWS\tasks\A0A07C7A9187F886.job Présent !
******************************************
Recherche d'infections connues
Pas d'infection reconnue
******************************************
Vérification du fichier HOSTS
Fichier Hosts : MODIFIE
*************** Fin du Rapport - Version 0.9 ****************
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 787E-CD96
R‚pertoire de C:\Documents and Settings\All Users\Application Data
22/03/2007 19:46 <REP> Google
31/01/2007 14:47 1755 QTSBandwidthCache
29/01/2007 22:34 <REP> ashampoo
25/12/2006 13:09 <REP> Apple Computer
15/10/2006 20:45 <REP> Messenger Plus!
15/10/2006 20:43 <REP> Bone Open Draw Scr
19/09/2006 21:16 <REP> FaxCtr
18/09/2006 11:04 <REP> Yahoo! Companion
18/09/2006 10:57 <REP> Adobe
16/09/2006 09:26 <REP> Windows Genuine Advantage
14/09/2006 22:52 62 desktop.ini
14/09/2006 22:50 <REP> Microsoft
14/09/2006 22:50 <REP> .
14/09/2006 22:50 <REP> ..
2 fichier(s) 1817 octets
12 R‚p(s) 80373022720 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 787E-CD96
R‚pertoire de C:\Documents and Settings\Default User\Application Data
14/09/2006 22:52 62 desktop.ini
14/09/2006 22:50 <REP> ..
14/09/2006 22:50 <REP> Microsoft
14/09/2006 22:50 <REP> .
1 fichier(s) 62 octets
3 R‚p(s) 80373022720 octets libres
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 787E-CD96
R‚pertoire de C:\Documents and Settings\Maxime\Application Data
05/03/2007 19:32 <REP> Command & Conquer 3 Tiberium Wars Demo
29/01/2007 22:35 <REP> Ashampoo
29/01/2007 00:11 <REP> vlc
25/12/2006 13:10 <REP> Apple Computer
06/11/2006 21:23 <REP> Help
04/11/2006 14:35 <REP> Sports Interactive
31/10/2006 16:16 <REP> Azureus
29/10/2006 00:11 <REP> Leadertech
21/10/2006 20:55 <REP> CopyToDvd
21/10/2006 20:51 33 pcouffin.log
21/10/2006 20:51 7176 pcouffin.cat
21/10/2006 20:51 81920 ezpinst.exe
21/10/2006 20:51 47360 pcouffin.sys
21/10/2006 20:51 1144 pcouffin.inf
21/10/2006 20:51 <REP> Vso
17/10/2006 19:30 <REP> DivX
16/10/2006 17:51 <REP> Sun
15/10/2006 20:43 <REP> Gplfirst
23/09/2006 16:24 <REP> AdobeAUM
20/09/2006 12:53 <REP> FaxCtr
18/09/2006 11:00 <REP> AdobeUM
18/09/2006 10:55 <REP> Adobe
14/09/2006 23:15 <REP> Mozilla
14/09/2006 21:32 <REP> Macromedia
14/09/2006 21:10 <REP> Identities
14/09/2006 21:10 62 desktop.ini
14/09/2006 21:10 <REP> ..
14/09/2006 21:10 <REP> .
14/09/2006 21:10 <REP> Microsoft
6 fichier(s) 137695 octets
23 R‚p(s) 80373022720 octets libres
******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks
Le volume dans le lecteur C n'a pas de nom.
Le num‚ro de s‚rie du volume est 787E-CD96
R‚pertoire de C:\WINDOWS\Tasks
05/03/2007 00:15 264 A0A07C7A9187F886.job
25/12/2006 13:09 284 AppleSoftwareUpdate.job
14/09/2006 21:07 6 SA.DAT
14/09/2006 21:01 65 desktop.ini
14/09/2006 21:01 <REP> ..
14/09/2006 21:01 <REP> .
4 fichier(s) 619 octets
2 R‚p(s) 80ÿ373ÿ022ÿ720 octets libres
******************************************
Listing des dossiers dans C:\Program Files
Abbyy FineReader 6.0 Sprint
AbiSuite2
Adobe
Adverts
Alwil Software
Analog Devices
Apple Software Update
Ashampoo
Azureus
CasinoOnNet
ComPlus Applications
Dial-Messenger
DivX
Electronic Arts
eMule
Eurobarre
Fichiers communs
GameSpy
Gplfirst
Internet Explorer
iPod
iTunes
Java
L'EntraŒneur 2007 Demo
Lexmark 4300 Series
Lexmark Fax Solutions
Logitech
Lx_cats
Macrogaming
Messenger
MessengerPlus! 3
microsoft frontpage
Microsoft Games
Microsoft Office
Movie Maker
Mozilla Firefox
MSN
MSN Gaming Zone
MSN Messenger
MSXML 4.0
Navilog1
NetMeeting
Online Services
Outlook Express
PacificPoker
PartyGaming.Net
QuickTime
SAGEM
Services en ligne
Singles
VideoLAN
VSO
Wanadoo
Wanadoo Messager
WebTvX
Winamp
Windows Media Connect 2
Windows Media Player
Windows NT
xerox
Yahoo!
******************************************
Recherche des dossiers/fichiers LOP
C:\Program Files\Adverts Présent !
C:\WINDOWS\tasks\A0A07C7A9187F886.job Présent !
******************************************
Recherche d'infections connues
Pas d'infection reconnue
******************************************
Vérification du fichier HOSTS
Fichier Hosts : MODIFIE
*************** Fin du Rapport - Version 0.9 ****************
Re,
Fix les lignes en italique ci-dessous avec Hijackthis : AIDE EN IMAGES
O4 - HKLM\..\Run: [Draw Scr Ford Eggs] C:\Documents and Settings\All Users\Application Data\Bone Open Draw Scr\skip wait.exe
O4 - HKCU\..\Run: [phonebuild] C:\DOCUME~1\Maxime\APPLIC~1\Gplfirst\rdr dart itch.exe
&
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne TOUS les emplacements en gras ci-dessous :
C:\Documents and Settings\All Users\Application Data\Bone Open Draw Scr
C:\Documents and Settings\Maxime\Application Data\Gplfirst
C:\Program Files\Gplfirst
C:\Program Files\Adverts
C:\WINDOWS\tasks\A0A07C7A9187F886.job
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
&
Télécharge R-Hosts.exe (de S!ri)
Lance R-Hosts puis clique sur "Restaurer".
Valide la modification en appuyant sur OK.
Fix les lignes en italique ci-dessous avec Hijackthis : AIDE EN IMAGES
O4 - HKLM\..\Run: [Draw Scr Ford Eggs] C:\Documents and Settings\All Users\Application Data\Bone Open Draw Scr\skip wait.exe
O4 - HKCU\..\Run: [phonebuild] C:\DOCUME~1\Maxime\APPLIC~1\Gplfirst\rdr dart itch.exe
&
Télécharge OTMoveIt (d'OldTimer). Sauvegarde-le sur ton Bureau.
Sélectionne TOUS les emplacements en gras ci-dessous :
C:\Documents and Settings\All Users\Application Data\Bone Open Draw Scr
C:\Documents and Settings\Maxime\Application Data\Gplfirst
C:\Program Files\Gplfirst
C:\Program Files\Adverts
C:\WINDOWS\tasks\A0A07C7A9187F886.job
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
&
Télécharge R-Hosts.exe (de S!ri)
Lance R-Hosts puis clique sur "Restaurer".
Valide la modification en appuyant sur OK.
202261,12,181940 a dit :
Sélectionne TOUS les emplacements en gras ci-dessous :
C:\Documents and Settings\All Users\Application Data\Bone Open Draw Scr
C:\Documents and Settings\Maxime\Application Data\Gplfirst
C:\Program Files\Gplfirst
C:\Program Files\Adverts
C:\WINDOWS\tasks\A0A07C7A9187F886.job
Je les selectionne ou ces emplacement??
en fait j'ai bugger lol
Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Bone Open Draw Scr scheduled to be deleted on reboot.
C:\Documents and Settings\Maxime\Application Data\Gplfirst moved successfully.
C:\Program Files\Gplfirst moved successfully.
C:\Program Files\Adverts moved successfully.
C:\WINDOWS\tasks\A0A07C7A9187F886.job moved successfully.
Created on 06/26/2007 21:15:58
Folder cleanup failed. C:\Documents and Settings\All Users\Application Data\Bone Open Draw Scr scheduled to be deleted on reboot.
C:\Documents and Settings\Maxime\Application Data\Gplfirst moved successfully.
C:\Program Files\Gplfirst moved successfully.
C:\Program Files\Adverts moved successfully.
C:\WINDOWS\tasks\A0A07C7A9187F886.job moved successfully.
Created on 06/26/2007 21:15:58
Au bout de 3 ou 4 fois il s'est bien remis . . .
Logfile of HijackThis v1.99.1
Scan saved at 22:01:42, on 26/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Maxime\services.exe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WINDOWS\system32\agxrckml.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Logfile of HijackThis v1.99.1
Scan saved at 22:01:42, on 26/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Maxime\services.exe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WINDOWS\system32\agxrckml.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Logfile of HijackThis v1.99.1
Scan saved at 13:06:10, on 27/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\ssiwlagp.dll",forkonce
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WINDOWS\system32\agxrckml.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Scan saved at 13:06:10, on 27/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\ssiwlagp.dll",forkonce
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WINDOWS\system32\agxrckml.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Re,
Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
Double-clique VundoFix.exe afin de le lancer
Clique sur le bouton Scan for Vundo
Lorsque le scan est complété, clique sur le bouton Remove Vundo
Une invite te demandera si tu veux supprimer les fichiers, clique YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers
Tu verras une invite qui t'annonce que ton PC va redémarrer; clique OK
Copie/colle le contenu du rapport situé dans C:\vundofix.txt ainsi qu'un nouveau rapport HijackThis dans ta prochaine réponse
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
Télécharge VundoFix.exe (par Atribune) sur ton Bureau.
Note: Il est possible que VundoFix soit confronté à un fichier qu'il ne peut supprimer. Si tel est le cas, l'outil se lancera au prochain redémarrage; il faut simplement suivre les instructions ci-haut, à partir de "clique sur le bouton Scan for Vundo".
VundoFix V6.5.1
Checking Java version...
Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.11
Scan started at 22:04:17 25/06/2007
Listing files found while scanning....
C:\WINDOWS\system32\gjkmp.bak1
C:\WINDOWS\system32\gjkmp.ini
C:\WINDOWS\system32\pmkjg.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\gjkmp.bak1
C:\WINDOWS\system32\gjkmp.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\gjkmp.ini
C:\WINDOWS\system32\gjkmp.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmkjg.dll
C:\WINDOWS\system32\pmkjg.dll Could not be deleted.
Performing Repairs to the registry.
Done!
Beginning removal...
VundoFix V6.5.1
Checking Java version...
Java version is 1.5.0.6
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.11
Scan started at 13:16:28 27/06/2007
Listing files found while scanning....
C:\WINDOWS\system32\gjkmp.bak1
C:\WINDOWS\system32\gjkmp.bak2
C:\WINDOWS\system32\gjkmp.ini
C:\WINDOWS\system32\pmkjg.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\gjkmp.bak1
C:\WINDOWS\system32\gjkmp.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\gjkmp.bak2
C:\WINDOWS\system32\gjkmp.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\gjkmp.ini
C:\WINDOWS\system32\gjkmp.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmkjg.dll
C:\WINDOWS\system32\pmkjg.dll Has been deleted!
Performing Repairs to the registry.
Done!
Logfile of HijackThis v1.99.1
Scan saved at 13:22:49, on 27/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Electronic Arts\EA Link\Core.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} - C:\WINDOWS\system32\vrcxecpd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {D75D13CF-2D08-4AE0-9C00-D2984EB87595} - C:\WINDOWS\system32\pmkjg.dll (file missing)
O2 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\efcbcya.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\ssiwlagp.dll",forkonce
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: efcbcya - C:\WINDOWS\SYSTEM32\efcbcya.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WINDOWS\system32\agxrckml.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Scan saved at 13:22:49, on 27/06/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\WINDOWS\system32\ElkCtrl.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Electronic Arts\EA Link\Core.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.01net.com/telecharger/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} - C:\WINDOWS\system32\vrcxecpd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {D75D13CF-2D08-4AE0-9C00-D2984EB87595} - C:\WINDOWS\system32\pmkjg.dll (file missing)
O2 - BHO: (no name) - {DC192567-65F9-4AB6-ADB7-E13575F81726} - C:\WINDOWS\system32\efcbcya.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [icq.com] rundll32.exe "C:\WINDOWS\system32\ssiwlagp.dll",forkonce
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: efcbcya - C:\WINDOWS\SYSTEM32\efcbcya.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: DomainService - - C:\WINDOWS\system32\agxrckml.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Re,
Télécharge combofix.exe (par sUBs) sur ton Bureau.
Double clique combofix.exe.
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Copie/colle ce rapport dans ta prochaine réponse.
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
NOTE : Le rapport se trouve également ici : C:\Combofix.txt
"Maxime" - 2007-06-27 18:39:58 - ComboFix 07-06-27.7 - Service Pack 2 NTFS
(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\byxyyvt.dll
C:\WINDOWS\system32\wvutqpp.dll
C:\WINDOWS\system32\awtqqon.dll
C:\WINDOWS\system32\awtronm.dll
C:\WINDOWS\system32\awtstsr.dll
C:\WINDOWS\system32\awtstuu.dll
C:\WINDOWS\system32\awttusq.dll
C:\WINDOWS\system32\awtusrr.dll
C:\WINDOWS\system32\awtuuvw.dll
C:\WINDOWS\system32\byxvtro.dll
C:\WINDOWS\system32\byxwxww.dll
C:\WINDOWS\system32\byxxxvw.dll
C:\WINDOWS\system32\byxyaab.dll
C:\WINDOWS\system32\byxyvss.dll
C:\WINDOWS\system32\byxyxyw.dll
C:\WINDOWS\system32\byxyyvu.dll
C:\WINDOWS\system32\cbxyyyw.dll
C:\WINDOWS\system32\ddcabba.dll
C:\WINDOWS\system32\ddccaby.dll
C:\WINDOWS\system32\ddcdbya.dll
C:\WINDOWS\system32\fcccaxx.dll
C:\WINDOWS\system32\fccdbcb.dll
C:\WINDOWS\system32\gebbywx.dll
C:\WINDOWS\system32\gebywvw.dll
C:\WINDOWS\system32\gebyyax.dll
C:\WINDOWS\system32\hgggddd.dll
C:\WINDOWS\system32\hgggdeb.dll
C:\WINDOWS\system32\iifcdax.dll
C:\WINDOWS\system32\iifdeee.dll
C:\WINDOWS\system32\iifeccb.dll
C:\WINDOWS\system32\jkkhefd.dll
C:\WINDOWS\system32\jkkiijh.dll
C:\WINDOWS\system32\jkkkjgg.dll
C:\WINDOWS\system32\jkkkkki.dll
C:\WINDOWS\system32\khfcbxy.dll
C:\WINDOWS\system32\khfdcyv.dll
C:\WINDOWS\system32\khfddbc.dll
C:\WINDOWS\system32\khfddef.dll
C:\WINDOWS\system32\khfdeff.dll
C:\WINDOWS\system32\khfeebb.dll
C:\WINDOWS\system32\ljjjjgg.dll
C:\WINDOWS\system32\mljghif.dll
C:\WINDOWS\system32\mljihed.dll
C:\WINDOWS\system32\mljjklj.dll
C:\WINDOWS\system32\mljkihi.dll
C:\WINDOWS\system32\nnnkiji.dll
C:\WINDOWS\system32\nnnnlkh.dll
C:\WINDOWS\system32\opnkhif.dll
C:\WINDOWS\system32\opnllmj.dll
C:\WINDOWS\system32\opnmlmk.dll
C:\WINDOWS\system32\opnnnnk.dll
C:\WINDOWS\system32\pmnnmlk.dll
C:\WINDOWS\system32\pmnnmlm.dll
C:\WINDOWS\system32\qomklmk.dll
C:\WINDOWS\system32\qomlmno.dll
C:\WINDOWS\system32\qomnlkj.dll
C:\WINDOWS\system32\qomnnkl.dll
C:\WINDOWS\system32\rqroljk.dll
C:\WINDOWS\system32\rqropnk.dll
C:\WINDOWS\system32\rqrpopp.dll
C:\WINDOWS\system32\rqrsqnm.dll
C:\WINDOWS\system32\ssqrono.dll
C:\WINDOWS\system32\ssqrqro.dll
C:\WINDOWS\system32\tuvwtsr.dll
C:\WINDOWS\system32\tuvwwwx.dll
C:\WINDOWS\system32\tuvwxur.dll
C:\WINDOWS\system32\urqnljg.dll
C:\WINDOWS\system32\urqrqro.dll
C:\WINDOWS\system32\vtuutrq.dll
C:\WINDOWS\system32\vtuuusq.dll
C:\WINDOWS\system32\vtuuuus.dll
C:\WINDOWS\system32\wvursrr.dll
C:\WINDOWS\system32\wvusqqr.dll
C:\WINDOWS\system32\wvusrqp.dll
C:\WINDOWS\system32\wvutspn.dll
C:\WINDOWS\system32\wvutstt.dll
C:\WINDOWS\system32\wvuurqr.dll
C:\WINDOWS\system32\xxyvuvw.dll
C:\WINDOWS\system32\xxywwtr.dll
C:\WINDOWS\system32\xxywwwx.dll
C:\WINDOWS\system32\yaywxyw.dll
C:\WINDOWS\system32\tttss.bak1
C:\WINDOWS\system32\tttss.ini
C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\efcbcya.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Maxime\APPLIC~1.\macromedia\Flash Player\#SharedObjects\JCLZXK3D\www.broadcaster.com
C:\DOCUME~1\Maxime\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\DOCUME~1\Maxime\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\system32\vhqjhtbu.exe
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_DOMAINSERVICE
-------\DomainService
((((((((((((((((((((((((( Files Created from 2007-05-27 to 2007-06-27 )))))))))))))))))))))))))))))))
2007-06-27 18:39 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-26 22:44 128,576 --a------ C:\WINDOWS\system32\ssiwlagp.dll
2007-06-26 22:41 66,112 --a------ C:\WINDOWS\system32\vrcxecpd.dll
2007-06-26 19:46 <REP> d-------- C:\Program Files\Navilog1
2007-06-25 22:34 4,672 --a------ C:\WINDOWS\system32\ewtkapor.exe
2007-06-25 22:04 <REP> d-------- C:\VundoFix Backups
2007-06-25 21:12 71,411 --a------ C:\DOCUME~1\Maxime\call.exe
2007-06-25 21:12 239,715 --a------ C:\DOCUME~1\Maxime\services.exe
2007-06-24 14:43 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2007-06-24 14:43 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-06-24 14:39 <REP> d-------- C:\WINDOWS\network diagnostic
2007-06-19 21:47 <REP> d-------- C:\Program Files\Dial-Messenger
2007-06-18 17:40 20,976 --a------ C:\WINDOWS\system\CTL3D.DLL
2007-06-18 17:40 <REP> d-------- C:\FXIWIN19
2007-06-18 17:40 <REP> d-------- C:\DOCUME~1\Maxime\WINDOWS
2007-06-13 17:30 <REP> d-------- C:\bccceb4f35776fe9d2c55ab353
2007-06-05 22:18 <REP> d-------- C:\Program Files\Macrogaming
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-27 16:36:54 -------- d-----w C:\Program Files\Lx_cats
2007-06-25 20:22:26 -------- d-----w C:\Program Files\Wanadoo
2007-06-25 19:04:46 -------- d-----w C:\Program Files\MSN Messenger
2007-06-23 18:54:23 -------- d-----w C:\Program Files\eMule
2007-06-23 18:54:19 -------- d-----w C:\DOCUME~1\Maxime\APPLIC~1\Azureus
2007-06-16 11:43:16 -------- d-----w C:\Program Files\PacificPoker
2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-30 17:31:28 -------- d-----w C:\Program Files\Windows Media Connect 2
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-04-27 16:57:09 78 ----a-w C:\WINDOWS\system32\netwbix32.dll
2007-04-25 14:22:35 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 20:38]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{D75D13CF-2D08-4AE0-9C00-D2984EB87595}=C:\WINDOWS\system32\pmkjg.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-06-21 19:14]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57]
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [2005-12-07 10:26]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [2005-12-07 10:33]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
"lxcemon.exe"="C:\Program Files\Lexmark 4300 Series\lxcemon.exe" [2005-03-22 19:25]
"EzPrint"="C:\Program Files\Lexmark 4300 Series\ezprint.exe" [2005-02-15 12:07]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-03-16 11:10]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-10-16 10:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 15:49]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-24 12:24]
"EA Core"="C:\Program Files\Electronic Arts\EA Link\Core.exe" [2007-04-17 07:59]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"=0 (0x0)
"NoFind"=0 (0x0)
"NoRun"=0 (0x0)
"NoDesktop"=0 (0x0)
"NoControlPanel"=0 (0x0)
"NoClose"=0 (0x0)
"StartMenuLogOff"=0 (0x0)
"HideClock"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe
Contents of the 'Scheduled Tasks' folder
2006-12-25 11:09:39 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
**************************************************************************
catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-27 18:48:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-06-27 18:50:05 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-06-27 18:49
--- E O F ---
(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\byxyyvt.dll
C:\WINDOWS\system32\wvutqpp.dll
C:\WINDOWS\system32\awtqqon.dll
C:\WINDOWS\system32\awtronm.dll
C:\WINDOWS\system32\awtstsr.dll
C:\WINDOWS\system32\awtstuu.dll
C:\WINDOWS\system32\awttusq.dll
C:\WINDOWS\system32\awtusrr.dll
C:\WINDOWS\system32\awtuuvw.dll
C:\WINDOWS\system32\byxvtro.dll
C:\WINDOWS\system32\byxwxww.dll
C:\WINDOWS\system32\byxxxvw.dll
C:\WINDOWS\system32\byxyaab.dll
C:\WINDOWS\system32\byxyvss.dll
C:\WINDOWS\system32\byxyxyw.dll
C:\WINDOWS\system32\byxyyvu.dll
C:\WINDOWS\system32\cbxyyyw.dll
C:\WINDOWS\system32\ddcabba.dll
C:\WINDOWS\system32\ddccaby.dll
C:\WINDOWS\system32\ddcdbya.dll
C:\WINDOWS\system32\fcccaxx.dll
C:\WINDOWS\system32\fccdbcb.dll
C:\WINDOWS\system32\gebbywx.dll
C:\WINDOWS\system32\gebywvw.dll
C:\WINDOWS\system32\gebyyax.dll
C:\WINDOWS\system32\hgggddd.dll
C:\WINDOWS\system32\hgggdeb.dll
C:\WINDOWS\system32\iifcdax.dll
C:\WINDOWS\system32\iifdeee.dll
C:\WINDOWS\system32\iifeccb.dll
C:\WINDOWS\system32\jkkhefd.dll
C:\WINDOWS\system32\jkkiijh.dll
C:\WINDOWS\system32\jkkkjgg.dll
C:\WINDOWS\system32\jkkkkki.dll
C:\WINDOWS\system32\khfcbxy.dll
C:\WINDOWS\system32\khfdcyv.dll
C:\WINDOWS\system32\khfddbc.dll
C:\WINDOWS\system32\khfddef.dll
C:\WINDOWS\system32\khfdeff.dll
C:\WINDOWS\system32\khfeebb.dll
C:\WINDOWS\system32\ljjjjgg.dll
C:\WINDOWS\system32\mljghif.dll
C:\WINDOWS\system32\mljihed.dll
C:\WINDOWS\system32\mljjklj.dll
C:\WINDOWS\system32\mljkihi.dll
C:\WINDOWS\system32\nnnkiji.dll
C:\WINDOWS\system32\nnnnlkh.dll
C:\WINDOWS\system32\opnkhif.dll
C:\WINDOWS\system32\opnllmj.dll
C:\WINDOWS\system32\opnmlmk.dll
C:\WINDOWS\system32\opnnnnk.dll
C:\WINDOWS\system32\pmnnmlk.dll
C:\WINDOWS\system32\pmnnmlm.dll
C:\WINDOWS\system32\qomklmk.dll
C:\WINDOWS\system32\qomlmno.dll
C:\WINDOWS\system32\qomnlkj.dll
C:\WINDOWS\system32\qomnnkl.dll
C:\WINDOWS\system32\rqroljk.dll
C:\WINDOWS\system32\rqropnk.dll
C:\WINDOWS\system32\rqrpopp.dll
C:\WINDOWS\system32\rqrsqnm.dll
C:\WINDOWS\system32\ssqrono.dll
C:\WINDOWS\system32\ssqrqro.dll
C:\WINDOWS\system32\tuvwtsr.dll
C:\WINDOWS\system32\tuvwwwx.dll
C:\WINDOWS\system32\tuvwxur.dll
C:\WINDOWS\system32\urqnljg.dll
C:\WINDOWS\system32\urqrqro.dll
C:\WINDOWS\system32\vtuutrq.dll
C:\WINDOWS\system32\vtuuusq.dll
C:\WINDOWS\system32\vtuuuus.dll
C:\WINDOWS\system32\wvursrr.dll
C:\WINDOWS\system32\wvusqqr.dll
C:\WINDOWS\system32\wvusrqp.dll
C:\WINDOWS\system32\wvutspn.dll
C:\WINDOWS\system32\wvutstt.dll
C:\WINDOWS\system32\wvuurqr.dll
C:\WINDOWS\system32\xxyvuvw.dll
C:\WINDOWS\system32\xxywwtr.dll
C:\WINDOWS\system32\xxywwwx.dll
C:\WINDOWS\system32\yaywxyw.dll
C:\WINDOWS\system32\tttss.bak1
C:\WINDOWS\system32\tttss.ini
C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\efcbcya.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Maxime\APPLIC~1.\macromedia\Flash Player\#SharedObjects\JCLZXK3D\www.broadcaster.com
C:\DOCUME~1\Maxime\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\DOCUME~1\Maxime\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\system32\vhqjhtbu.exe
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_DOMAINSERVICE
-------\DomainService
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_DOMAINSERVICE
-------\DomainService
((((((((((((((((((((((((( Files Created from 2007-05-27 to 2007-06-27 )))))))))))))))))))))))))))))))
(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\byxyyvt.dll
C:\WINDOWS\system32\wvutqpp.dll
C:\WINDOWS\system32\awtqqon.dll
C:\WINDOWS\system32\awtronm.dll
C:\WINDOWS\system32\awtstsr.dll
C:\WINDOWS\system32\awtstuu.dll
C:\WINDOWS\system32\awttusq.dll
C:\WINDOWS\system32\awtusrr.dll
C:\WINDOWS\system32\awtuuvw.dll
C:\WINDOWS\system32\byxvtro.dll
C:\WINDOWS\system32\byxwxww.dll
C:\WINDOWS\system32\byxxxvw.dll
C:\WINDOWS\system32\byxyaab.dll
C:\WINDOWS\system32\byxyvss.dll
C:\WINDOWS\system32\byxyxyw.dll
C:\WINDOWS\system32\byxyyvu.dll
C:\WINDOWS\system32\cbxyyyw.dll
C:\WINDOWS\system32\ddcabba.dll
C:\WINDOWS\system32\ddccaby.dll
C:\WINDOWS\system32\ddcdbya.dll
C:\WINDOWS\system32\fcccaxx.dll
C:\WINDOWS\system32\fccdbcb.dll
C:\WINDOWS\system32\gebbywx.dll
C:\WINDOWS\system32\gebywvw.dll
C:\WINDOWS\system32\gebyyax.dll
C:\WINDOWS\system32\hgggddd.dll
C:\WINDOWS\system32\hgggdeb.dll
C:\WINDOWS\system32\iifcdax.dll
C:\WINDOWS\system32\iifdeee.dll
C:\WINDOWS\system32\iifeccb.dll
C:\WINDOWS\system32\jkkhefd.dll
C:\WINDOWS\system32\jkkiijh.dll
C:\WINDOWS\system32\jkkkjgg.dll
C:\WINDOWS\system32\jkkkkki.dll
C:\WINDOWS\system32\khfcbxy.dll
C:\WINDOWS\system32\khfdcyv.dll
C:\WINDOWS\system32\khfddbc.dll
C:\WINDOWS\system32\khfddef.dll
C:\WINDOWS\system32\khfdeff.dll
C:\WINDOWS\system32\khfeebb.dll
C:\WINDOWS\system32\ljjjjgg.dll
C:\WINDOWS\system32\mljghif.dll
C:\WINDOWS\system32\mljihed.dll
C:\WINDOWS\system32\mljjklj.dll
C:\WINDOWS\system32\mljkihi.dll
C:\WINDOWS\system32\nnnkiji.dll
C:\WINDOWS\system32\nnnnlkh.dll
C:\WINDOWS\system32\opnkhif.dll
C:\WINDOWS\system32\opnllmj.dll
C:\WINDOWS\system32\opnmlmk.dll
C:\WINDOWS\system32\opnnnnk.dll
C:\WINDOWS\system32\pmnnmlk.dll
C:\WINDOWS\system32\pmnnmlm.dll
C:\WINDOWS\system32\qomklmk.dll
C:\WINDOWS\system32\qomlmno.dll
C:\WINDOWS\system32\qomnlkj.dll
C:\WINDOWS\system32\qomnnkl.dll
C:\WINDOWS\system32\rqroljk.dll
C:\WINDOWS\system32\rqropnk.dll
C:\WINDOWS\system32\rqrpopp.dll
C:\WINDOWS\system32\rqrsqnm.dll
C:\WINDOWS\system32\ssqrono.dll
C:\WINDOWS\system32\ssqrqro.dll
C:\WINDOWS\system32\tuvwtsr.dll
C:\WINDOWS\system32\tuvwwwx.dll
C:\WINDOWS\system32\tuvwxur.dll
C:\WINDOWS\system32\urqnljg.dll
C:\WINDOWS\system32\urqrqro.dll
C:\WINDOWS\system32\vtuutrq.dll
C:\WINDOWS\system32\vtuuusq.dll
C:\WINDOWS\system32\vtuuuus.dll
C:\WINDOWS\system32\wvursrr.dll
C:\WINDOWS\system32\wvusqqr.dll
C:\WINDOWS\system32\wvusrqp.dll
C:\WINDOWS\system32\wvutspn.dll
C:\WINDOWS\system32\wvutstt.dll
C:\WINDOWS\system32\wvuurqr.dll
C:\WINDOWS\system32\xxyvuvw.dll
C:\WINDOWS\system32\xxywwtr.dll
C:\WINDOWS\system32\xxywwwx.dll
C:\WINDOWS\system32\yaywxyw.dll
C:\WINDOWS\system32\tttss.bak1
C:\WINDOWS\system32\tttss.ini
C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\efcbcya.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Maxime\APPLIC~1.\macromedia\Flash Player\#SharedObjects\JCLZXK3D\www.broadcaster.com
C:\DOCUME~1\Maxime\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\DOCUME~1\Maxime\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\system32\vhqjhtbu.exe
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_DOMAINSERVICE
-------\DomainService
((((((((((((((((((((((((( Files Created from 2007-05-27 to 2007-06-27 )))))))))))))))))))))))))))))))
2007-06-27 18:39 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-26 22:44 128,576 --a------ C:\WINDOWS\system32\ssiwlagp.dll
2007-06-26 22:41 66,112 --a------ C:\WINDOWS\system32\vrcxecpd.dll
2007-06-26 19:46 <REP> d-------- C:\Program Files\Navilog1
2007-06-25 22:34 4,672 --a------ C:\WINDOWS\system32\ewtkapor.exe
2007-06-25 22:04 <REP> d-------- C:\VundoFix Backups
2007-06-25 21:12 71,411 --a------ C:\DOCUME~1\Maxime\call.exe
2007-06-25 21:12 239,715 --a------ C:\DOCUME~1\Maxime\services.exe
2007-06-24 14:43 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2007-06-24 14:43 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-06-24 14:39 <REP> d-------- C:\WINDOWS\network diagnostic
2007-06-19 21:47 <REP> d-------- C:\Program Files\Dial-Messenger
2007-06-18 17:40 20,976 --a------ C:\WINDOWS\system\CTL3D.DLL
2007-06-18 17:40 <REP> d-------- C:\FXIWIN19
2007-06-18 17:40 <REP> d-------- C:\DOCUME~1\Maxime\WINDOWS
2007-06-13 17:30 <REP> d-------- C:\bccceb4f35776fe9d2c55ab353
2007-06-05 22:18 <REP> d-------- C:\Program Files\Macrogaming
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-27 16:36:54 -------- d-----w C:\Program Files\Lx_cats
2007-06-25 20:22:26 -------- d-----w C:\Program Files\Wanadoo
2007-06-25 19:04:46 -------- d-----w C:\Program Files\MSN Messenger
2007-06-23 18:54:23 -------- d-----w C:\Program Files\eMule
2007-06-23 18:54:19 -------- d-----w C:\DOCUME~1\Maxime\APPLIC~1\Azureus
2007-06-16 11:43:16 -------- d-----w C:\Program Files\PacificPoker
2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-30 17:31:28 -------- d-----w C:\Program Files\Windows Media Connect 2
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-04-27 16:57:09 78 ----a-w C:\WINDOWS\system32\netwbix32.dll
2007-04-25 14:22:35 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 20:38]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{D75D13CF-2D08-4AE0-9C00-D2984EB87595}=C:\WINDOWS\system32\pmkjg.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-06-21 19:14]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57]
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [2005-12-07 10:26]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [2005-12-07 10:33]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
"lxcemon.exe"="C:\Program Files\Lexmark 4300 Series\lxcemon.exe" [2005-03-22 19:25]
"EzPrint"="C:\Program Files\Lexmark 4300 Series\ezprint.exe" [2005-02-15 12:07]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-03-16 11:10]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-10-16 10:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 15:49]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-24 12:24]
"EA Core"="C:\Program Files\Electronic Arts\EA Link\Core.exe" [2007-04-17 07:59]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"=0 (0x0)
"NoFind"=0 (0x0)
"NoRun"=0 (0x0)
"NoDesktop"=0 (0x0)
"NoControlPanel"=0 (0x0)
"NoClose"=0 (0x0)
"StartMenuLogOff"=0 (0x0)
"HideClock"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe
Contents of the 'Scheduled Tasks' folder
2006-12-25 11:09:39 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
**************************************************************************
catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-27 18:48:16
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-06-27 18:50:05 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-06-27 18:49
--- E O F ---
(((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\byxyyvt.dll
C:\WINDOWS\system32\wvutqpp.dll
C:\WINDOWS\system32\awtqqon.dll
C:\WINDOWS\system32\awtronm.dll
C:\WINDOWS\system32\awtstsr.dll
C:\WINDOWS\system32\awtstuu.dll
C:\WINDOWS\system32\awttusq.dll
C:\WINDOWS\system32\awtusrr.dll
C:\WINDOWS\system32\awtuuvw.dll
C:\WINDOWS\system32\byxvtro.dll
C:\WINDOWS\system32\byxwxww.dll
C:\WINDOWS\system32\byxxxvw.dll
C:\WINDOWS\system32\byxyaab.dll
C:\WINDOWS\system32\byxyvss.dll
C:\WINDOWS\system32\byxyxyw.dll
C:\WINDOWS\system32\byxyyvu.dll
C:\WINDOWS\system32\cbxyyyw.dll
C:\WINDOWS\system32\ddcabba.dll
C:\WINDOWS\system32\ddccaby.dll
C:\WINDOWS\system32\ddcdbya.dll
C:\WINDOWS\system32\fcccaxx.dll
C:\WINDOWS\system32\fccdbcb.dll
C:\WINDOWS\system32\gebbywx.dll
C:\WINDOWS\system32\gebywvw.dll
C:\WINDOWS\system32\gebyyax.dll
C:\WINDOWS\system32\hgggddd.dll
C:\WINDOWS\system32\hgggdeb.dll
C:\WINDOWS\system32\iifcdax.dll
C:\WINDOWS\system32\iifdeee.dll
C:\WINDOWS\system32\iifeccb.dll
C:\WINDOWS\system32\jkkhefd.dll
C:\WINDOWS\system32\jkkiijh.dll
C:\WINDOWS\system32\jkkkjgg.dll
C:\WINDOWS\system32\jkkkkki.dll
C:\WINDOWS\system32\khfcbxy.dll
C:\WINDOWS\system32\khfdcyv.dll
C:\WINDOWS\system32\khfddbc.dll
C:\WINDOWS\system32\khfddef.dll
C:\WINDOWS\system32\khfdeff.dll
C:\WINDOWS\system32\khfeebb.dll
C:\WINDOWS\system32\ljjjjgg.dll
C:\WINDOWS\system32\mljghif.dll
C:\WINDOWS\system32\mljihed.dll
C:\WINDOWS\system32\mljjklj.dll
C:\WINDOWS\system32\mljkihi.dll
C:\WINDOWS\system32\nnnkiji.dll
C:\WINDOWS\system32\nnnnlkh.dll
C:\WINDOWS\system32\opnkhif.dll
C:\WINDOWS\system32\opnllmj.dll
C:\WINDOWS\system32\opnmlmk.dll
C:\WINDOWS\system32\opnnnnk.dll
C:\WINDOWS\system32\pmnnmlk.dll
C:\WINDOWS\system32\pmnnmlm.dll
C:\WINDOWS\system32\qomklmk.dll
C:\WINDOWS\system32\qomlmno.dll
C:\WINDOWS\system32\qomnlkj.dll
C:\WINDOWS\system32\qomnnkl.dll
C:\WINDOWS\system32\rqroljk.dll
C:\WINDOWS\system32\rqropnk.dll
C:\WINDOWS\system32\rqrpopp.dll
C:\WINDOWS\system32\rqrsqnm.dll
C:\WINDOWS\system32\ssqrono.dll
C:\WINDOWS\system32\ssqrqro.dll
C:\WINDOWS\system32\tuvwtsr.dll
C:\WINDOWS\system32\tuvwwwx.dll
C:\WINDOWS\system32\tuvwxur.dll
C:\WINDOWS\system32\urqnljg.dll
C:\WINDOWS\system32\urqrqro.dll
C:\WINDOWS\system32\vtuutrq.dll
C:\WINDOWS\system32\vtuuusq.dll
C:\WINDOWS\system32\vtuuuus.dll
C:\WINDOWS\system32\wvursrr.dll
C:\WINDOWS\system32\wvusqqr.dll
C:\WINDOWS\system32\wvusrqp.dll
C:\WINDOWS\system32\wvutspn.dll
C:\WINDOWS\system32\wvutstt.dll
C:\WINDOWS\system32\wvuurqr.dll
C:\WINDOWS\system32\xxyvuvw.dll
C:\WINDOWS\system32\xxywwtr.dll
C:\WINDOWS\system32\xxywwwx.dll
C:\WINDOWS\system32\yaywxyw.dll
C:\WINDOWS\system32\tttss.bak1
C:\WINDOWS\system32\tttss.ini
C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\efcbcya.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\Maxime\APPLIC~1.\macromedia\Flash Player\#SharedObjects\JCLZXK3D\www.broadcaster.com
C:\DOCUME~1\Maxime\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com
C:\DOCUME~1\Maxime\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#www.broadcaster.com\settings.sol
C:\WINDOWS\system32\agxrckml.exe
C:\WINDOWS\system32\vhqjhtbu.exe
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_DOMAINSERVICE
-------\DomainService
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
-------\LEGACY_DOMAINSERVICE
-------\DomainService
((((((((((((((((((((((((( Files Created from 2007-05-27 to 2007-06-27 )))))))))))))))))))))))))))))))
Logfile of HijackThis v1.99.1
Scan saved at 19:10, on 2007-06-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\ComboFix\catchme.cfexe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {D75D13CF-2D08-4AE0-9C00-D2984EB87595} - C:\WINDOWS\system32\pmkjg.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Scan saved at 19:10, on 2007-06-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\ComboFix\catchme.cfexe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {D75D13CF-2D08-4AE0-9C00-D2984EB87595} - C:\WINDOWS\system32\pmkjg.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
"Maxime" - 2007-06-27 19:26:03 - ComboFix 07-06-27.7 - Service Pack 2 NTFS
((((((((((((((((((((((((( Files Created from 2007-05-27 to 2007-06-27 )))))))))))))))))))))))))))))))
2007-06-27 18:39 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-26 22:44 128,576 --a------ C:\WINDOWS\system32\ssiwlagp.dll
2007-06-26 22:41 66,112 --a------ C:\WINDOWS\system32\vrcxecpd.dll
2007-06-26 19:46 <REP> d-------- C:\Program Files\Navilog1
2007-06-25 22:34 4,672 --a------ C:\WINDOWS\system32\ewtkapor.exe
2007-06-25 22:04 <REP> d-------- C:\VundoFix Backups
2007-06-25 21:12 71,411 --a------ C:\DOCUME~1\Maxime\call.exe
2007-06-25 21:12 239,715 --a------ C:\DOCUME~1\Maxime\services.exe
2007-06-24 14:43 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2007-06-24 14:43 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-06-24 14:39 <REP> d-------- C:\WINDOWS\network diagnostic
2007-06-19 21:47 <REP> d-------- C:\Program Files\Dial-Messenger
2007-06-18 17:40 20,976 --a------ C:\WINDOWS\system\CTL3D.DLL
2007-06-18 17:40 <REP> d-------- C:\FXIWIN19
2007-06-18 17:40 <REP> d-------- C:\DOCUME~1\Maxime\WINDOWS
2007-06-13 17:30 <REP> d-------- C:\bccceb4f35776fe9d2c55ab353
2007-06-05 22:18 <REP> d-------- C:\Program Files\Macrogaming
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-27 16:36:54 -------- d-----w C:\Program Files\Lx_cats
2007-06-25 20:22:26 -------- d-----w C:\Program Files\Wanadoo
2007-06-25 19:04:46 -------- d-----w C:\Program Files\MSN Messenger
2007-06-23 18:54:23 -------- d-----w C:\Program Files\eMule
2007-06-23 18:54:19 -------- d-----w C:\DOCUME~1\Maxime\APPLIC~1\Azureus
2007-06-16 11:43:16 -------- d-----w C:\Program Files\PacificPoker
2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-30 17:31:28 -------- d-----w C:\Program Files\Windows Media Connect 2
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-04-27 16:57:09 78 ----a-w C:\WINDOWS\system32\netwbix32.dll
2007-04-25 14:22:35 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 20:38]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{D75D13CF-2D08-4AE0-9C00-D2984EB87595}=C:\WINDOWS\system32\pmkjg.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-06-21 19:14]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57]
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [2005-12-07 10:26]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [2005-12-07 10:33]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
"lxcemon.exe"="C:\Program Files\Lexmark 4300 Series\lxcemon.exe" [2005-03-22 19:25]
"EzPrint"="C:\Program Files\Lexmark 4300 Series\ezprint.exe" [2005-02-15 12:07]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-03-16 11:10]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-10-16 10:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 15:49]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-24 12:24]
"EA Core"="C:\Program Files\Electronic Arts\EA Link\Core.exe" [2007-04-17 07:59]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"=0 (0x0)
"NoFind"=0 (0x0)
"NoRun"=0 (0x0)
"NoDesktop"=0 (0x0)
"NoControlPanel"=0 (0x0)
"NoClose"=0 (0x0)
"StartMenuLogOff"=0 (0x0)
"HideClock"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe
Contents of the 'Scheduled Tasks' folder
2006-12-25 11:09:39 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
**************************************************************************
catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-27 19:27:11
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-06-27 19:27:41
C:\ComboFix-quarantined-files.txt ... 2007-06-27 19:27
C:\ComboFix2.txt ... 2007-06-27 18:52
--- E O F ---
((((((((((((((((((((((((( Files Created from 2007-05-27 to 2007-06-27 )))))))))))))))))))))))))))))))
2007-06-27 18:39 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-26 22:44 128,576 --a------ C:\WINDOWS\system32\ssiwlagp.dll
2007-06-26 22:41 66,112 --a------ C:\WINDOWS\system32\vrcxecpd.dll
2007-06-26 19:46 <REP> d-------- C:\Program Files\Navilog1
2007-06-25 22:34 4,672 --a------ C:\WINDOWS\system32\ewtkapor.exe
2007-06-25 22:04 <REP> d-------- C:\VundoFix Backups
2007-06-25 21:12 71,411 --a------ C:\DOCUME~1\Maxime\call.exe
2007-06-25 21:12 239,715 --a------ C:\DOCUME~1\Maxime\services.exe
2007-06-24 14:43 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2007-06-24 14:43 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-06-24 14:39 <REP> d-------- C:\WINDOWS\network diagnostic
2007-06-19 21:47 <REP> d-------- C:\Program Files\Dial-Messenger
2007-06-18 17:40 20,976 --a------ C:\WINDOWS\system\CTL3D.DLL
2007-06-18 17:40 <REP> d-------- C:\FXIWIN19
2007-06-18 17:40 <REP> d-------- C:\DOCUME~1\Maxime\WINDOWS
2007-06-13 17:30 <REP> d-------- C:\bccceb4f35776fe9d2c55ab353
2007-06-05 22:18 <REP> d-------- C:\Program Files\Macrogaming
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-27 16:36:54 -------- d-----w C:\Program Files\Lx_cats
2007-06-25 20:22:26 -------- d-----w C:\Program Files\Wanadoo
2007-06-25 19:04:46 -------- d-----w C:\Program Files\MSN Messenger
2007-06-23 18:54:23 -------- d-----w C:\Program Files\eMule
2007-06-23 18:54:19 -------- d-----w C:\DOCUME~1\Maxime\APPLIC~1\Azureus
2007-06-16 11:43:16 -------- d-----w C:\Program Files\PacificPoker
2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-30 17:31:28 -------- d-----w C:\Program Files\Windows Media Connect 2
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-04-27 16:57:09 78 ----a-w C:\WINDOWS\system32\netwbix32.dll
2007-04-25 14:22:35 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 20:38]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
{D75D13CF-2D08-4AE0-9C00-D2984EB87595}=C:\WINDOWS\system32\pmkjg.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-06-21 19:14]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57]
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [2005-12-07 10:26]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [2005-12-07 10:33]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
"lxcemon.exe"="C:\Program Files\Lexmark 4300 Series\lxcemon.exe" [2005-03-22 19:25]
"EzPrint"="C:\Program Files\Lexmark 4300 Series\ezprint.exe" [2005-02-15 12:07]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-03-16 11:10]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-10-16 10:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 15:49]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-24 12:24]
"EA Core"="C:\Program Files\Electronic Arts\EA Link\Core.exe" [2007-04-17 07:59]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"=0 (0x0)
"NoFind"=0 (0x0)
"NoRun"=0 (0x0)
"NoDesktop"=0 (0x0)
"NoControlPanel"=0 (0x0)
"NoClose"=0 (0x0)
"StartMenuLogOff"=0 (0x0)
"HideClock"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe
Contents of the 'Scheduled Tasks' folder
2006-12-25 11:09:39 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
**************************************************************************
catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-27 19:27:11
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-06-27 19:27:41
C:\ComboFix-quarantined-files.txt ... 2007-06-27 19:27
C:\ComboFix2.txt ... 2007-06-27 18:52
--- E O F ---
Re,
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de ComboFix-Do.txt
Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :
![]()
Cela va relancer Combofix. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
Copie (Ctrl+C) le texte se situant dans le cadre ci-dessous :
File::
C:\WINDOWS\system32\ssiwlagp.dll
C:\WINDOWS\system32\vrcxecpd.dll
C:\WINDOWS\system32\ewtkapor.exe
C:\Documents and Settings\Maxime\call.exe
C:\Documents and Settings\Maxime\services.exe
Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D75D13CF-2D08-4AE0-9C00-D2984EB87595}]
C:\WINDOWS\system32\ssiwlagp.dll
C:\WINDOWS\system32\vrcxecpd.dll
C:\WINDOWS\system32\ewtkapor.exe
C:\Documents and Settings\Maxime\call.exe
C:\Documents and Settings\Maxime\services.exe
Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D75D13CF-2D08-4AE0-9C00-D2984EB87595}]
Ouvre le Bloc-Notes puis colle (Ctrl+V) le texte précedemment copié.
Sauvegarde ce fichier sous le nom de ComboFix-Do.txt
Glisse maintenant le fichier ComboFix-Do.txt dans Combofix.exe comme ci-dessous :
Cela va relancer Combofix. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
[#ff0000]NOTE : S'il n'y a pas de rédémarrage, poste quand même les rapports demandés.[/#f]
"Maxime" - 2007-06-27 19:36:33 - ComboFix 07-06-27.7 - Service Pack 2 NTFS
Command switches used :: C:\Documents and Settings\Maxime\Bureau\ComboFix-Do.txt
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Documents and Settings\Maxime\call.exe
C:\Documents and Settings\Maxime\services.exe
C:\WINDOWS\system32\ewtkapor.exe
C:\WINDOWS\system32\ssiwlagp.dll
C:\WINDOWS\system32\vrcxecpd.dll
((((((((((((((((((((((((( Files Created from 2007-05-27 to 2007-06-27 )))))))))))))))))))))))))))))))
2007-06-27 18:39 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-26 19:46 <REP> d-------- C:\Program Files\Navilog1
2007-06-25 22:04 <REP> d-------- C:\VundoFix Backups
2007-06-24 14:43 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2007-06-24 14:43 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-06-24 14:39 <REP> d-------- C:\WINDOWS\network diagnostic
2007-06-19 21:47 <REP> d-------- C:\Program Files\Dial-Messenger
2007-06-18 17:40 20,976 --a------ C:\WINDOWS\system\CTL3D.DLL
2007-06-18 17:40 <REP> d-------- C:\FXIWIN19
2007-06-18 17:40 <REP> d-------- C:\DOCUME~1\Maxime\WINDOWS
2007-06-13 17:30 <REP> d-------- C:\bccceb4f35776fe9d2c55ab353
2007-06-05 22:18 <REP> d-------- C:\Program Files\Macrogaming
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-27 16:36:54 -------- d-----w C:\Program Files\Lx_cats
2007-06-25 20:22:26 -------- d-----w C:\Program Files\Wanadoo
2007-06-25 19:04:46 -------- d-----w C:\Program Files\MSN Messenger
2007-06-23 18:54:23 -------- d-----w C:\Program Files\eMule
2007-06-23 18:54:19 -------- d-----w C:\DOCUME~1\Maxime\APPLIC~1\Azureus
2007-06-16 11:43:16 -------- d-----w C:\Program Files\PacificPoker
2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-30 17:31:28 -------- d-----w C:\Program Files\Windows Media Connect 2
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-04-27 16:57:09 78 ----a-w C:\WINDOWS\system32\netwbix32.dll
2007-04-25 14:22:35 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 20:38]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-06-21 19:14]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57]
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [2005-12-07 10:26]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [2005-12-07 10:33]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
"lxcemon.exe"="C:\Program Files\Lexmark 4300 Series\lxcemon.exe" [2005-03-22 19:25]
"EzPrint"="C:\Program Files\Lexmark 4300 Series\ezprint.exe" [2005-02-15 12:07]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-03-16 11:10]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-10-16 10:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 15:49]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-24 12:24]
"EA Core"="C:\Program Files\Electronic Arts\EA Link\Core.exe" [2007-04-17 07:59]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"=0 (0x0)
"NoFind"=0 (0x0)
"NoRun"=0 (0x0)
"NoDesktop"=0 (0x0)
"NoControlPanel"=0 (0x0)
"NoClose"=0 (0x0)
"StartMenuLogOff"=0 (0x0)
"HideClock"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe
Contents of the 'Scheduled Tasks' folder
2006-12-25 11:09:39 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
**************************************************************************
catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-27 19:37:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-06-27 19:37:40
C:\ComboFix-quarantined-files.txt ... 2007-06-27 19:37
C:\ComboFix2.txt ... 2007-06-27 19:27
C:\ComboFix3.txt ... 2007-06-27 18:52
--- E O F ---
Command switches used :: C:\Documents and Settings\Maxime\Bureau\ComboFix-Do.txt
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\Documents and Settings\Maxime\call.exe
C:\Documents and Settings\Maxime\services.exe
C:\WINDOWS\system32\ewtkapor.exe
C:\WINDOWS\system32\ssiwlagp.dll
C:\WINDOWS\system32\vrcxecpd.dll
((((((((((((((((((((((((( Files Created from 2007-05-27 to 2007-06-27 )))))))))))))))))))))))))))))))
2007-06-27 18:39 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-06-26 19:46 <REP> d-------- C:\Program Files\Navilog1
2007-06-25 22:04 <REP> d-------- C:\VundoFix Backups
2007-06-24 14:43 <REP> d--h----- C:\WINDOWS\msdownld.tmp
2007-06-24 14:43 <REP> d-------- C:\WINDOWS\system32\fr-fr
2007-06-24 14:39 <REP> d-------- C:\WINDOWS\network diagnostic
2007-06-19 21:47 <REP> d-------- C:\Program Files\Dial-Messenger
2007-06-18 17:40 20,976 --a------ C:\WINDOWS\system\CTL3D.DLL
2007-06-18 17:40 <REP> d-------- C:\FXIWIN19
2007-06-18 17:40 <REP> d-------- C:\DOCUME~1\Maxime\WINDOWS
2007-06-13 17:30 <REP> d-------- C:\bccceb4f35776fe9d2c55ab353
2007-06-05 22:18 <REP> d-------- C:\Program Files\Macrogaming
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-06-27 16:36:54 -------- d-----w C:\Program Files\Lx_cats
2007-06-25 20:22:26 -------- d-----w C:\Program Files\Wanadoo
2007-06-25 19:04:46 -------- d-----w C:\Program Files\MSN Messenger
2007-06-23 18:54:23 -------- d-----w C:\Program Files\eMule
2007-06-23 18:54:19 -------- d-----w C:\DOCUME~1\Maxime\APPLIC~1\Azureus
2007-06-16 11:43:16 -------- d-----w C:\Program Files\PacificPoker
2007-05-16 15:13:53 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
2007-04-30 17:31:28 -------- d-----w C:\Program Files\Windows Media Connect 2
2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe
2007-04-30 15:41:55 85,952 ----a-w C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-30 15:41:42 94,552 ----a-w C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-30 15:39:41 23,416 ----a-w C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-30 15:38:51 43,176 ----a-w C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-30 15:37:23 26,888 ----a-w C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr
2007-04-27 16:57:09 78 ----a-w C:\WINDOWS\system32\netwbix32.dll
2007-04-25 14:22:35 144,896 ----a-w C:\WINDOWS\system32\schannel.dll
2007-04-18 16:14:18 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll
2007-04-16 20:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll
2007-04-16 20:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll
2007-04-16 20:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll
2007-04-16 20:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll
2007-04-16 20:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll
2007-04-16 20:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll
2007-04-16 20:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe
2007-04-16 20:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}=C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 20:38]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}=C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-03-14 03:43]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-04-30 17:42]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2006-06-21 19:14]
"Smapp"="C:\Program Files\Analog Devices\SoundMAX\SMTray.exe" [2003-05-05 08:57]
"LogitechCameraAssistant"="C:\Program Files\Logitech\Video\CameraAssistant.exe" [2005-12-07 10:26]
"LogitechVideo[inspector]"="C:\Program Files\Logitech\Video\InstallHelper.exe" [2005-12-07 10:33]
"Adobe Photo Downloader"="C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe" [2005-06-06 23:46]
"lxcemon.exe"="C:\Program Files\Lexmark 4300 Series\lxcemon.exe" [2005-03-22 19:25]
"EzPrint"="C:\Program Files\Lexmark 4300 Series\ezprint.exe" [2005-02-15 12:07]
"FaxCenterServer"="C:\Program Files\Lexmark Fax Solutions\fm3032.exe" [2005-03-16 11:10]
"MessengerPlus3"="C:\Program Files\MessengerPlus! 3\MsgPlus.exe" [2006-10-16 10:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [2007-03-14 03:43]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 15:49]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-10-25 19:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2006-10-30 10:36]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-03-24 12:24]
"EA Core"="C:\Program Files\Electronic Arts\EA Link\Core.exe" [2007-04-17 07:59]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegedit"=0 (0x0)
"NoFind"=0 (0x0)
"NoRun"=0 (0x0)
"NoDesktop"=0 (0x0)
"NoControlPanel"=0 (0x0)
"NoClose"=0 (0x0)
"StartMenuLogOff"=0 (0x0)
"HideClock"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOKIT]
C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOTASKBARICON]
C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WOOWATCH]
C:\PROGRA~1\Wanadoo\Watch.exe
Contents of the 'Scheduled Tasks' folder
2006-12-25 11:09:39 C:\WINDOWS\tasks\AppleSoftwareUpdate.job
**************************************************************************
catchme 0.3.721 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-06-27 19:37:07
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-06-27 19:37:40
C:\ComboFix-quarantined-files.txt ... 2007-06-27 19:37
C:\ComboFix2.txt ... 2007-06-27 19:27
C:\ComboFix3.txt ... 2007-06-27 18:52
--- E O F ---
Logfile of HijackThis v1.99.1
Scan saved at 19:55, on 2007-06-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Scan saved at 19:55, on 2007-06-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Re,
Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)
Redémarre en mode sans échec
Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Redémarre normalement.
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.
Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)
Redémarre en mode sans échec
Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Redémarre normalement.
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:03 2007-06-27
+ Résultat de l'analyse:
C:\QooBox\Quarantine\C\WINDOWS\system32\awtqqon.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtronm.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtstsr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtstuu.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\awttusq.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtusrr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtuuvw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxvtro.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxwxww.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxxxvw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxyaab.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxyvss.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxyxyw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxyyvt.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxyyvu.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\cbxyyyw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ddcabba.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ddccaby.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ddcdbya.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\efcbcya.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\fcccaxx.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\fccdbcb.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\gebbywx.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\gebywvw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\gebyyax.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\hgggddd.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\hgggdeb.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\iifcdax.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\iifdeee.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\iifeccb.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\jkkhefd.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\jkkiijh.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\jkkkjgg.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\jkkkkki.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfcbxy.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfdcyv.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfddbc.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfddef.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfdeff.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfeebb.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ljjjjgg.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\mljghif.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\mljihed.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\mljjklj.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\mljkihi.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\nnnkiji.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\nnnnlkh.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\opnkhif.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\opnllmj.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\opnmlmk.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\opnnnnk.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\pmnnmlk.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\pmnnmlm.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\qomklmk.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\qomlmno.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\qomnlkj.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\qomnnkl.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\rqroljk.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\rqropnk.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\rqrpopp.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\rqrsqnm.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ssqrono.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ssqrqro.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\tuvwtsr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\tuvwwwx.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\tuvwxur.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\urqnljg.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\urqrqro.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\vtuutrq.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\vtuuusq.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\vtuuuus.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvursrr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvusqqr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvusrqp.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvutqpp.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvutspn.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvutstt.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvuurqr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\xxyvuvw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\xxywwtr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\xxywwwx.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\yaywxyw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079478.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079479.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079480.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079481.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079482.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079483.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079484.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079485.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079486.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079487.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079488.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079489.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079490.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079491.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079492.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079493.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079494.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079495.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079496.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079497.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079498.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079499.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079500.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079501.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079502.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079503.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079504.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079505.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079506.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079507.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079508.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079509.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079510.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079511.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079512.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079513.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079514.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079515.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079516.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079517.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079518.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079519.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079520.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079521.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079522.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079523.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079524.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079525.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079526.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079527.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079528.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079529.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079530.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079531.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079532.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079533.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079534.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079535.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079536.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079537.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079538.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079539.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079540.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079541.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079542.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079543.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079544.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079545.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079546.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079547.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079548.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079549.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079550.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079551.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079552.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079553.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079554.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079555.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079556.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079557.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079558.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079560.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP161\A0060316.exe/hamma.exe -> Backdoor.Bifrost : Nettoyé.
C:\Documents and Settings\Maxime\Mes documents\Mes fichiers reçus\photo album.zip/photo album2007.pif -> Backdoor.IRCBot.aaq : Nettoyé.
C:\Program Files\MSN Messenger\msnmsgr.exe -> Backdoor.MSNMaker.ag : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP226\A0079252.com -> Backdoor.MSNMaker.ag : Nettoyé.
:mozilla.594:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.595:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.596:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.597:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.598:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.599:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.600:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.528:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.529:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.530:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.531:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.532:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.533:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.534:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.535:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.536:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.548:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.550:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.551:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@www.adobe[1].txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.107:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.108:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.100:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.105:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.106:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.94:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.95:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.311:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.29:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.28:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@banner.casinoking[2].txt -> TrackingCookie.Casinoking : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@casinoking[2].txt -> TrackingCookie.Casinoking : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.113:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.114:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.115:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.116:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.117:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@connextra[2].txt -> TrackingCookie.Connextra : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Nettoyé.
:mozilla.809:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.810:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.811:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.812:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.109:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.170:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.396:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.397:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.398:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.399:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyé.
:mozilla.507:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.702:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.765:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.856:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@banner.grandonline[2].txt -> TrackingCookie.Grandonline : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@grandonline[2].txt -> TrackingCookie.Grandonline : Nettoyé.
:mozilla.264:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.265:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.266:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.633:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@ehg-cogemag.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@ehg-deltatre.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.871:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.872:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.65:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
:mozilla.66:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
:mozilla.67:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé.
:mozilla.358:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Live : Nettoyé.
:mozilla.359:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Live : Nettoyé.
:mozilla.360:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@lop[1].txt -> TrackingCookie.Lop : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@www.lop[2].txt -> TrackingCookie.Lop : Nettoyé.
:mozilla.127:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.128:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@ie.search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.18:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.171:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.172:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.173:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.794:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.409:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.410:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.411:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.412:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.413:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.414:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.415:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.416:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.417:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.418:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.419:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@stats2.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.64:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.388:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.389:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.390:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.391:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.392:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.393:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.577:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.578:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.579:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.580:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.581:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.582:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.583:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.584:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.585:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.586:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.193:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.194:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.15:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.7:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.8:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.9:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.438:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.439:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.440:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.443:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@toplist[1].txt -> TrackingCookie.Toplist : Nettoyé.
:mozilla.40:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.41:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.42:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.43:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.718:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@www.vegasred[1].txt -> TrackingCookie.Vegasred : Nettoyé.
:mozilla.11:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.12:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.13:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.14:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.401:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.59:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.60:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.61:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.62:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.63:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.568:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.569:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.570:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\agxrckml.exe.vir -> Trojan.Agent.aoy : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\vhqjhtbu.exe.vir -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079476.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079477.exe -> Trojan.Agent.aoy : Nettoyé.
C:\_OTMoveIt\MovedFiles\Program Files\Adverts\uninst.exe -> Trojan.Obfuscated.en : Nettoyé.
Fin du rapport
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 23:03 2007-06-27
+ Résultat de l'analyse:
C:\QooBox\Quarantine\C\WINDOWS\system32\awtqqon.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtronm.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtstsr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtstuu.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\awttusq.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtusrr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\awtuuvw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxvtro.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxwxww.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxxxvw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxyaab.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxyvss.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxyxyw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxyyvt.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\byxyyvu.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\cbxyyyw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ddcabba.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ddccaby.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ddcdbya.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\efcbcya.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\fcccaxx.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\fccdbcb.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\gebbywx.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\gebywvw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\gebyyax.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\hgggddd.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\hgggdeb.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\iifcdax.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\iifdeee.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\iifeccb.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\jkkhefd.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\jkkiijh.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\jkkkjgg.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\jkkkkki.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfcbxy.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfdcyv.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfddbc.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfddef.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfdeff.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\khfeebb.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ljjjjgg.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\mljghif.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\mljihed.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\mljjklj.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\mljkihi.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\nnnkiji.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\nnnnlkh.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\opnkhif.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\opnllmj.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\opnmlmk.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\opnnnnk.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\pmnnmlk.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\pmnnmlm.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\qomklmk.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\qomlmno.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\qomnlkj.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\qomnnkl.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\rqroljk.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\rqropnk.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\rqrpopp.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\rqrsqnm.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ssqrono.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\ssqrqro.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\tuvwtsr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\tuvwwwx.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\tuvwxur.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\urqnljg.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\urqrqro.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\vtuutrq.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\vtuuusq.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\vtuuuus.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvursrr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvusqqr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvusrqp.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvutqpp.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvutspn.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvutstt.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\wvuurqr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\xxyvuvw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\xxywwtr.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\xxywwwx.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\yaywxyw.dll.vir -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079478.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079479.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079480.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079481.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079482.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079483.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079484.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079485.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079486.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079487.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079488.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079489.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079490.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079491.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079492.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079493.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079494.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079495.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079496.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079497.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079498.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079499.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079500.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079501.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079502.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079503.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079504.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079505.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079506.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079507.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079508.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079509.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079510.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079511.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079512.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079513.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079514.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079515.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079516.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079517.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079518.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079519.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079520.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079521.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079522.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079523.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079524.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079525.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079526.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079527.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079528.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079529.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079530.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079531.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079532.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079533.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079534.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079535.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079536.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079537.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079538.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079539.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079540.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079541.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079542.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079543.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079544.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079545.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079546.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079547.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079548.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079549.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079550.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079551.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079552.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079553.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079554.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079555.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079556.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079557.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079558.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079560.dll -> Adware.Virtumonde : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP161\A0060316.exe/hamma.exe -> Backdoor.Bifrost : Nettoyé.
C:\Documents and Settings\Maxime\Mes documents\Mes fichiers reçus\photo album.zip/photo album2007.pif -> Backdoor.IRCBot.aaq : Nettoyé.
C:\Program Files\MSN Messenger\msnmsgr.exe -> Backdoor.MSNMaker.ag : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP226\A0079252.com -> Backdoor.MSNMaker.ag : Nettoyé.
:mozilla.594:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.595:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.596:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.597:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.598:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.599:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.600:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.528:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.529:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.530:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.531:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.532:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.533:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.534:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.535:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.536:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@incredimailltd.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@opodo.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@paypal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.548:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.550:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.551:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@www.adobe[1].txt -> TrackingCookie.Adobe : Nettoyé.
:mozilla.107:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.108:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.100:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.105:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.106:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.94:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.95:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.311:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.29:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.28:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@banner.casinoking[2].txt -> TrackingCookie.Casinoking : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@casinoking[2].txt -> TrackingCookie.Casinoking : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@casinotropez[2].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.113:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.114:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.115:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.116:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.117:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@connextra[2].txt -> TrackingCookie.Connextra : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Nettoyé.
:mozilla.809:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.810:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.811:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.812:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@stat.dealtime[1].txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.109:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.170:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@as1.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.396:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.397:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.398:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.399:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@banner.goldenpalace[2].txt -> TrackingCookie.Goldenpalace : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyé.
:mozilla.507:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.702:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.765:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.856:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@banner.grandonline[2].txt -> TrackingCookie.Grandonline : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@grandonline[2].txt -> TrackingCookie.Grandonline : Nettoyé.
:mozilla.264:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.265:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.266:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.633:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@ehg-cogemag.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@ehg-deltatre.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@ehg-telecomitalia.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.871:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.872:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.65:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
:mozilla.66:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
:mozilla.67:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Information : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé.
:mozilla.358:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Live : Nettoyé.
:mozilla.359:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Live : Nettoyé.
:mozilla.360:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@search.live[1].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@lop[1].txt -> TrackingCookie.Lop : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@www.lop[2].txt -> TrackingCookie.Lop : Nettoyé.
:mozilla.127:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.128:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@ie.search.msn[2].txt -> TrackingCookie.Msn : Nettoyé.
:mozilla.18:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.171:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.172:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.173:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
:mozilla.794:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.409:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.410:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.411:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.412:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.413:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.414:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.415:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.416:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.417:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.418:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.419:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@stats2.reliablestats[1].txt -> TrackingCookie.Reliablestats : Nettoyé.
:mozilla.64:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Revenue : Nettoyé.
:mozilla.388:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.389:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.390:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.391:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.392:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.393:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.577:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.578:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.579:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.580:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.581:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.582:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.583:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.584:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.585:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.586:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sexcounter : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
:mozilla.193:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.194:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Sextracker : Nettoyé.
:mozilla.15:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.7:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.8:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.9:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.438:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.439:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.440:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
:mozilla.443:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Specificclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@toplist[1].txt -> TrackingCookie.Toplist : Nettoyé.
:mozilla.40:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.41:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.42:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.43:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.718:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@valueclick[1].txt -> TrackingCookie.Valueclick : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@www.vegasred[1].txt -> TrackingCookie.Vegasred : Nettoyé.
:mozilla.11:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.12:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.13:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.14:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@m.webtrends[2].txt -> TrackingCookie.Webtrends : Nettoyé.
:mozilla.401:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Webtrendslive : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.59:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.60:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.61:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.62:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.63:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.568:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.569:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.570:C:\Documents and Settings\Maxime\Application Data\Mozilla\Firefox\Profiles\t4hfwtgv.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Maxime\Cookies\maxime@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\agxrckml.exe.vir -> Trojan.Agent.aoy : Nettoyé.
C:\QooBox\Quarantine\C\WINDOWS\system32\vhqjhtbu.exe.vir -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079476.exe -> Trojan.Agent.aoy : Nettoyé.
C:\System Volume Information\_restore{3E1B41DE-F15E-406D-B57D-9C18852071CA}\RP227\A0079477.exe -> Trojan.Agent.aoy : Nettoyé.
C:\_OTMoveIt\MovedFiles\Program Files\Adverts\uninst.exe -> Trojan.Obfuscated.en : Nettoyé.
Fin du rapport
Logfile of HijackThis v1.99.1
Scan saved at 23:10, on 2007-06-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Electronic Arts\EA Link\Core.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Scan saved at 23:10, on 2007-06-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\Logitech\Video\CameraAssistant.exe
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\Lexmark 4300 Series\lxcemon.exe
C:\Program Files\Lexmark 4300 Series\ezprint.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\lvcomsx.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Electronic Arts\EA Link\Core.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\lxcecoms.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Maxime\Bureau\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.01net.com/telecharger/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe
O4 - HKLM\..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [lxcemon.exe] "C:\Program Files\Lexmark 4300 Series\lxcemon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 4300 Series\ezprint.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LXCECATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCEtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - Startup: Eurobarre.lnk = C:\Program Files\Eurobarre\eb.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.net - {F4430FE8-2638-42e5-B849-800749B94EED} - C:\Program Files\PartyGaming.Net\PartyPokerNet\RunPF.exe (file missing)
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Wanadoo - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.wanadoo.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown....
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab569...
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\fichiers communs\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: lxce_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcecoms.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Bonjour,
je viens de lire l'aide apportée précieuse aux virus de type "retadpu420.exe/upx.
Je suis perdue car je viens de l'avoir depuis cet après midi et je me demande si je peux suivre la meme procedure que celle décrite précédemment.
Pourriez vous m'aider svp, mes anti virus "avast" ni adaware" ni regcleaner n'ont su me l'enlever.
Et le message "windows ne trouve pas le fichier retadup420.exe" apparaît sans cesse, et "avast" donne sans cesse l'alerte.
De plus, mes contacts msn attrapent ce virus à tour de rôle.
Que faire??? svp svp svp
Puis je suivre la meme procédure ?
Mille mercis
je viens de lire l'aide apportée précieuse aux virus de type "retadpu420.exe/upx.
Je suis perdue car je viens de l'avoir depuis cet après midi et je me demande si je peux suivre la meme procedure que celle décrite précédemment.
Pourriez vous m'aider svp, mes anti virus "avast" ni adaware" ni regcleaner n'ont su me l'enlever.
Et le message "windows ne trouve pas le fichier retadup420.exe" apparaît sans cesse, et "avast" donne sans cesse l'alerte.
De plus, mes contacts msn attrapent ce virus à tour de rôle.
Que faire??? svp svp svp
Puis je suivre la meme procédure ?
Mille mercis
Bonjour,
je viens de lire l'aide apportée précieuse aux virus de type "retadpu420.exe/upx.
Je suis perdue car je viens de l'avoir depuis cet après midi et je me demande si je peux suivre la meme procedure que celle décrite précédemment.
Pourriez vous m'aider svp, mes anti virus "avast" ni adaware" ni regcleaner n'ont su me l'enlever.
Et le message "windows ne trouve pas le fichier retadup420.exe" apparaît sans cesse, et "avast" donne sans cesse l'alerte.
De plus, mes contacts msn attrapent ce virus à tour de rôle.
Que faire??? svp svp svp
Puis je suivre la meme procédure ?
Mille mercis
je viens de lire l'aide apportée précieuse aux virus de type "retadpu420.exe/upx.
Je suis perdue car je viens de l'avoir depuis cet après midi et je me demande si je peux suivre la meme procedure que celle décrite précédemment.
Pourriez vous m'aider svp, mes anti virus "avast" ni adaware" ni regcleaner n'ont su me l'enlever.
Et le message "windows ne trouve pas le fichier retadup420.exe" apparaît sans cesse, et "avast" donne sans cesse l'alerte.
De plus, mes contacts msn attrapent ce virus à tour de rôle.
Que faire??? svp svp svp
Puis je suivre la meme procédure ?
Mille mercis
Lassé par la pub ? Créez un compte
