virus msn!!!!
Dernière réponse : dans Sécurité
salut hier j'avais posté 1sujet sur le virus msn mais apparament ca a pas marché!aidez moi s'il vous plait!!j'ai 1peu commencé donc voici le rapport msn fix:
MSNFix 1.488
C:\Documents and Settings\fred\Bureau\MSNFix
Fix exécuté le 04/09/2007 - 19:39:09,28 By fred
mode normal
************************ Recherche les fichiers présents
... C:\WINDOWS\wdfmgr.exe
... C:\WINDOWS\Z058_jpg.zip
... C:\WINDOWS\system32\java.exe
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\Z058_jpg.zip
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Suppression des fichiers
/!\ ... C:\WINDOWS\wdfmgr.exe
.. OK ... C:\WINDOWS\Z058_jpg.zip
.. OK ... C:\WINDOWS\system32\java.exe
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\WINDOWS\Z058_jpg.zip
************************ Nettoyage du registre
Les fichiers encore présents seront supprimés au prochain redémarrage
************************ Suppression des fichiers
.. OK ... C:\WINDOWS\wdfmgr.exe
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\WINDOWS\system32\ygpss.scr] FDF159E6C4EE927B245C4B1C83882C10
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 04092007_19424734.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
MSNFix 1.488
C:\Documents and Settings\fred\Bureau\MSNFix
Fix exécuté le 04/09/2007 - 19:39:09,28 By fred
mode normal
************************ Recherche les fichiers présents
... C:\WINDOWS\wdfmgr.exe
... C:\WINDOWS\Z058_jpg.zip
... C:\WINDOWS\system32\java.exe
... C:\WINDOWS\system32\microsoft\backup.ftp
... C:\WINDOWS\system32\microsoft\backup.tftp
... C:\WINDOWS\Z058_jpg.zip
************************ Recherche les dossiers présents
Aucun dossier trouvé
************************ Suppression des fichiers
/!\ ... C:\WINDOWS\wdfmgr.exe
.. OK ... C:\WINDOWS\Z058_jpg.zip
.. OK ... C:\WINDOWS\system32\java.exe
.. OK ... C:\WINDOWS\system32\microsoft\backup.ftp
.. OK ... C:\WINDOWS\system32\microsoft\backup.tftp
.. OK ... C:\WINDOWS\Z058_jpg.zip
************************ Nettoyage du registre
Les fichiers encore présents seront supprimés au prochain redémarrage
************************ Suppression des fichiers
.. OK ... C:\WINDOWS\wdfmgr.exe
************************ Fichiers suspects
/!\ ces fichiers nécessitent un avis expérimenté avant toute intervention
[C:\WINDOWS\system32\ygpss.scr] FDF159E6C4EE927B245C4B1C83882C10
Les fichiers et clés de registre supprimés ont été sauvegardés dans le fichier 04092007_19424734.zip
------------------------------------------------------------------------
Auteur : !aur3n7 Contact: http://changelog.fr
------------------------------------------------------------------------
--------------------------------------------- END ---------------------------------------------
Autres pages sur : virus msn
Lassé par la pub ? Créez un compte
et voici combo fix:
ComboFix 07-08-30.3 - "fred" 2007-09-06 19:45:02.3 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.561 [GMT 2:00]
((((((((((((((((((((((((( Files Created from 2007-08-06 to 2007-09-06 )))))))))))))))))))))))))))))))
2007-09-04 19:47 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-09-04 19:39 17,920 --a------ C:\WINDOWS\system32\dllcache\tftp.exe
2007-09-03 20:13 <REP> d-------- C:\MSNFix
2007-08-21 14:51 <REP> d-------- C:\Program Files\Pando Networks
2007-08-21 14:26 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2007-08-21 14:26 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2007-08-21 14:26 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2007-08-21 14:26 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2007-08-21 14:26 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2007-08-21 14:26 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2007-08-21 14:26 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2007-08-21 14:26 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2007-08-12 22:42 <REP> d-------- C:\WINDOWS\popup
2007-08-12 22:42 <REP> d-------- C:\WINDOWS\Groups
2007-08-12 15:42 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2007-08-12 15:42 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-09-06 19:36 --------- d-------- C:\Program Files\Wanadoo
2007-09-06 19:29 --------- d-------- C:\DOCUME~1\fred\APPLIC~1\OpenOffice.org2
2007-09-03 19:47 46080 --a------ C:\WINDOWS\system32\ftp.exe
2007-08-27 20:01 --------- d-------- C:\Program Files\MSN Messenger
2007-08-27 08:06 --------- d-------- C:\DOCUME~1\Alain\APPLIC~1\OpenOffice.org2
2007-08-25 14:26 --------- d-------- C:\DOCUME~1\fred\APPLIC~1\uTorrent
2007-08-11 14:51 --------- d-------- C:\DOCUME~1\fred\APPLIC~1\LimeWire
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll
2007-07-28 00:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-28 00:02 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-28 00:02 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-27 23:59 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-27 23:58 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-27 23:57 95608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-07-19 08:58 3583488 --------- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll
2007-07-07 13:28 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-06-27 15:24 823808 --------- C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 15:24 671232 --------- C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 15:24 477696 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 15:24 193024 --------- C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 15:24 1152000 --------- C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 15:23 27648 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 15:22 132608 --------- C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 09:00 161792 --------- C:\WINDOWS\system32\dllcache\ieakui.dll
2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-26 08:09 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 15:32 282112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
2007-06-13 15:22 1037312 --------- C:\WINDOWS\system32\dllcache\explorer.exe
((((((((((((((((((((((((((((( snapshot_2007-09-04_195033,57 )))))))))))))))))))))))))))))))))))))))))
-c----w 317,440 2006-11-03 07:58:34 C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe
-c----w 216,800 2005-06-28 08:23:40 C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe
-c----w 371,424 2005-06-28 08:23:54 C:\WINDOWS\$NtUninstallKB939683$\spuninst\updspapi.dll
----a-w 318,976 2007-06-29 09:59:14 C:\WINDOWS\inf\unregmp2.exe
----a-w 70,124 2007-09-06 05:17:13 C:\WINDOWS\system32\perfc009.dat
----a-w 83,046 2007-09-06 05:17:13 C:\WINDOWS\system32\perfc00C.dat
----a-w 436,360 2007-09-06 05:17:13 C:\WINDOWS\system32\perfh009.dat
----a-w 504,492 2007-09-06 05:17:13 C:\WINDOWS\system32\perfh00C.dat
----atw 16,384 2007-09-06 05:12:06 C:\WINDOWS\Temp\Perflib_Perfdata_480.dat
----a-w 317,440 2006-11-03 07:58:34 C:\WINDOWS\inf\unregmp2.exe
----a-w 70,124 2007-09-04 17:47:23 C:\WINDOWS\system32\perfc009.dat
----a-w 83,046 2007-09-04 17:47:23 C:\WINDOWS\system32\perfc00C.dat
----a-w 436,360 2007-09-04 17:47:23 C:\WINDOWS\system32\perfh009.dat
----a-w 504,492 2007-09-04 17:47:23 C:\WINDOWS\system32\perfh00C.dat
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03]
"EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 06:00]
"GSICONEXE"="GSICON.EXE" []
"DSLAGENTEXE"="DSLAGENT.exe" []
"GsiFinal"="gspndll.dll" [2002-01-23 00:01 C:\WINDOWS\system32\gspnDll.dll]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [2005-04-13 03:48]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-10-07 21:20]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-10-07 21:16]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00]
"WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"msnmsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"Pando"="C:\Program Files\Pando Networks\Pando\Pando.exe" [2007-08-16 19:55]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd4a3df8-03c6-11dc-9f5b-000e5048b0b9}]
AutoRun\command- start.exe
FramaKey\command- start.exe
Contents of the 'Scheduled Tasks' folder
2007-05-14 12:33:47 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job - C:\WINDOWS\system32\OOBE\oobebaln.exe
2007-05-14 12:33:47 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job - C:\WINDOWS\system32\OOBE\oobebaln.exe
2007-05-14 12:33:47 C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job - C:\WINDOWS\system32\OOBE\oobebaln.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-06 19:46:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-09-06 19:47:33
C:\ComboFix-quarantined-files.txt ... 2007-09-06 19:47
C:\ComboFix2.txt ... 2007-09-05 19:52
C:\ComboFix3.txt ... 2007-09-04 19:50
que dois je faire svp!!!!
ComboFix 07-08-30.3 - "fred" 2007-09-06 19:45:02.3 - NTFSx86
Microsoft Windows XP dition familiale 5.1.2600.2.1252.1.1036.18.561 [GMT 2:00]
((((((((((((((((((((((((( Files Created from 2007-08-06 to 2007-09-06 )))))))))))))))))))))))))))))))
2007-09-04 19:47 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-09-04 19:39 17,920 --a------ C:\WINDOWS\system32\dllcache\tftp.exe
2007-09-03 20:13 <REP> d-------- C:\MSNFix
2007-08-21 14:51 <REP> d-------- C:\Program Files\Pando Networks
2007-08-21 14:26 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2007-08-21 14:26 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2007-08-21 14:26 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2007-08-21 14:26 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2007-08-21 14:26 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2007-08-21 14:26 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2007-08-21 14:26 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2007-08-21 14:26 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2007-08-12 22:42 <REP> d-------- C:\WINDOWS\popup
2007-08-12 22:42 <REP> d-------- C:\WINDOWS\Groups
2007-08-12 15:42 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll
2007-08-12 15:42 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-09-06 19:36 --------- d-------- C:\Program Files\Wanadoo
2007-09-06 19:29 --------- d-------- C:\DOCUME~1\fred\APPLIC~1\OpenOffice.org2
2007-09-03 19:47 46080 --a------ C:\WINDOWS\system32\ftp.exe
2007-08-27 20:01 --------- d-------- C:\Program Files\MSN Messenger
2007-08-27 08:06 --------- d-------- C:\DOCUME~1\Alain\APPLIC~1\OpenOffice.org2
2007-08-25 14:26 --------- d-------- C:\DOCUME~1\fred\APPLIC~1\uTorrent
2007-08-11 14:51 --------- d-------- C:\DOCUME~1\fred\APPLIC~1\LimeWire
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\dllcache\cdm.dll
2007-07-30 19:19 92504 --a------ C:\WINDOWS\system32\cdm.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\wuapi.dll
2007-07-30 19:19 549720 --a------ C:\WINDOWS\system32\dllcache\wuapi.dll
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-07-30 19:19 53080 --a------ C:\WINDOWS\system32\dllcache\wuauclt.exe
2007-07-30 19:19 43352 --a------ C:\WINDOWS\system32\wups2.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\wucltui.dll
2007-07-30 19:19 325976 --a------ C:\WINDOWS\system32\dllcache\wucltui.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\wuweb.dll
2007-07-30 19:19 203096 --a------ C:\WINDOWS\system32\dllcache\wuweb.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-07-30 19:19 1712984 --a------ C:\WINDOWS\system32\dllcache\wuaueng.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\wups.dll
2007-07-30 19:18 33624 --a------ C:\WINDOWS\system32\dllcache\wups.dll
2007-07-28 00:07 783224 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-07-28 00:02 94416 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-07-28 00:02 92848 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-07-28 00:00 23152 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-07-27 23:59 42912 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-07-27 23:58 26624 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-07-27 23:57 95608 --a------ C:\WINDOWS\system32\AvastSS.scr
2007-07-19 08:58 3583488 --------- C:\WINDOWS\system32\dllcache\mshtml.dll
2007-07-13 01:30 765952 --a------ C:\WINDOWS\system32\dllcache\vgx.dll
2007-07-07 13:28 --------- d-------- C:\Program Files\Windows Media Connect 2
2007-06-27 15:24 823808 --------- C:\WINDOWS\system32\dllcache\wininet.dll
2007-06-27 15:24 671232 --------- C:\WINDOWS\system32\dllcache\mstime.dll
2007-06-27 15:24 477696 --------- C:\WINDOWS\system32\dllcache\mshtmled.dll
2007-06-27 15:24 232960 --------- C:\WINDOWS\system32\dllcache\webcheck.dll
2007-06-27 15:24 193024 --------- C:\WINDOWS\system32\dllcache\msrating.dll
2007-06-27 15:24 1152000 --------- C:\WINDOWS\system32\dllcache\urlmon.dll
2007-06-27 15:24 105984 --------- C:\WINDOWS\system32\dllcache\url.dll
2007-06-27 15:24 102400 --------- C:\WINDOWS\system32\dllcache\occache.dll
2007-06-27 15:23 6058496 --------- C:\WINDOWS\system32\dllcache\ieframe.dll
2007-06-27 15:23 52224 --------- C:\WINDOWS\system32\dllcache\msfeedsbs.dll
2007-06-27 15:23 459264 --------- C:\WINDOWS\system32\dllcache\msfeeds.dll
2007-06-27 15:23 44544 --------- C:\WINDOWS\system32\dllcache\iernonce.dll
2007-06-27 15:23 27648 --------- C:\WINDOWS\system32\dllcache\jsproxy.dll
2007-06-27 15:23 267776 --------- C:\WINDOWS\system32\dllcache\iertutil.dll
2007-06-27 15:22 384512 --------- C:\WINDOWS\system32\dllcache\iedkcs32.dll
2007-06-27 15:22 383488 --------- C:\WINDOWS\system32\dllcache\ieapfltr.dll
2007-06-27 15:22 230400 --------- C:\WINDOWS\system32\dllcache\ieaksie.dll
2007-06-27 15:22 153088 --------- C:\WINDOWS\system32\dllcache\ieakeng.dll
2007-06-27 15:22 132608 --------- C:\WINDOWS\system32\dllcache\extmgr.dll
2007-06-27 15:22 124928 --------- C:\WINDOWS\system32\dllcache\advpack.dll
2007-06-27 10:28 625152 --------- C:\WINDOWS\system32\dllcache\iexplore.exe
2007-06-27 10:27 63488 --------- C:\WINDOWS\system32\dllcache\ie4uinit.exe
2007-06-27 10:27 13824 --------- C:\WINDOWS\system32\dllcache\ieudinit.exe
2007-06-27 09:00 161792 --------- C:\WINDOWS\system32\dllcache\ieakui.dll
2007-06-26 08:09 1104896 --a------ C:\WINDOWS\system32\msxml3.dll
2007-06-26 08:09 1104896 --------- C:\WINDOWS\system32\dllcache\msxml3.dll
2007-06-19 15:32 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-06-19 15:32 282112 --------- C:\WINDOWS\system32\dllcache\gdi32.dll
2007-06-13 15:22 1037312 --a------ C:\WINDOWS\explorer.exe
2007-06-13 15:22 1037312 --------- C:\WINDOWS\system32\dllcache\explorer.exe
((((((((((((((((((((((((((((( snapshot_2007-09-04_195033,57 )))))))))))))))))))))))))))))))))))))))))
-c----w 317,440 2006-11-03 07:58:34 C:\WINDOWS\$NtUninstallKB939683$\unregmp2.exe
-c----w 216,800 2005-06-28 08:23:40 C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe
-c----w 371,424 2005-06-28 08:23:54 C:\WINDOWS\$NtUninstallKB939683$\spuninst\updspapi.dll
----a-w 318,976 2007-06-29 09:59:14 C:\WINDOWS\inf\unregmp2.exe
----a-w 70,124 2007-09-06 05:17:13 C:\WINDOWS\system32\perfc009.dat
----a-w 83,046 2007-09-06 05:17:13 C:\WINDOWS\system32\perfc00C.dat
----a-w 436,360 2007-09-06 05:17:13 C:\WINDOWS\system32\perfh009.dat
----a-w 504,492 2007-09-06 05:17:13 C:\WINDOWS\system32\perfh00C.dat
----atw 16,384 2007-09-06 05:12:06 C:\WINDOWS\Temp\Perflib_Perfdata_480.dat
----a-w 317,440 2006-11-03 07:58:34 C:\WINDOWS\inf\unregmp2.exe
----a-w 70,124 2007-09-04 17:47:23 C:\WINDOWS\system32\perfc009.dat
----a-w 83,046 2007-09-04 17:47:23 C:\WINDOWS\system32\perfc00C.dat
----a-w 436,360 2007-09-04 17:47:23 C:\WINDOWS\system32\perfh009.dat
----a-w 504,492 2007-09-04 17:47:23 C:\WINDOWS\system32\perfh00C.dat
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-07-28 00:03]
"EPSON Stylus DX3800 Series"="C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.exe" [2005-02-08 06:00]
"GSICONEXE"="GSICON.EXE" []
"DSLAGENTEXE"="DSLAGENT.exe" []
"GsiFinal"="gspndll.dll" [2002-01-23 00:01 C:\WINDOWS\system32\gspnDll.dll]
"SpeedTouch USB Diagnostics"="C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" [2004-01-26 11:38]
"WOOWATCH"="C:\PROGRA~1\Wanadoo\Watch.exe" [2004-08-23 14:49]
"WOOTASKBARICON"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe" [2005-04-13 03:48]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2004-10-07 21:20]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2004-10-07 21:16]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-05 14:00]
"WOOKIT"="C:\PROGRA~1\Wanadoo\GestMaj.exe" [2004-10-14 16:55]
"msnmsgr"="C:\Program Files\MSN Messenger\MsnMsgr.exe" [2007-01-19 12:55]
"Pando"="C:\Program Files\Pando Networks\Pando\Pando.exe" [2007-08-16 19:55]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cd4a3df8-03c6-11dc-9f5b-000e5048b0b9}]
AutoRun\command- start.exe
FramaKey\command- start.exe
Contents of the 'Scheduled Tasks' folder
2007-05-14 12:33:47 C:\WINDOWS\Tasks\Rappel d'enregistrement 1.job - C:\WINDOWS\system32\OOBE\oobebaln.exe
2007-05-14 12:33:47 C:\WINDOWS\Tasks\Rappel d'enregistrement 2.job - C:\WINDOWS\system32\OOBE\oobebaln.exe
2007-05-14 12:33:47 C:\WINDOWS\Tasks\Rappel d'enregistrement 3.job - C:\WINDOWS\system32\OOBE\oobebaln.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-09-06 19:46:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-09-06 19:47:33
C:\ComboFix-quarantined-files.txt ... 2007-09-06 19:47
C:\ComboFix2.txt ... 2007-09-05 19:52
C:\ComboFix3.txt ... 2007-09-04 19:50
que dois je faire svp!!!!
Bonjour,
Pourquoi Combofix ?!
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
Pourquoi Combofix ?!
Télécharge puis installe Hijackthis (Trend Micro)
Poste ensuite un rapport dans ta prochaine réponse.
AIDE : Comment utiliser Hijackthis v2.0.2
voila:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:13:00, on 06/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\winlogon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] DSLAGENT.EXE USB
O4 - HKLM\..\Run: [GsiFinal] rundll32 gspndll.dll,postInstall final
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-3182748043-2189074188-3955230680-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Alain')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: AutorunsDisabled
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADDAD423-31EA-48DB-95F4-8F5F92C7B35C}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 7836 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:13:00, on 06/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\winlogon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [EPSON Stylus DX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACE.EXE /P26 "EPSON Stylus DX3800 Series" /O6 "USB001" /M "Stylus DX3800"
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] DSLAGENT.EXE USB
O4 - HKLM\..\Run: [GsiFinal] rundll32 gspndll.dll,postInstall final
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-21-3182748043-2189074188-3955230680-1008\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Alain')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: AutorunsDisabled
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADDAD423-31EA-48DB-95F4-8F5F92C7B35C}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 7836 bytes
Re,
Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
&
Désinstalle correctement Avast! pour le remplacer par Antivir.
Pourquoi changer ? : Avast! vs Antivir
Télécharge Clean.zip (de Malekal),
Décompresse-le sur ton bureau (Clique-Droit/Extraire tout), tu dois obtenir un dossier Clean.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 1 puis patiente. Poste ensuite le contenu du rapport.
&
Désinstalle correctement Avast! pour le remplacer par Antivir.
Pourquoi changer ? : Avast! vs Antivir
08/09/2007 a 14:04:49,73
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Dynamic Toolbar\" FOUND
"C:\Program Files\Viewpoint\" FOUND
*** Fin du rapport !
voila le rappor pour antivir je l'ai installé mais la mise a jour ne se fait pas malgré la solution du probleme avec orange
*** Recherche des fichiers dans C:
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
*** Recherche des fichiers dans C:\Program Files
"C:\Program Files\Dynamic Toolbar\" FOUND
"C:\Program Files\Viewpoint\" FOUND
*** Fin du rapport !
voila le rappor pour antivir je l'ai installé mais la mise a jour ne se fait pas malgré la solution du probleme avec orange
Orange a vraiment du mal...
Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)
Redémarre en mode sans échec
Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.
Redémarre normalement.
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.
Poste le rapport clean : C:\rapport_clean.txt
Télécharge puis installe AVG Anti-Spyware (AVG AS)
Fais les mises à jour mais ne lance pas de scan pour le moment.
AIDE : Tuto sur AVG Anti-Spyware (Malekal)
Redémarre en mode sans échec
Relance AVG AS :
- Choisis l'onglet "Analyse"
- Puis l'onglet "Paramètres"
- Sous la question "Comment réagir ?", clique sur "Actions recommandées" et choisis "Quarantaine"
- Re-clique sur l'onglet "Analyse" puis réalise une "Analyse complète du système"
[#ff0000]Si un fichier est infecté en fin d'analyse, clique sur "Appliquer toutes les actions"[/#f]
Clique sur "Enregistrer le rapport" puis sur "Enregistrer le rapport sous"
Enregistre ce fichier texte sur ton bureau.
Ouvre le dossier clean, double-clique sur clean.cmd.
Choisis l'option 2 puis patiente.
Redémarre normalement.
Poste le rapport AVG AS ainsi qu'un rapport Hijackthis.
Poste le rapport clean : C:\rapport_clean.txt
il faut patienter pour les MAJ ca veut dire quoi?sinon voici les rapports
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 18:31:12 09/09/2007
+ Résultat de l'analyse:
HKLM\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\AutorunsDisabled\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP147\A0018754.dll -> Adware.PowerSearch : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\fred\Bureau\lime wire\(Goodfellaz) akon mr.r (uncensored) [SVCD].zip/Setup.exe -> Dropper.Mudrop.du : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\fred\Bureau\lime wire\~~~~ akon mr.r ~~~~ [Radio.Version].zip/Setup.exe -> Dropper.Mudrop.du : Nettoyé et sauvegardé (mise en quarantaine).
C:\qoobox\Quarantine\C\WINDOWS\DOWNLO~1\UDC6V_0001_D19M0709NetInstaller.exe.vir -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\fred\Cookies\fred@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@mistergooddeal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@msnportal.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@2.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@3.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@3.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@4.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@4.adbrite[3].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ads.adbrite[3].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@adtech[3].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@adviva[1].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@atdmt[3].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@www.burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@doubleclick[3].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@estat[2].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@estat[2].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fastclick[3].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fastclick[4].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@info[2].txt -> TrackingCookie.Info : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@web.info[1].txt -> TrackingCookie.Info : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@search.live[2].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@mediaplex[3].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@mediaplex[4].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@mediaplex[3].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@oewabox[2].txt -> TrackingCookie.Oewabox : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@www.paypal[2].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@www.paypal[3].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@edge.ru4[1].txt -> TrackingCookie.Ru4 : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@bs.serving-sys[4].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@bs.serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@bs.serving-sys[4].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@sexlist[1].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@sexlist[2].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@sexlist[4].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter10.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter11.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter11.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter11.sextracker[4].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter12.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter13.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter15.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter16.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter4.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter7.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter7.sextracker[3].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter8.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter9.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@toplist[1].txt -> TrackingCookie.Toplist : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@xxxcounter[2].txt -> TrackingCookie.Xxxcounter : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@c5.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 18:31:12 09/09/2007
+ Résultat de l'analyse:
HKLM\SOFTWARE\Classes\CLSID\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\AutorunsDisabled\\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\AutorunsDisabled\{4E7BD74F-2B8D-469E-A0E8-ED6AB685FA7D} -> Adware.2020Search : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\RP147\A0018754.dll -> Adware.PowerSearch : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\fred\Bureau\lime wire\(Goodfellaz) akon mr.r (uncensored) [SVCD].zip/Setup.exe -> Dropper.Mudrop.du : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\fred\Bureau\lime wire\~~~~ akon mr.r ~~~~ [Radio.Version].zip/Setup.exe -> Dropper.Mudrop.du : Nettoyé et sauvegardé (mise en quarantaine).
C:\qoobox\Quarantine\C\WINDOWS\DOWNLO~1\UDC6V_0001_D19M0709NetInstaller.exe.vir -> Not-A-Virus.Downloader.Win32.WinFixer.m : Nettoyé et sauvegardé (mise en quarantaine).
C:\Documents and Settings\fred\Cookies\fred@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fnac.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@mistergooddeal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@msnportal.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@2.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@3.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@3.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@4.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@4.adbrite[3].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ads.adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ads.adbrite[3].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@rotator.adjuggler[2].txt -> TrackingCookie.Adjuggler : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@adrevolver[1].txt -> TrackingCookie.Adrevolver : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@adtech[3].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@advertising[1].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@adviva[1].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@atdmt[3].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@bluestreak[3].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@burstnet[2].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@www.burstnet[1].txt -> TrackingCookie.Burstnet : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@casalemedia[2].txt -> TrackingCookie.Casalemedia : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fl01.ct2.comclick[2].txt -> TrackingCookie.Comclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@doubleclick[3].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@estat[2].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@estat[2].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fastclick[2].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fastclick[3].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@fastclick[4].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@info[2].txt -> TrackingCookie.Info : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@web.info[1].txt -> TrackingCookie.Info : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@intelli-direct[1].txt -> TrackingCookie.Intelli-direct : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@ivwbox[1].txt -> TrackingCookie.Ivwbox : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@search.live[2].txt -> TrackingCookie.Live : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@image.masterstats[1].txt -> TrackingCookie.Masterstats : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@mediaplex[3].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@mediaplex[4].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@mediaplex[2].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@mediaplex[3].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@www.myaffiliateprogram[1].txt -> TrackingCookie.Myaffiliateprogram : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ssl-hints.netflame[1].txt -> TrackingCookie.Netflame : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@oewabox[2].txt -> TrackingCookie.Oewabox : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@perf.overture[1].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@www.paypal[1].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@www.paypal[2].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@www.paypal[3].txt -> TrackingCookie.Paypal : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@revenue[2].txt -> TrackingCookie.Revenue : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@edge.ru4[1].txt -> TrackingCookie.Ru4 : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@bs.serving-sys[4].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@bs.serving-sys[3].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@bs.serving-sys[4].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@sexlist[1].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@sexlist[2].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@sexlist[4].txt -> TrackingCookie.Sexlist : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter10.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter11.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter11.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter11.sextracker[4].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter12.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter13.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter13.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter15.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter16.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter4.sextracker[2].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter6.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter7.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter7.sextracker[3].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter8.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@counter9.sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@sextracker[1].txt -> TrackingCookie.Sextracker : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@specificclick[2].txt -> TrackingCookie.Specificclick : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@statcounter[2].txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@toplist[1].txt -> TrackingCookie.Toplist : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@weborama[3].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@xxxcounter[2].txt -> TrackingCookie.Xxxcounter : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@yadro[2].txt -> TrackingCookie.Yadro : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Alain\Cookies\alain@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@c5.zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\fred\Cookies\fred@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
Fin du rapport
voici HijackThis
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:51:16, on 09/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O1 - Hosts: 62.146.66.181 dl1.avgate.net
O1 - Hosts: 62.146.66.182 dl2.avgate.net
O1 - Hosts: 62.146.66.183 dl3.avgate.net
O1 - Hosts: 62.146.66.184 dl4.avgate.net
O1 - Hosts: 80.190.143.235 dl5.avgate.net
O1 - Hosts: 62.146.66.178 dl7.avgate.net
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] DSLAGENT.EXE USB
O4 - HKLM\..\Run: [GsiFinal] rundll32 gspndll.dll,postInstall final
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: AutorunsDisabled
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADDAD423-31EA-48DB-95F4-8F5F92C7B35C}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 7945 bytes
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:51:16, on 09/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\Program Files\Pando Networks\Pando\Pando.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.exe
C:\Program Files\OpenOffice.org 2.2\program\soffice.BIN
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\UPHClean\uphclean.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\internet explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.orange.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O1 - Hosts: 62.146.66.181 dl1.avgate.net
O1 - Hosts: 62.146.66.182 dl2.avgate.net
O1 - Hosts: 62.146.66.183 dl3.avgate.net
O1 - Hosts: 62.146.66.184 dl4.avgate.net
O1 - Hosts: 80.190.143.235 dl5.avgate.net
O1 - Hosts: 62.146.66.178 dl7.avgate.net
O2 - BHO: (no name) - AutorunsDisabled - (no file)
O2 - BHO: Aide pour le lien d'Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: CInterceptor Object - {38D3FE60-3D53-4F37-BB0E-C7A97A26A156} - C:\Program Files\Pando Networks\Pando\PandoIEPlugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] DSLAGENT.EXE USB
O4 - HKLM\..\Run: [GsiFinal] rundll32 gspndll.dll,postInstall final
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\GestMaj.exe GestionnaireInternet.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Pando] "C:\Program Files\Pando Networks\Pando\Pando.exe" /Minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: OpenOffice.org 2.2.lnk = C:\Program Files\OpenOffice.org 2.2\program\quickstart.exe
O4 - Global Startup: AutorunsDisabled
O9 - Extra button: (no name) - AutorunsDisabled - (no file)
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yins...
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w2/pr02/resources/MSNPUpld...
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls...
O17 - HKLM\System\CCS\Services\Tcpip\..\{ADDAD423-31EA-48DB-95F4-8F5F92C7B35C}: NameServer = 80.10.246.130 80.10.246.3
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MysqlInventime - Unknown owner - c:\mysql\bin\mysqld-nt.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
--
End of file - 7945 bytes
et voici clean
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 09/09/2007 a 18:41:23,25
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Dynamic Toolbar\"
tentative de suppression de "C:\Program Files\Viewpoint\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 09/09/2007 a 18:41:23,25
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de "C:\Program Files\Dynamic Toolbar\"
tentative de suppression de "C:\Program Files\Viewpoint\"
*** Suppression des clefs du registre effectuee..
*** Fin du rapport !
Lassé par la pub ? Créez un compte
