triangle jaune clignotant, security toolbar 7.1, etc - Page 2
Dernière réponse : dans Sécurité
bonsoir
je ne sais pas comment tu as fait mais tu as réussi à reprendre deux nouvelles infections...
attention à ce que tu cliques...
ces infections sont faciles à enlever, ne panique pas ;O)
1
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
2
Télécharge Lop S&D.zip.
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat.
Sélectionne la langue en tapant sur 1 puis en validant avec la touche Entrée.
Tape sur "R" puis valide en appuyant sur "Entrée".
Un rapport sera généré, poste son contenu ici.
je ne sais pas comment tu as fait mais tu as réussi à reprendre deux nouvelles infections...
attention à ce que tu cliques...
ces infections sont faciles à enlever, ne panique pas ;O)
1
Télécharge Navilog1.exe (IL-MAFIOSO)
Enregistre-le sur ton Bureau.
Lance l'installation en double cliquant sur navilog.exe.
Une fois l'installation terminée, l'utilitaire s'exécutera automatiquement.
(Si ce n'est pas le cas, double clique sur le raccourci présent sur le Bureau)
Laisse-toi guider par l'utilitaire. Choisis l'option 1 puis valide.
[#ff0000]! N'utilise pas l'option 2, 3 et 4 sans notre accord ![/#f]
Patiente jusqu'à l'apparition de ce message :
"*** Analyse Termine le ..... ***"
Appuie sur une touche comme demandé. Le Bloc-notes va s'ouvrir. Poste-nous son contenu de cette manière :
-> Edition / Sélectionner tout
-> Edition / Copier
-> Clique-Droit / Coller dans ta réponse
NOTE : Le rapport se trouve également ici : C:\fixnavi.txt
2
Télécharge Lop S&D.zip.
Dézippe-le sur ton Bureau uniquement.
Ouvre le dossier Lop S&D puis double-clique sur Scan.bat.
Sélectionne la langue en tapant sur 1 puis en validant avec la touche Entrée.
Tape sur "R" puis valide en appuyant sur "Entrée".
Un rapport sera généré, poste son contenu ici.
Lassé par la pub ? Créez un compte
l'analyse ne veut pas se lancer, voici ce qu'il est écrit :
echec du chargement du contrôle activeX Kaspersky on-line scanner !
vous devez jouir des privilèges d'administrateur sur ce poste ; en outre, il faut configurer le niveau de sécurité IE sur moyen
voici l'analyse navilog :
Search Navipromo version 3.3.6 commencé le 23/11/2007 à 21:13:32,17
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\Loubna\Application Data ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun fichier trouvé dans :
- C:\WINDOWS\system32
- C:\DOCUME~1\LOUBNA\LOCALS~1\APPLIC~1
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
* Recherche dans C:\DOCUME~1\LOUBNA\LOCALS~1\APPLIC~1 *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
3)Recherche Certificats :
Certificat Egroup absent !
*** Analyse terminée le 23/11/2007 à 21:14:18,32 ***
echec du chargement du contrôle activeX Kaspersky on-line scanner !
vous devez jouir des privilèges d'administrateur sur ce poste ; en outre, il faut configurer le niveau de sécurité IE sur moyen
voici l'analyse navilog :
Search Navipromo version 3.3.6 commencé le 23/11/2007 à 21:13:32,17
!!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!!
!!! Postez ce rapport sur le forum pour le faire analyser !!!
!!! Ne lancez pas la partie désinfection sans l'avis d'un spécialiste !!!
Outil exécuté depuis C:\Program Files\navilog1
Mise à jour le 14.11.2007 à 18h00 par IL-MAFIOSO
Microsoft Windows XP [version 5.1.2600]
Internet Explorer : 7.0.5730.11
*** Recherche Programmes installés ***
*** Recherche dossiers dans C:\WINDOWS ***
*** Recherche dossiers dans C:\Program Files ***
*** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data ***
*** Recherche dossiers dans C:\Documents and Settings\Loubna\Application Data ***
*** Recherche dossiers dans C:\DOCUME~1\ALLUSE~1\MENUDM~1\PROGRA~1 ***
*** Recherche avec Catchme-rootkit/stealth malware detector par gmer ***
pour + d'infos : http://www.gmer.net
Aucun fichier trouvé dans :
- C:\WINDOWS\system32
- C:\DOCUME~1\LOUBNA\LOCALS~1\APPLIC~1
*** Recherche avec GenericNaviSearch ***
!!! Tous ces résultats peuvent révéler des fichiers légitimes !!!
!!! A vérifier impérativement avant toute suppression manuelle !!!
* Recherche dans C:\WINDOWS\system32 *
* Recherche dans C:\DOCUME~1\LOUBNA\LOCALS~1\APPLIC~1 *
*** Recherche fichiers ***
*** Recherche clés spécifiques dans le Registre ***
*** Module de Recherche complémentaire ***
(Recherche fichiers spécifiques)
1)Recherche fichiers connus:
2)Recherche Heuristique :
3)Recherche Certificats :
Certificat Egroup absent !
*** Analyse terminée le 23/11/2007 à 21:14:18,32 ***
et voila le rapport lop :
------------------------------[ Lop S&D 1.5 ]----------------------------
Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
Lancé depuis : "C:\Documents and Settings\Loubna\Bureau\Lop S&D"
Rapport créé Le 23/11/2007 à 21:17:31,60 PC : MEDION
! Faire analyser le rapport par un Helper avant intervention !
-------------[ Listing des Dossiers dans Application Data ]-------------
C:\Documents and settings\All Users\Application Data\Google Updater
C:\Documents and settings\All Users\Application Data\Symantec
C:\Documents and settings\All Users\Application Data\UniversalisV12
C:\Documents and settings\All Users\Application Data\addr_file.html
C:\Documents and settings\All Users\Application Data\Avira
C:\Documents and settings\All Users\Application Data\piledriveboldshow
C:\Documents and settings\All Users\Application Data\Software rule flag owns
C:\Documents and settings\All Users\Application Data\pixelStorm
C:\Documents and settings\All Users\Application Data\Grisoft
C:\Documents and settings\All Users\Application Data\TEMP
C:\Documents and settings\All Users\Application Data\Adobe
C:\Documents and settings\All Users\Application Data\Apple
C:\Documents and settings\All Users\Application Data\Mozilla
C:\Documents and settings\All Users\Application Data\QTSBandwidthCache
C:\Documents and settings\All Users\Application Data\Apple Computer
C:\Documents and settings\All Users\Application Data\Google
C:\Documents and settings\All Users\Application Data\Link Data Security
C:\Documents and settings\All Users\Application Data\UniversalisV11
C:\Documents and settings\All Users\Application Data\Adobe Systems
C:\Documents and settings\All Users\Application Data\Macrovision
C:\Documents and settings\All Users\Application Data\BOONTY
C:\Documents and settings\All Users\Application Data\Ciel
C:\Documents and settings\All Users\Application Data\Messenger Plus!
C:\Documents and settings\All Users\Application Data\Microsoft
C:\Documents and settings\All Users\Application Data\Yahoo! Companion
C:\Documents and settings\All Users\Application Data\Ahead
C:\Documents and settings\All Users\Application Data\FaxCtr
C:\Documents and settings\All Users\Application Data\CyberLink
C:\Documents and settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and settings\All Users\Application Data\QuickTime
C:\Documents and settings\All Users\Application Data\desktop.ini
C:\Documents and settings\All Users\Application Data\SBSI
C:\Documents and settings\Default User\Application Data\Microsoft
C:\Documents and settings\Default User\Application Data\CyberLink
C:\Documents and settings\Default User\Application Data\Sun
C:\Documents and settings\Default User\Application Data\Musicmatch
C:\Documents and settings\Default User\Application Data\Real
C:\Documents and settings\Default User\Application Data\Adobe
C:\Documents and settings\Default User\Application Data\Macromedia
C:\Documents and settings\Default User\Application Data\desktop.ini
C:\Documents and settings\Default User\Application Data\Identities
C:\Documents and settings\Invit‚\Application Data\CyberLink
C:\Documents and settings\Invit‚\Application Data\Microsoft
C:\Documents and settings\Invit‚\Application Data\Sun
C:\Documents and settings\Invit‚\Application Data\Musicmatch
C:\Documents and settings\Invit‚\Application Data\Real
C:\Documents and settings\Invit‚\Application Data\Adobe
C:\Documents and settings\Invit‚\Application Data\Macromedia
C:\Documents and settings\Invit‚\Application Data\desktop.ini
C:\Documents and settings\Invit‚\Application Data\Identities
C:\Documents and settings\LocalService\Application Data\ThisMix
C:\Documents and settings\LocalService\Application Data\Microsoft
C:\Documents and settings\LocalService\Application Data\Google
C:\Documents and settings\LocalService\Application Data\FaxCtr
C:\Documents and settings\LocalService\Application Data\Help
C:\Documents and settings\LocalService\Application Data\X10 Commander
C:\Documents and settings\Loubna\Application Data\Grisoft
C:\Documents and settings\Loubna\Application Data\iLike
C:\Documents and settings\Loubna\Application Data\MaxiMemo
C:\Documents and settings\Loubna\Application Data\DivX
C:\Documents and settings\Loubna\Application Data\Hotbar_Icons
C:\Documents and settings\Loubna\Application Data\BitZipper
C:\Documents and settings\Loubna\Application Data\Apple Computer
C:\Documents and settings\Loubna\Application Data\AdobeUM
C:\Documents and settings\Loubna\Application Data\Talkback
C:\Documents and settings\Loubna\Application Data\Mozilla
C:\Documents and settings\Loubna\Application Data\Adobe
C:\Documents and settings\Loubna\Application Data\Universalis V12
C:\Documents and settings\Loubna\Application Data\Panasonic
C:\Documents and settings\Loubna\Application Data\ArcSoft
C:\Documents and settings\Loubna\Application Data\AdobeDLM.log
C:\Documents and settings\Loubna\Application Data\dm.ini
C:\Documents and settings\Loubna\Application Data\Google
C:\Documents and settings\Loubna\Application Data\Ahead
C:\Documents and settings\Loubna\Application Data\Microsoft
C:\Documents and settings\Loubna\Application Data\Yahoo!
C:\Documents and settings\Loubna\Application Data\Wannadoo
C:\Documents and settings\Loubna\Application Data\PEX
C:\Documents and settings\Loubna\Application Data\ispnews
C:\Documents and settings\Loubna\Application Data\sversion.ini
C:\Documents and settings\Loubna\Application Data\user60.rdb
C:\Documents and settings\Loubna\Application Data\FaxCtr
C:\Documents and settings\Loubna\Application Data\Universalis V11
C:\Documents and settings\Loubna\Application Data\Help
C:\Documents and settings\Loubna\Application Data\CyberLink
C:\Documents and settings\Loubna\Application Data\Sun
C:\Documents and settings\Loubna\Application Data\Musicmatch
C:\Documents and settings\Loubna\Application Data\Real
C:\Documents and settings\Loubna\Application Data\Macromedia
C:\Documents and settings\Loubna\Application Data\desktop.ini
C:\Documents and settings\Loubna\Application Data\Identities
C:\Documents and settings\Messaouda\Application Data\MaxiMemo
C:\Documents and settings\Messaouda\Application Data\FaxCtr
C:\Documents and settings\Messaouda\Application Data\Adobe
C:\Documents and settings\Messaouda\Application Data\Grisoft
C:\Documents and settings\Messaouda\Application Data\Talkback
C:\Documents and settings\Messaouda\Application Data\Mozilla
C:\Documents and settings\Messaouda\Application Data\AdobeUM
C:\Documents and settings\Messaouda\Application Data\Google
C:\Documents and settings\Messaouda\Application Data\ArcSoft
C:\Documents and settings\Messaouda\Application Data\Microsoft
C:\Documents and settings\Messaouda\Application Data\Universalis V11
C:\Documents and settings\Messaouda\Application Data\user60.rdb
C:\Documents and settings\Messaouda\Application Data\OFFICE One v6
C:\Documents and settings\Messaouda\Application Data\sversion.ini
C:\Documents and settings\Messaouda\Application Data\CyberLink
C:\Documents and settings\Messaouda\Application Data\Sun
C:\Documents and settings\Messaouda\Application Data\Musicmatch
C:\Documents and settings\Messaouda\Application Data\Real
C:\Documents and settings\Messaouda\Application Data\Macromedia
C:\Documents and settings\Messaouda\Application Data\desktop.ini
C:\Documents and settings\Messaouda\Application Data\Identities
C:\Documents and settings\momo\Application Data\LimeWire
C:\Documents and settings\momo\Application Data\MaxiMemo
C:\Documents and settings\momo\Application Data\GetRightToGo
C:\Documents and settings\momo\Application Data\iLike
C:\Documents and settings\momo\Application Data\sversion.ini
C:\Documents and settings\momo\Application Data\user60.rdb
C:\Documents and settings\momo\Application Data\Grisoft
C:\Documents and settings\momo\Application Data\Adobe
C:\Documents and settings\momo\Application Data\Talkback
C:\Documents and settings\momo\Application Data\Mozilla
C:\Documents and settings\momo\Application Data\Yahoo!
C:\Documents and settings\momo\Application Data\DivX
C:\Documents and settings\momo\Application Data\Microsoft
C:\Documents and settings\momo\Application Data\Google
C:\Documents and settings\momo\Application Data\Ahead
C:\Documents and settings\momo\Application Data\Apple Computer
C:\Documents and settings\momo\Application Data\AdobeUM
C:\Documents and settings\momo\Application Data\FaxCtr
C:\Documents and settings\momo\Application Data\CyberLink
C:\Documents and settings\momo\Application Data\Sun
C:\Documents and settings\momo\Application Data\Musicmatch
C:\Documents and settings\momo\Application Data\Real
C:\Documents and settings\momo\Application Data\Macromedia
C:\Documents and settings\momo\Application Data\desktop.ini
C:\Documents and settings\momo\Application Data\Identities
C:\Documents and settings\NetworkService\Application Data\Macromedia
C:\Documents and settings\NetworkService\Application Data\Microsoft
C:\Documents and settings\NetworkService\Application Data\FaxCtr
C:\Documents and settings\NetworkService\Application Data\X10 Commander
C:\Documents and settings\Propri‚taire\Application Data\Real
C:\Documents and settings\Rebia‹\Application Data\Help
C:\Documents and settings\Rebia‹\Application Data\ArcSoft
C:\Documents and settings\Rebia‹\Application Data\Google
C:\Documents and settings\Rebia‹\Application Data\FaxCtr
C:\Documents and settings\Rebia‹\Application Data\CyberLink
C:\Documents and settings\Rebia‹\Application Data\Microsoft
C:\Documents and settings\Rebia‹\Application Data\Sun
C:\Documents and settings\Rebia‹\Application Data\Musicmatch
C:\Documents and settings\Rebia‹\Application Data\Real
C:\Documents and settings\Rebia‹\Application Data\Adobe
C:\Documents and settings\Rebia‹\Application Data\Macromedia
C:\Documents and settings\Rebia‹\Application Data\desktop.ini
C:\Documents and settings\Rebia‹\Application Data\Identities
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
C:\WINDOWS\tasks\B1DECA8A918579A6.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans Program Files ]--------------
C:\Program Files\Abbyy FineReader 6.0 Sprint
C:\Program Files\Activision
C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\Apple Software Update
C:\Program Files\ArcSoft
C:\Program Files\Athan
C:\Program Files\ATI Technologies
C:\Program Files\Avira
C:\Program Files\Belkin
C:\Program Files\BitZipper
C:\Program Files\BoontyGames
C:\Program Files\CCleaner
C:\Program Files\CeWe Color
C:\Program Files\Common Files
C:\Program Files\Cryo
C:\Program Files\CyberLink
C:\Program Files\directx
C:\Program Files\DivX
C:\Program Files\EA GAMES
C:\Program Files\eMule
C:\Program Files\EZFace
C:\Program Files\Fichiers communs
C:\Program Files\F-IRC
C:\Program Files\FLV PlayerFCSetup.exe
C:\Program Files\FLV PlayerRCATSetup.exe
C:\Program Files\FLV PlayerRCSetup.exe
C:\Program Files\Freecorder
C:\Program Files\Google
C:\Program Files\Grisoft
C:\Program Files\help
C:\Program Files\HighMAT CD Writing Wizard
C:\Program Files\Home Cinema
C:\Program Files\INSTALL.LOG
C:\Program Files\Intel
C:\Program Files\Internet Explorer
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\Lexmark 6200 Series
C:\Program Files\Lexmark Fax Solutions
C:\Program Files\Lexmark_6200 Series
C:\Program Files\license.html
C:\Program Files\license.txt
C:\Program Files\LivePix 1.1 SE
C:\Program Files\Lx_cats
C:\Program Files\MaxiMemo
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft SQL Server
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSN Toolbar
C:\Program Files\MSNServersX
C:\Program Files\MSXML 4.0
C:\Program Files\Musicmatch
C:\Program Files\Navilog1
C:\Program Files\NCH Software
C:\Program Files\NetMeeting
C:\Program Files\OFFICE One 6.5.lnk
C:\Program Files\OFFICE One Setup.lnk
C:\Program Files\OFFICE One6.5
C:\Program Files\Online Services
C:\Program Files\ooversion.txt
C:\Program Files\Orange HSS
C:\Program Files\OrangeHSS
C:\Program Files\Outlook Express
C:\Program Files\Panasonic
C:\Program Files\PhotoFiltre
C:\Program Files\PixDiscount
C:\Program Files\program
C:\Program Files\QuickTime
C:\Program Files\Readiris Pro 8
C:\Program Files\readme.html
C:\Program Files\readme.txt
C:\Program Files\Real
C:\Program Files\SAMSUNG
C:\Program Files\Securitoo
C:\Program Files\Services en ligne
C:\Program Files\share
C:\Program Files\Share_Accelerator
C:\Program Files\Shareaza
C:\Program Files\Sony
C:\Program Files\Sony Setup
C:\Program Files\Trend Micro
C:\Program Files\Trust
C:\Program Files\Ubi Soft
C:\Program Files\Universalis
C:\Program Files\user
C:\Program Files\Valusoft
C:\Program Files\Wanadoo
C:\Program Files\Wanadoo Messager
C:\Program Files\WildTangent
C:\Program Files\Windows Live
C:\Program Files\Windows Media Connect
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\WinX 3GP 3G2 PDA MP4 Video Converter
C:\Program Files\WinZip
C:\Program Files\X10 Hardware
C:\Program Files\xerox
C:\Program Files\Xilisoft
C:\Program Files\Yahoo!
------[ Listing des dossiers dans Program Files\Fichiers Communs ]------
C:\program files\fichiers communs\Adobe
C:\program files\fichiers communs\Adobe Systems Shared
C:\program files\fichiers communs\Ahead
C:\program files\fichiers communs\Apple
C:\program files\fichiers communs\ArcSoft
C:\program files\fichiers communs\AVSMedia
C:\program files\fichiers communs\BOONTY Shared
C:\program files\fichiers communs\Borland Shared
C:\program files\fichiers communs\FDEUnInstaller.exe
C:\program files\fichiers communs\France Telecom
C:\program files\fichiers communs\InstallShield
C:\program files\fichiers communs\Java
C:\program files\fichiers communs\Macrovision Shared
C:\program files\fichiers communs\Microsoft Shared
C:\program files\fichiers communs\MSSoap
C:\program files\fichiers communs\Nero
C:\program files\fichiers communs\Nullsoft
C:\program files\fichiers communs\ODBC
C:\program files\fichiers communs\PCCamera
C:\program files\fichiers communs\Real
C:\program files\fichiers communs\Services
C:\program files\fichiers communs\SpeechEngines
C:\program files\fichiers communs\Symantec Shared
C:\program files\fichiers communs\System
C:\program files\fichiers communs\xing shared
----------------------[ Recherche dans le Registre ]----------------------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------
C:\Documents and settings\Messaouda\Cookies\messaouda@advertstream[1].txt
C:\Documents and settings\momo\Cookies\momo@advertstream[1].txt
C:\Documents and settings\momo\Cookies\momo@sharpadverts[1].txt
C:\WINDOWS\tasks\B1DECA8A918579A6.job
--------------------[ Vérification du fichier Hosts ]---------------------
Fichier Hosts : Propre
--------------[ Recherche de fichiers cachés avec Catchme ]---------------
catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-23 21:17:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden services & system hive ...
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
--------------------[ Fin du rapport à 21:18:33,73 ]----------------------
------------------------------[ Lop S&D 1.5 ]----------------------------
Version : Microsoft Windows XP [version 5.1.2600] [ OS : Windows_NT ]
Lancé depuis : "C:\Documents and Settings\Loubna\Bureau\Lop S&D"
Rapport créé Le 23/11/2007 à 21:17:31,60 PC : MEDION
! Faire analyser le rapport par un Helper avant intervention !
-------------[ Listing des Dossiers dans Application Data ]-------------
C:\Documents and settings\All Users\Application Data\Google Updater
C:\Documents and settings\All Users\Application Data\Symantec
C:\Documents and settings\All Users\Application Data\UniversalisV12
C:\Documents and settings\All Users\Application Data\addr_file.html
C:\Documents and settings\All Users\Application Data\Avira
C:\Documents and settings\All Users\Application Data\piledriveboldshow
C:\Documents and settings\All Users\Application Data\Software rule flag owns
C:\Documents and settings\All Users\Application Data\pixelStorm
C:\Documents and settings\All Users\Application Data\Grisoft
C:\Documents and settings\All Users\Application Data\TEMP
C:\Documents and settings\All Users\Application Data\Adobe
C:\Documents and settings\All Users\Application Data\Apple
C:\Documents and settings\All Users\Application Data\Mozilla
C:\Documents and settings\All Users\Application Data\QTSBandwidthCache
C:\Documents and settings\All Users\Application Data\Apple Computer
C:\Documents and settings\All Users\Application Data\Google
C:\Documents and settings\All Users\Application Data\Link Data Security
C:\Documents and settings\All Users\Application Data\UniversalisV11
C:\Documents and settings\All Users\Application Data\Adobe Systems
C:\Documents and settings\All Users\Application Data\Macrovision
C:\Documents and settings\All Users\Application Data\BOONTY
C:\Documents and settings\All Users\Application Data\Ciel
C:\Documents and settings\All Users\Application Data\Messenger Plus!
C:\Documents and settings\All Users\Application Data\Microsoft
C:\Documents and settings\All Users\Application Data\Yahoo! Companion
C:\Documents and settings\All Users\Application Data\Ahead
C:\Documents and settings\All Users\Application Data\FaxCtr
C:\Documents and settings\All Users\Application Data\CyberLink
C:\Documents and settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and settings\All Users\Application Data\QuickTime
C:\Documents and settings\All Users\Application Data\desktop.ini
C:\Documents and settings\All Users\Application Data\SBSI
C:\Documents and settings\Default User\Application Data\Microsoft
C:\Documents and settings\Default User\Application Data\CyberLink
C:\Documents and settings\Default User\Application Data\Sun
C:\Documents and settings\Default User\Application Data\Musicmatch
C:\Documents and settings\Default User\Application Data\Real
C:\Documents and settings\Default User\Application Data\Adobe
C:\Documents and settings\Default User\Application Data\Macromedia
C:\Documents and settings\Default User\Application Data\desktop.ini
C:\Documents and settings\Default User\Application Data\Identities
C:\Documents and settings\Invit‚\Application Data\CyberLink
C:\Documents and settings\Invit‚\Application Data\Microsoft
C:\Documents and settings\Invit‚\Application Data\Sun
C:\Documents and settings\Invit‚\Application Data\Musicmatch
C:\Documents and settings\Invit‚\Application Data\Real
C:\Documents and settings\Invit‚\Application Data\Adobe
C:\Documents and settings\Invit‚\Application Data\Macromedia
C:\Documents and settings\Invit‚\Application Data\desktop.ini
C:\Documents and settings\Invit‚\Application Data\Identities
C:\Documents and settings\LocalService\Application Data\ThisMix
C:\Documents and settings\LocalService\Application Data\Microsoft
C:\Documents and settings\LocalService\Application Data\Google
C:\Documents and settings\LocalService\Application Data\FaxCtr
C:\Documents and settings\LocalService\Application Data\Help
C:\Documents and settings\LocalService\Application Data\X10 Commander
C:\Documents and settings\Loubna\Application Data\Grisoft
C:\Documents and settings\Loubna\Application Data\iLike
C:\Documents and settings\Loubna\Application Data\MaxiMemo
C:\Documents and settings\Loubna\Application Data\DivX
C:\Documents and settings\Loubna\Application Data\Hotbar_Icons
C:\Documents and settings\Loubna\Application Data\BitZipper
C:\Documents and settings\Loubna\Application Data\Apple Computer
C:\Documents and settings\Loubna\Application Data\AdobeUM
C:\Documents and settings\Loubna\Application Data\Talkback
C:\Documents and settings\Loubna\Application Data\Mozilla
C:\Documents and settings\Loubna\Application Data\Adobe
C:\Documents and settings\Loubna\Application Data\Universalis V12
C:\Documents and settings\Loubna\Application Data\Panasonic
C:\Documents and settings\Loubna\Application Data\ArcSoft
C:\Documents and settings\Loubna\Application Data\AdobeDLM.log
C:\Documents and settings\Loubna\Application Data\dm.ini
C:\Documents and settings\Loubna\Application Data\Google
C:\Documents and settings\Loubna\Application Data\Ahead
C:\Documents and settings\Loubna\Application Data\Microsoft
C:\Documents and settings\Loubna\Application Data\Yahoo!
C:\Documents and settings\Loubna\Application Data\Wannadoo
C:\Documents and settings\Loubna\Application Data\PEX
C:\Documents and settings\Loubna\Application Data\ispnews
C:\Documents and settings\Loubna\Application Data\sversion.ini
C:\Documents and settings\Loubna\Application Data\user60.rdb
C:\Documents and settings\Loubna\Application Data\FaxCtr
C:\Documents and settings\Loubna\Application Data\Universalis V11
C:\Documents and settings\Loubna\Application Data\Help
C:\Documents and settings\Loubna\Application Data\CyberLink
C:\Documents and settings\Loubna\Application Data\Sun
C:\Documents and settings\Loubna\Application Data\Musicmatch
C:\Documents and settings\Loubna\Application Data\Real
C:\Documents and settings\Loubna\Application Data\Macromedia
C:\Documents and settings\Loubna\Application Data\desktop.ini
C:\Documents and settings\Loubna\Application Data\Identities
C:\Documents and settings\Messaouda\Application Data\MaxiMemo
C:\Documents and settings\Messaouda\Application Data\FaxCtr
C:\Documents and settings\Messaouda\Application Data\Adobe
C:\Documents and settings\Messaouda\Application Data\Grisoft
C:\Documents and settings\Messaouda\Application Data\Talkback
C:\Documents and settings\Messaouda\Application Data\Mozilla
C:\Documents and settings\Messaouda\Application Data\AdobeUM
C:\Documents and settings\Messaouda\Application Data\Google
C:\Documents and settings\Messaouda\Application Data\ArcSoft
C:\Documents and settings\Messaouda\Application Data\Microsoft
C:\Documents and settings\Messaouda\Application Data\Universalis V11
C:\Documents and settings\Messaouda\Application Data\user60.rdb
C:\Documents and settings\Messaouda\Application Data\OFFICE One v6
C:\Documents and settings\Messaouda\Application Data\sversion.ini
C:\Documents and settings\Messaouda\Application Data\CyberLink
C:\Documents and settings\Messaouda\Application Data\Sun
C:\Documents and settings\Messaouda\Application Data\Musicmatch
C:\Documents and settings\Messaouda\Application Data\Real
C:\Documents and settings\Messaouda\Application Data\Macromedia
C:\Documents and settings\Messaouda\Application Data\desktop.ini
C:\Documents and settings\Messaouda\Application Data\Identities
C:\Documents and settings\momo\Application Data\LimeWire
C:\Documents and settings\momo\Application Data\MaxiMemo
C:\Documents and settings\momo\Application Data\GetRightToGo
C:\Documents and settings\momo\Application Data\iLike
C:\Documents and settings\momo\Application Data\sversion.ini
C:\Documents and settings\momo\Application Data\user60.rdb
C:\Documents and settings\momo\Application Data\Grisoft
C:\Documents and settings\momo\Application Data\Adobe
C:\Documents and settings\momo\Application Data\Talkback
C:\Documents and settings\momo\Application Data\Mozilla
C:\Documents and settings\momo\Application Data\Yahoo!
C:\Documents and settings\momo\Application Data\DivX
C:\Documents and settings\momo\Application Data\Microsoft
C:\Documents and settings\momo\Application Data\Google
C:\Documents and settings\momo\Application Data\Ahead
C:\Documents and settings\momo\Application Data\Apple Computer
C:\Documents and settings\momo\Application Data\AdobeUM
C:\Documents and settings\momo\Application Data\FaxCtr
C:\Documents and settings\momo\Application Data\CyberLink
C:\Documents and settings\momo\Application Data\Sun
C:\Documents and settings\momo\Application Data\Musicmatch
C:\Documents and settings\momo\Application Data\Real
C:\Documents and settings\momo\Application Data\Macromedia
C:\Documents and settings\momo\Application Data\desktop.ini
C:\Documents and settings\momo\Application Data\Identities
C:\Documents and settings\NetworkService\Application Data\Macromedia
C:\Documents and settings\NetworkService\Application Data\Microsoft
C:\Documents and settings\NetworkService\Application Data\FaxCtr
C:\Documents and settings\NetworkService\Application Data\X10 Commander
C:\Documents and settings\Propri‚taire\Application Data\Real
C:\Documents and settings\Rebia‹\Application Data\Help
C:\Documents and settings\Rebia‹\Application Data\ArcSoft
C:\Documents and settings\Rebia‹\Application Data\Google
C:\Documents and settings\Rebia‹\Application Data\FaxCtr
C:\Documents and settings\Rebia‹\Application Data\CyberLink
C:\Documents and settings\Rebia‹\Application Data\Microsoft
C:\Documents and settings\Rebia‹\Application Data\Sun
C:\Documents and settings\Rebia‹\Application Data\Musicmatch
C:\Documents and settings\Rebia‹\Application Data\Real
C:\Documents and settings\Rebia‹\Application Data\Adobe
C:\Documents and settings\Rebia‹\Application Data\Macromedia
C:\Documents and settings\Rebia‹\Application Data\desktop.ini
C:\Documents and settings\Rebia‹\Application Data\Identities
----------------[ Tâches planifiées dans C:\WINDOWS\tasks ]---------------
C:\WINDOWS\tasks\B1DECA8A918579A6.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\SA.DAT
C:\WINDOWS\tasks\desktop.ini
---------------[ Listing des dossiers dans Program Files ]--------------
C:\Program Files\Abbyy FineReader 6.0 Sprint
C:\Program Files\Activision
C:\Program Files\Adobe
C:\Program Files\Ahead
C:\Program Files\Apple Software Update
C:\Program Files\ArcSoft
C:\Program Files\Athan
C:\Program Files\ATI Technologies
C:\Program Files\Avira
C:\Program Files\Belkin
C:\Program Files\BitZipper
C:\Program Files\BoontyGames
C:\Program Files\CCleaner
C:\Program Files\CeWe Color
C:\Program Files\Common Files
C:\Program Files\Cryo
C:\Program Files\CyberLink
C:\Program Files\directx
C:\Program Files\DivX
C:\Program Files\EA GAMES
C:\Program Files\eMule
C:\Program Files\EZFace
C:\Program Files\Fichiers communs
C:\Program Files\F-IRC
C:\Program Files\FLV PlayerFCSetup.exe
C:\Program Files\FLV PlayerRCATSetup.exe
C:\Program Files\FLV PlayerRCSetup.exe
C:\Program Files\Freecorder
C:\Program Files\Google
C:\Program Files\Grisoft
C:\Program Files\help
C:\Program Files\HighMAT CD Writing Wizard
C:\Program Files\Home Cinema
C:\Program Files\INSTALL.LOG
C:\Program Files\Intel
C:\Program Files\Internet Explorer
C:\Program Files\iPod
C:\Program Files\iTunes
C:\Program Files\Lexmark 6200 Series
C:\Program Files\Lexmark Fax Solutions
C:\Program Files\Lexmark_6200 Series
C:\Program Files\license.html
C:\Program Files\license.txt
C:\Program Files\LivePix 1.1 SE
C:\Program Files\Lx_cats
C:\Program Files\MaxiMemo
C:\Program Files\Messenger
C:\Program Files\Messenger Plus! Live
C:\Program Files\microsoft frontpage
C:\Program Files\Microsoft Games
C:\Program Files\Microsoft Office
C:\Program Files\Microsoft SQL Server
C:\Program Files\Movie Maker
C:\Program Files\Mozilla Firefox
C:\Program Files\MSN
C:\Program Files\MSN Gaming Zone
C:\Program Files\MSN Messenger
C:\Program Files\MSN Toolbar
C:\Program Files\MSNServersX
C:\Program Files\MSXML 4.0
C:\Program Files\Musicmatch
C:\Program Files\Navilog1
C:\Program Files\NCH Software
C:\Program Files\NetMeeting
C:\Program Files\OFFICE One 6.5.lnk
C:\Program Files\OFFICE One Setup.lnk
C:\Program Files\OFFICE One6.5
C:\Program Files\Online Services
C:\Program Files\ooversion.txt
C:\Program Files\Orange HSS
C:\Program Files\OrangeHSS
C:\Program Files\Outlook Express
C:\Program Files\Panasonic
C:\Program Files\PhotoFiltre
C:\Program Files\PixDiscount
C:\Program Files\program
C:\Program Files\QuickTime
C:\Program Files\Readiris Pro 8
C:\Program Files\readme.html
C:\Program Files\readme.txt
C:\Program Files\Real
C:\Program Files\SAMSUNG
C:\Program Files\Securitoo
C:\Program Files\Services en ligne
C:\Program Files\share
C:\Program Files\Share_Accelerator
C:\Program Files\Shareaza
C:\Program Files\Sony
C:\Program Files\Sony Setup
C:\Program Files\Trend Micro
C:\Program Files\Trust
C:\Program Files\Ubi Soft
C:\Program Files\Universalis
C:\Program Files\user
C:\Program Files\Valusoft
C:\Program Files\Wanadoo
C:\Program Files\Wanadoo Messager
C:\Program Files\WildTangent
C:\Program Files\Windows Live
C:\Program Files\Windows Media Connect
C:\Program Files\Windows Media Connect 2
C:\Program Files\Windows Media Player
C:\Program Files\Windows NT
C:\Program Files\WinRAR
C:\Program Files\WinX 3GP 3G2 PDA MP4 Video Converter
C:\Program Files\WinZip
C:\Program Files\X10 Hardware
C:\Program Files\xerox
C:\Program Files\Xilisoft
C:\Program Files\Yahoo!
------[ Listing des dossiers dans Program Files\Fichiers Communs ]------
C:\program files\fichiers communs\Adobe
C:\program files\fichiers communs\Adobe Systems Shared
C:\program files\fichiers communs\Ahead
C:\program files\fichiers communs\Apple
C:\program files\fichiers communs\ArcSoft
C:\program files\fichiers communs\AVSMedia
C:\program files\fichiers communs\BOONTY Shared
C:\program files\fichiers communs\Borland Shared
C:\program files\fichiers communs\FDEUnInstaller.exe
C:\program files\fichiers communs\France Telecom
C:\program files\fichiers communs\InstallShield
C:\program files\fichiers communs\Java
C:\program files\fichiers communs\Macrovision Shared
C:\program files\fichiers communs\Microsoft Shared
C:\program files\fichiers communs\MSSoap
C:\program files\fichiers communs\Nero
C:\program files\fichiers communs\Nullsoft
C:\program files\fichiers communs\ODBC
C:\program files\fichiers communs\PCCamera
C:\program files\fichiers communs\Real
C:\program files\fichiers communs\Services
C:\program files\fichiers communs\SpeechEngines
C:\program files\fichiers communs\Symantec Shared
C:\program files\fichiers communs\System
C:\program files\fichiers communs\xing shared
----------------------[ Recherche dans le Registre ]----------------------
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
-----------------[ Recherche de Fichiers - Dossiers Lop ]-----------------
C:\Documents and settings\Messaouda\Cookies\messaouda@advertstream[1].txt
C:\Documents and settings\momo\Cookies\momo@advertstream[1].txt
C:\Documents and settings\momo\Cookies\momo@sharpadverts[1].txt
C:\WINDOWS\tasks\B1DECA8A918579A6.job
--------------------[ Vérification du fichier Hosts ]---------------------
Fichier Hosts : Propre
--------------[ Recherche de fichiers cachés avec Catchme ]---------------
catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-11-23 21:17:45
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden services & system hive ...
scanning hidden files ...
scan completed successfully
hidden files: 0
--------------------[ Recherche d'autres infections ]---------------------
Aucune autre infection trouvée !
--------------------[ Fin du rapport à 21:18:33,73 ]----------------------
ok
vous avez supprimé la session de Salima?
~Lance Hijackthis “Do a system scan only”.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.
O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O4 - HKUS\S-1-5-21-2618008700-2400621796-1866692630-1007\..\Run: [Time Wait] C:\DOCUME~1\Salima\APPLIC~1\ThisMix\Hideeggsrule.exe (User 'Salima')
O4 - HKUS\S-1-5-21-2618008700-2400621796-1866692630-1007\..\Run: [Instant Access] C:\WINDOWS\system32\inetmodl.exe /run (User 'Salima')
Clique sur Fix checked (en bas à gauche)
Sélectionne TOUS les emplacements en gras ci-dessous :
:\WINDOWS\system32\inetmodl.exe
C:\WINDOWS\tasks\B1DECA8A918579A6.job
C:\Documents and settings\Salima\Application Data\ThisMix
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
vous avez supprimé la session de Salima?
~Lance Hijackthis “Do a system scan only”.
Coche les lignes qui suivent si encore présentes et uniquement celles-là.
O3 - Toolbar: (no name) - {11A69AE4-FBED-4832-A2BF-45AF82825583} - (no file)
O4 - HKUS\S-1-5-21-2618008700-2400621796-1866692630-1007\..\Run: [Time Wait] C:\DOCUME~1\Salima\APPLIC~1\ThisMix\Hideeggsrule.exe (User 'Salima')
O4 - HKUS\S-1-5-21-2618008700-2400621796-1866692630-1007\..\Run: [Instant Access] C:\WINDOWS\system32\inetmodl.exe /run (User 'Salima')
Clique sur Fix checked (en bas à gauche)
Sélectionne TOUS les emplacements en gras ci-dessous :
:\WINDOWS\system32\inetmodl.exe
C:\WINDOWS\tasks\B1DECA8A918579A6.job
C:\Documents and settings\Salima\Application Data\ThisMix
---> Clique-droit puis Copier (ou Ctrl+C)
Double-clique sur OTMoveIt.exe afin de le lancer.
Fais un Clique-droit sur le cadre de gauche puis choisis Coller (ou Ctrl+V).
Clique maintenant sur [#ff0000]MoveIt![/#f]
[#ff0000]Si un fichier ou dossier ne peut pas être supprimé immédiatement, le logiciel te demandera de redémarrer.
Accepte en cliquant sur YES.[/#f]
Poste le rapport situé dans ce dossier : C:\_OTMoveIt\MovedFiles\
Le nom du rapport correspond au moment de sa création : date_heure.log
->Informations sur le logiciel<-
bonjour
tu fais bien le scan avec IE?
sinon,
essaye chez panda
http://www.monaco-pro.com/cool-life/tuto/panda/tuto.htm
tu fais bien le scan avec IE?
sinon,
essaye chez panda
http://www.monaco-pro.com/cool-life/tuto/panda/tuto.htm
voici le rapport panda
;***********************************************************************************************************************************************************************************
ANALYSIS: 2007-11-25 16:16:06
PROTECTIONS: 1
MALWARE: 64
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Avira AntiVir PersonalEdition 7.0.1.4
Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00027660 adware/savenow Adware No 0 Yes No hkey_local_machine\software\classes\wusn.1
00027660 adware/savenow Adware No 0 Yes No hkey_classes_root\wusn.1
00032731 application/mywebsearch HackTools No 0 Yes No hkey_classes_root\clsid\{147a976f-eee1-4377-8ea7-4716e4cdd239}
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
00032731 application/mywebsearch HackTools No 0 Yes No hkey_classes_root\clsid\{9afb8248-617f-460d-9366-d71cdeda3179}
00032731 application/mywebsearch HackTools No 0 Yes No hkey_classes_root\clsid\{a4730ebe-43a6-443e-9776-36915d323ad3}
00032731 application/mywebsearch HackTools No 0 Yes No hkey_local_machine\software\mywebsearch
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3}
00032731 application/mywebsearch HackTools No 0 Yes No hkey_local_machine\software\focusinteractive
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D}
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
00096053 application/funweb HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
00096053 application/funweb HackTools No 0 Yes No hkey_local_machine\software\funwebproducts
00096053 application/funweb HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@trafficmp[2].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@casalemedia[2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@atdmt[2].txt
00139535 Application/Processor HackTools No 0 No No C:\Documents and Settings\Loubna\Bureau\SDFix.exe[SDFix\apps\Process.exe]
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Loubna\Bureau\Lop S&D\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Loubna\Bureau\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Loubna\Bureau\LopSD.zip[Lop S&D/Process.exe]
00139535 Application/Processor HackTools No 0 Yes No C:\Program Files\Navilog1\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469575.exe
00139535 Application/Processor HackTools No 0 Yes No C:\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP654\A0452433.exe
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469760.exe
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0466718.exe
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469463.exe
00139535 Application/Processor HackTools No 0 No No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469484.exe[SDFix\apps\Process.exe]
00145083 adware/mirar Adware No 1 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E}
00145083 adware/mirar Adware No 1 Yes No HKEY_CLASSES_ROOT\Interface\{54B287F9-FD90-4457-B65E-CB91560C021D}
00145083 adware/mirar Adware No 1 Yes No hkey_classes_root\clsid\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e}
00145083 adware/mirar Adware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}
00145083 adware/mirar Adware No 1 Yes No HKEY_CLASSES_ROOT\Interface\{6E4C7AFC-9915-4036-B7F9-8B3F1710788F}
00145083 adware/mirar Adware No 1 Yes No HKEY_CLASSES_ROOT\Interface\{1037B06C-84B7-4240-8D80-485810A0497D}
00145083 adware/mirar Adware No 1 Yes No HKEY_CLASSES_ROOT\TypeLib\{566DEDE9-9ED8-45DA-9BE6-9B2EEAB17F49}
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@tradedoubler[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@tradedoubler[1].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@tradedoubler[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@247realmedia[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@fastclick[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@fastclick[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@tribalfusion[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@mediaplex[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@mediaplex[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@mediaplex[1].txt
00147814 Cookie/AspinallsOnlineCasino TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@pacificpoker[1].txt
00147814 Cookie/AspinallsOnlineCasino TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@pacificpoker[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Application Data\Universalis V12\OMMozilla\Profiles\default\vdztg8cs.slt\cookies.txt[.xiti.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@xiti[1].txt
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@fe.lea.lycos[1].txt
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@fe.lea.lycos[1].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@azjmp[1].txt
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@perf.overture[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@ad.yieldmanager[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@ad.yieldmanager[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@apmebf[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@serving-sys[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@serving-sys[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@bs.serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@bs.serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@bs.serving-sys[2].txt
00168095 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@888[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@weborama[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@weborama[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@weborama[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@weborama[2].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@adtech[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@adtech[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@adtech[1].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@server.iad.liveperson[2].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@fl01.ct2.comclick[1].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@fl01.ct2.comclick[2].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@fl01.ct2.comclick[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@advertising[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@advertising[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@advertising[2].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@media.adrevolver[2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@ads.pointroll[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@overture[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@overture[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@overture[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@questionmarket[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@zedo[2].txt
00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@int.sitestat[2].txt
00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@int.sitestat[3].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@bluestreak[2].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@bluestreak[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@bluestreak[2].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@bluestreak[1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@adrevolver[1].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@adultfriendfinder[1].txt
00238695 Application/Pskill.K HackTools No 0 Yes No C:\Documents and Settings\Loubna\Bureau\clean\pskill.exe
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@atwola[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@smartadserver[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@smartadserver[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@smartadserver[2].txt
00296582 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@www.drivecleaner[2].txt
00296583 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@stats.drivecleaner[2].txt
00296584 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@drivecleaner[2].txt
00320978 Cookie/Winantivirus TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@winantivirus[1].txt
00351416 Cookie/Systemdoctor TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@systemdoctor[1].txt
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP601\A0396722.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP601\A0396684.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP599\A0395924.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP601\A0396736.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP601\A0396760.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP599\A0394921.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP592\A0385797.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP592\A0386798.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP592\A0386847.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP592\A0387827.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP596\A0393923.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP596\A0392921.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP593\A0387851.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP593\A0388828.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP596\A0391923.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP595\A0388897.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP595\A0388925.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP595\A0389923.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP595\A0390924.exe
00517584 Application/SuperFast HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0466720.exe
00517584 Application/SuperFast HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP654\A0452435.exe
00530383 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@go.drivecleaner[3].txt
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469418.exe[nircmd.exe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469418.exe[nircmd.cfexe]
01291402 Adware/NaviPromo Adware No 1 No No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP593\A0387843.exe[²ÜÇ\NSUtils.dll]
01299486 Application/VirusprotectPro HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP593\A0387838.exe
01645054 Application/VirusprotectPro HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP594\A0388859.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP665\A0460189.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0467330.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Salima\f.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0465625.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0465663.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0467317.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0466692.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\momo\f.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP654\A0452434.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Program Files\Navilog1\reboot.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0466719.exe
02555179 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP612\A0403120.exe
02568003 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP654\A0455385.exe
02572113 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP652\A0449392.exe
02634745 Application/Playmp3z HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP665\A0460190.exe
02642346 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\Trend Micro\HijackThis\backups\backup-20071121-091119-153.dll
02642346 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469784.dll
02642346 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469785.dll
02642478 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP652\A0448388.exe
02649837 Application/Playmp3z HackTools No 0 No No C:\Documents and Settings\momo\Local Settings\Temp\tem51.tmp.exe[PlayMP3.exe]
02649837 Application/Playmp3z HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0463340.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP658\A0458640.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0466854.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP658\A0456652.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP622\A0408618.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP590\A0382801.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\Program Files\Navilog1\Backupnavi\xkyiecn.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\Program Files\Navilog1\Backupnavi\obbgvi.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\Program Files\Navilog1\Backupnavi\iufxyh.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP658\A0458678.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\Program Files\Navilog1\Backupnavi\eauhvnblu.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469632.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469743.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469753.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469754.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469756.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469757.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469759.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\Program Files\Navilog1\Backupnavi\bjfnqetjh.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP661\A0459921.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469514.exe
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
;***********************************************************************************************************************************************************************************
ANALYSIS: 2007-11-25 16:16:06
PROTECTIONS: 1
MALWARE: 64
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Avira AntiVir PersonalEdition 7.0.1.4
Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00027660 adware/savenow Adware No 0 Yes No hkey_local_machine\software\classes\wusn.1
00027660 adware/savenow Adware No 0 Yes No hkey_classes_root\wusn.1
00032731 application/mywebsearch HackTools No 0 Yes No hkey_classes_root\clsid\{147a976f-eee1-4377-8ea7-4716e4cdd239}
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239}
00032731 application/mywebsearch HackTools No 0 Yes No hkey_classes_root\clsid\{9afb8248-617f-460d-9366-d71cdeda3179}
00032731 application/mywebsearch HackTools No 0 Yes No hkey_classes_root\clsid\{a4730ebe-43a6-443e-9776-36915d323ad3}
00032731 application/mywebsearch HackTools No 0 Yes No hkey_local_machine\software\mywebsearch
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{a4730ebe-43a6-443e-9776-36915d323ad3}
00032731 application/mywebsearch HackTools No 0 Yes No hkey_local_machine\software\focusinteractive
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44cf-8957-5838F569A31D}
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{9AFB8248-617F-460d-9366-D71CDEDA3179}
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
00032731 application/mywebsearch HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA}
00096053 application/funweb HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
00096053 application/funweb HackTools No 0 Yes No hkey_local_machine\software\funwebproducts
00096053 application/funweb HackTools No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
00139059 Cookie/Traffic Marketplace TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@trafficmp[2].txt
00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@casalemedia[2].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@doubleclick[1].txt
00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@doubleclick[1].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@atdmt[2].txt
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@atdmt[2].txt
00139535 Application/Processor HackTools No 0 No No C:\Documents and Settings\Loubna\Bureau\SDFix.exe[SDFix\apps\Process.exe]
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Loubna\Bureau\Lop S&D\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Loubna\Bureau\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\Documents and Settings\Loubna\Bureau\LopSD.zip[Lop S&D/Process.exe]
00139535 Application/Processor HackTools No 0 Yes No C:\Program Files\Navilog1\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469575.exe
00139535 Application/Processor HackTools No 0 Yes No C:\SDFix\apps\Process.exe
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP654\A0452433.exe
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469760.exe
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0466718.exe
00139535 Application/Processor HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469463.exe
00139535 Application/Processor HackTools No 0 No No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469484.exe[SDFix\apps\Process.exe]
00145083 adware/mirar Adware No 1 Yes No HKEY_LOCAL_MACHINE\software\classes\CLSID\{9A9C9B68-F908-4AAB-8D0C-10EA8997F37E}
00145083 adware/mirar Adware No 1 Yes No HKEY_CLASSES_ROOT\Interface\{54B287F9-FD90-4457-B65E-CB91560C021D}
00145083 adware/mirar Adware No 1 Yes No hkey_classes_root\clsid\{9a9c9b68-f908-4aab-8d0c-10ea8997f37e}
00145083 adware/mirar Adware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9A9C9B69-F908-4AAB-8D0C-10EA8997F37E}
00145083 adware/mirar Adware No 1 Yes No HKEY_CLASSES_ROOT\Interface\{6E4C7AFC-9915-4036-B7F9-8B3F1710788F}
00145083 adware/mirar Adware No 1 Yes No HKEY_CLASSES_ROOT\Interface\{1037B06C-84B7-4240-8D80-485810A0497D}
00145083 adware/mirar Adware No 1 Yes No HKEY_CLASSES_ROOT\TypeLib\{566DEDE9-9ED8-45DA-9BE6-9B2EEAB17F49}
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@tradedoubler[2].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@tradedoubler[1].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@tradedoubler[2].txt
00145405 Cookie/RealMedia TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@247realmedia[1].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@fastclick[2].txt
00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@fastclick[2].txt
00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@tribalfusion[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@mediaplex[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@mediaplex[1].txt
00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@mediaplex[1].txt
00147814 Cookie/AspinallsOnlineCasino TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@pacificpoker[1].txt
00147814 Cookie/AspinallsOnlineCasino TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@pacificpoker[2].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Application Data\Universalis V12\OMMozilla\Profiles\default\vdztg8cs.slt\cookies.txt[.xiti.com/]
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@xiti[1].txt
00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@xiti[1].txt
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@fe.lea.lycos[1].txt
00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@fe.lea.lycos[1].txt
00167747 Cookie/Azjmp TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@azjmp[1].txt
00168048 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@perf.overture[1].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@ad.yieldmanager[2].txt
00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@ad.yieldmanager[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@apmebf[1].txt
00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@apmebf[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@serving-sys[1].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@serving-sys[2].txt
00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@bs.serving-sys[2].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@bs.serving-sys[1].txt
00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@bs.serving-sys[2].txt
00168095 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@888[2].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@weborama[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@weborama[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@weborama[1].txt
00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@weborama[2].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@adtech[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@adtech[1].txt
00168109 Cookie/Adtech TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@adtech[1].txt
00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@server.iad.liveperson[2].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@fl01.ct2.comclick[1].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@fl01.ct2.comclick[2].txt
00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@fl01.ct2.comclick[1].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@advertising[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@advertising[2].txt
00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@advertising[2].txt
00169287 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@media.adrevolver[2].txt
00170495 Cookie/PointRoll TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@ads.pointroll[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@overture[2].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@overture[1].txt
00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@overture[2].txt
00171982 Cookie/QuestionMarket TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@questionmarket[2].txt
00172221 Cookie/Zedo TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@zedo[2].txt
00172483 Cookie/888 TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@int.sitestat[2].txt
00172484 Cookie/Cassava TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@int.sitestat[3].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@bluestreak[2].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@bluestreak[1].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@bluestreak[2].txt
00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@bluestreak[1].txt
00184846 Cookie/Adrevolver TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@adrevolver[1].txt
00191644 Cookie/adultfriendfinder TrackingCookie No 0 Yes No C:\Documents and Settings\Messaouda\Cookies\messaouda@adultfriendfinder[1].txt
00238695 Application/Pskill.K HackTools No 0 Yes No C:\Documents and Settings\Loubna\Bureau\clean\pskill.exe
00262020 Cookie/Atwola TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@atwola[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Salima\Cookies\salima@smartadserver[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@smartadserver[1].txt
00273339 Cookie/Smartadserver TrackingCookie No 0 Yes No C:\Documents and Settings\Loubna\Cookies\loubna@smartadserver[2].txt
00296582 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@www.drivecleaner[2].txt
00296583 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@stats.drivecleaner[2].txt
00296584 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@drivecleaner[2].txt
00320978 Cookie/Winantivirus TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@winantivirus[1].txt
00351416 Cookie/Systemdoctor TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@systemdoctor[1].txt
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP601\A0396722.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP601\A0396684.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP599\A0395924.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP601\A0396736.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP601\A0396760.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP599\A0394921.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP592\A0385797.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP592\A0386798.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP592\A0386847.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP592\A0387827.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP596\A0393923.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP596\A0392921.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP593\A0387851.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP593\A0388828.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP596\A0391923.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP595\A0388897.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP595\A0388925.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP595\A0389923.exe
00511607 Adware/PC-Prot Adware No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP595\A0390924.exe
00517584 Application/SuperFast HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0466720.exe
00517584 Application/SuperFast HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP654\A0452435.exe
00530383 Cookie/DriveCleaner TrackingCookie No 0 Yes No C:\Documents and Settings\momo\Cookies\momo@go.drivecleaner[3].txt
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469418.exe[nircmd.exe]
01262593 Application/NirCmd.A HackTools No 0 No No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469418.exe[nircmd.cfexe]
01291402 Adware/NaviPromo Adware No 1 No No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP593\A0387843.exe[²ÜÇ\NSUtils.dll]
01299486 Application/VirusprotectPro HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP593\A0387838.exe
01645054 Application/VirusprotectPro HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP594\A0388859.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP665\A0460189.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0467330.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\Salima\f.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0465625.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0465663.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0467317.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0466692.exe
02070830 Generic Malware Virus/Trojan No 0 Yes No C:\Documents and Settings\momo\f.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP654\A0452434.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\Program Files\Navilog1\reboot.exe
02197130 Trj/Rebooter.J Virus/Trojan No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0466719.exe
02555179 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP612\A0403120.exe
02568003 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP654\A0455385.exe
02572113 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP652\A0449392.exe
02634745 Application/Playmp3z HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP665\A0460190.exe
02642346 Generic Malware Virus/Trojan No 0 Yes No C:\Program Files\Trend Micro\HijackThis\backups\backup-20071121-091119-153.dll
02642346 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469784.dll
02642346 Generic Malware Virus/Trojan No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469785.dll
02642478 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP652\A0448388.exe
02649837 Application/Playmp3z HackTools No 0 No No C:\Documents and Settings\momo\Local Settings\Temp\tem51.tmp.exe[PlayMP3.exe]
02649837 Application/Playmp3z HackTools No 0 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0463340.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP658\A0458640.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP667\A0466854.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP658\A0456652.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP622\A0408618.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP590\A0382801.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\Program Files\Navilog1\Backupnavi\xkyiecn.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\Program Files\Navilog1\Backupnavi\obbgvi.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\Program Files\Navilog1\Backupnavi\iufxyh.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP658\A0458678.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\Program Files\Navilog1\Backupnavi\eauhvnblu.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469632.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469743.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469753.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469754.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469756.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469757.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469759.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\Program Files\Navilog1\Backupnavi\bjfnqetjh.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP661\A0459921.exe
02660997 Adware/NaviPromo Adware No 1 Yes No C:\System Volume Information\_restore{304D2AD8-90BA-4F09-BF12-4CDA4A6F0226}\RP671\A0469514.exe
;===================================================================================================================================================================================
SUSPECTS
Location
;===================================================================================================================================================================================
;===================================================================================================================================================================================
bonsoir
supprime:
C:\Documents and Settings\Salima\f.exe
C:\Documents and Settings\momo\Local Settings\Temp\tem51.tmp.exe
C:\Documents and Settings\momo\f.exe
~Télécharge CCleaner:
http://www.filehippo.com/download_ccleaner/
~Lors de l'installation décoche: "Ajouter la Barre d'Outils Yahoo! Ccleaner"
Clique sur le bouton nettoyeur, tu fais " lancer le nettoyage "
Clique sur le bouton erreurs, tu fais "chercher les erreurs ", puis "réparer les erreurs".
Tuto de CCleaner: (merci à Malekal) .
http://www.malekal.com/tutorial_CCleaner.html
reposte un log hijackthis stp
supprime:
C:\Documents and Settings\Salima\f.exe
C:\Documents and Settings\momo\Local Settings\Temp\tem51.tmp.exe
C:\Documents and Settings\momo\f.exe
~Télécharge CCleaner:
http://www.filehippo.com/download_ccleaner/
~Lors de l'installation décoche: "Ajouter la Barre d'Outils Yahoo! Ccleaner"
Clique sur le bouton nettoyeur, tu fais " lancer le nettoyage "
Clique sur le bouton erreurs, tu fais "chercher les erreurs ", puis "réparer les erreurs".
Tuto de CCleaner: (merci à Malekal) .
http://www.malekal.com/tutorial_CCleaner.html
reposte un log hijackthis stp
Lassé par la pub ? Créez un compte
- Contenus similaires :
- solutionsRésoluConexion limité avec le petite triangle jaune.
- ForumTriangle jaune
- ForumVirus avec un icône panneau jaune clignotant : Virus BUSTER
- ForumJai de la connection mais jai un petit triangle jaune en bas a droit je suis win
- ForumPoint d'Exclamation sur Triangle Jaune !
- ForumMon lecteur ne lis plus les CD (Help !) (triangle jaune) vista
- Forum[Résolu] Point d'exclamation avec triangle jaune
- Forumtriangle jaune?!
- ForumTriangle jaune avec point d'exclamation [ RESOLU ]
- ForumLe triangle jaune, le retour....
- Voir plus
