Pubs et awtqrqq & awvvw.dll [Résolu]
Dernière réponse : dans Sécurité
Bonjour à tous. Cela fait un bon moment que mon ordinateur est, je pense, infecté.
J'explique mon probleme:
En naviguant sur internet avec mozilla firefox, j'ai beaucoup de pop up qui s'ouvrent pour m'afficher des pubs (immobilier, la redoute, centre de sécurité windows ... ect ).
Aussi, mon antivirus (Nod32) me prévient souvent de deux infections, mais il n'arrive jamais à les supprimer :
J'ai aussi remarqué que le mode sans échec de mon PC ne fonctionne plus; apres avoir ouvert ma session, il affiche le bureau quelques secondes, les icones et la bare des taches disparaissent, il ne reste que l'écran noir avec écrit " Mode sans échec" dans chaque coin.
J'espere que vous pourrez m'aider.
Merci d'avance pour votre aide![:)]( ":)")
.
J'explique mon probleme:
En naviguant sur internet avec mozilla firefox, j'ai beaucoup de pop up qui s'ouvrent pour m'afficher des pubs (immobilier, la redoute, centre de sécurité windows ... ect ).
Aussi, mon antivirus (Nod32) me prévient souvent de deux infections, mais il n'arrive jamais à les supprimer :
J'ai aussi remarqué que le mode sans échec de mon PC ne fonctionne plus; apres avoir ouvert ma session, il affiche le bureau quelques secondes, les icones et la bare des taches disparaissent, il ne reste que l'écran noir avec écrit " Mode sans échec" dans chaque coin.
J'espere que vous pourrez m'aider.
Merci d'avance pour votre aide
. Autres pages sur : pubs awtqrqq awvvw dll resolu
Lassé par la pub ? Créez un compte
Salut, merci beaucoup pour ton aide ![:)]( ":)")
Voila mon rapport HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:51:26, on 01/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\ESET\nod32kui.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk.disabled
O4 - Global Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Loïc\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Ra...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O22 - SharedTaskScheduler: z - {9794859F-875B-40F3-842F-3DBEE5680101} - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\psevwdff.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
--
End of file - 9396 bytes
Voila mon rapport HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:51:26, on 01/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\ESET\nod32kui.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://recherche.neuf.fr/ie/default.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://recherche.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://recherche.neuf.fr/ie/default.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk.disabled
O4 - Global Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Loïc\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Ra...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O22 - SharedTaskScheduler: z - {9794859F-875B-40F3-842F-3DBEE5680101} - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: DomainService - Unknown owner - C:\WINDOWS\system32\psevwdff.exe (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
--
End of file - 9396 bytes
Re,
Infection Vundo :
Fais ces manips dans l’ordre :
1/ Télécharge VundoFix.exe :
Double-clique VundoFix.exe .
Clique sur Scan for Vundo.
Lorsque le scan est complété, clique sur le bouton Remove Vundo.
Ensuite clique sur YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
Tu auras un message comme quoi l’ordinateur va s’éteindre, fais ok
Poste le rapport qui se trouve dans C:\vundofix.txt
2/ Télécharge Combofix (par sUBs) sur ton Bureau. (Tuto)
Double clique combofix.exe.
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
Le rapport se trouve ici : C:\Combofix.txt
3/ Poste un nouveau rapport HiJackThis (en ayant renommé HiJackthis.exe en scanner.exe)
Infection Vundo :
Fais ces manips dans l’ordre :
1/ Télécharge VundoFix.exe :
Double-clique VundoFix.exe .
Clique sur Scan for Vundo.
Lorsque le scan est complété, clique sur le bouton Remove Vundo.
Ensuite clique sur YES
Après avoir cliqué "Yes", le Bureau disparaîtra un moment lors de la suppression des fichiers.
Tu auras un message comme quoi l’ordinateur va s’éteindre, fais ok
Poste le rapport qui se trouve dans C:\vundofix.txt
2/ Télécharge Combofix (par sUBs) sur ton Bureau. (Tuto)
Double clique combofix.exe.
Tape sur la touche 1 (Yes) pour démarrer le scan.
Lorsque le scan sera complété, un rapport apparaîtra. Poste ce rapport dans ta prochaine réponse.
Le rapport se trouve ici : C:\Combofix.txt
3/ Poste un nouveau rapport HiJackThis (en ayant renommé HiJackthis.exe en scanner.exe)
Re,
Voici les trois rapports que tu m'as demandé :
Rapport VundoFix:
Rapport Combofix:
Rapport HijackThis:
Voici les trois rapports que tu m'as demandé :
Rapport VundoFix:
Rapport Combofix:
Rapport HijackThis:
Re,
Relance HiJackThis, do a system scan only, coche ces lignes :
Puis Fix Checked !
Puis refais un scan combofix, poste le rapport.
Relance HiJackThis, do a system scan only, coche ces lignes :
# O2 - BHO: (no name) - {0BE01085-B26D-4F83-8B23-E269C00895F4} - C:\WINDOWS\system32\uayeaflv.dll (file missing)
# O2 - BHO: (no name) - {11C3004B-1C61-4A14-B43D-870FA5DE49E3} - C:\WINDOWS\system32\mllml.dll (file missing)
# O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
# O2 - BHO: (no name) - {8B637DAB-09C1-4509-9C41-B7DEFE0EF726} - C:\WINDOWS\system32\wvurroo.dll (file missing)
# O2 - BHO: (no name) - {9794859F-875B-40F3-842F-3DBEE5680101} - (no file)
# O2 - BHO: (no name) - {99EB758D-F83E-411B-B831-B1BE84EF9ECF} - C:\WINDOWS\system32\mllml.dll (file missing)
# O2 - BHO: (no name) - {B2DAA879-74EB-43A9-8867-033A6DBA2367} - C:\WINDOWS\system32\uayeaflv.dll (file missing)
# O2 - BHO: (no name) - {DFE8772C-312C-49EC-9A7B-A9E4BB789A6F} - C:\WINDOWS\system32\awvvw.dll (file missing)
# O2 - BHO: (no name) - {E108FE29-5684-44FB-896A-443374608B8B} - C:\WINDOWS\system32\awvvw.dll (file missing)
# O2 - BHO: (no name) - {EBB99DBB-9896-4EB0-BC56-844412E8B29d} - C:\WINDOWS\system32\uayeaflv.dll (file missing)
# O20 - Winlogon Notify: ddccy - C:\WINDOWS\system32\ddccy.dll (file missing)
# O20 - Winlogon Notify: ddcyw - C:\WINDOWS\system32\ddcyw.dll (file missing)
# O20 - Winlogon Notify: gebyw - C:\WINDOWS\system32\gebyw.dll (file missing)
# O20 - Winlogon Notify: gebyy - C:\WINDOWS\system32\gebyy.dll (file missing)
# O20 - Winlogon Notify: geebb - C:\WINDOWS\system32\geebb.dll (file missing)
# O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll (file missing)
# O20 - Winlogon Notify: jkkjg - C:\WINDOWS\system32\jkkjg.dll (file missing)
# O20 - Winlogon Notify: jkkjk - C:\WINDOWS\system32\jkkjk.dll (file missing)
# O20 - Winlogon Notify: jkklk - C:\WINDOWS\system32\jkklk.dll (file missing)
# O20 - Winlogon Notify: mljge - C:\WINDOWS\system32\mljge.dll (file missing)
# O20 - Winlogon Notify: mljgf - C:\WINDOWS\system32\mljgf.dll (file missing)
# O20 - Winlogon Notify: mljjh - C:\WINDOWS\system32\mljjh.dll (file missing)
# O20 - Winlogon Notify: mlljg - C:\WINDOWS\system32\mlljg.dll (file missing)
# O20 - Winlogon Notify: mllji - C:\WINDOWS\system32\mllji.dll (file missing)
# O20 - Winlogon Notify: mlljj - C:\WINDOWS\system32\mlljj.dll (file missing)
# O20 - Winlogon Notify: mllml - C:\WINDOWS\system32\mllml.dll (file missing)
# O20 - Winlogon Notify: pmkhh - C:\WINDOWS\system32\pmkhh.dll (file missing)
# O20 - Winlogon Notify: pmkjh - C:\WINDOWS\system32\pmkjh.dll (file missing)
# O20 - Winlogon Notify: pmnli - C:\WINDOWS\system32\pmnli.dll (file missing)
# O20 - Winlogon Notify: ssqpm - C:\WINDOWS\system32\ssqpm.dll (file missing)
# O20 - Winlogon Notify: ssqrs - C:\WINDOWS\system32\ssqrs.dll (file missing)
# O20 - Winlogon Notify: sstqn - C:\WINDOWS\system32\sstqn.dll (file missing)
# O20 - Winlogon Notify: sstqp - C:\WINDOWS\system32\sstqp.dll (file missing)
# O20 - Winlogon Notify: sstqr - C:\WINDOWS\system32\sstqr.dll (file missing)
# O20 - Winlogon Notify: ssttu - C:\WINDOWS\system32\ssttu.dll (file missing)
# O20 - Winlogon Notify: vtsts - C:\WINDOWS\system32\vtsts.dll (file missing)
# O20 - Winlogon Notify: vturo - C:\WINDOWS\system32\vturo.dll (file missing)
# O20 - Winlogon Notify: vtutr - C:\WINDOWS\system32\vtutr.dll (file missing)
# O20 - Winlogon Notify: winzbd32 - winzbd32.dll (file missing)
# O22 - SharedTaskScheduler: z - {9794859F-875B-40F3-842F-3DBEE5680101} - (no file)
# O2 - BHO: (no name) - {11C3004B-1C61-4A14-B43D-870FA5DE49E3} - C:\WINDOWS\system32\mllml.dll (file missing)
# O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
# O2 - BHO: (no name) - {8B637DAB-09C1-4509-9C41-B7DEFE0EF726} - C:\WINDOWS\system32\wvurroo.dll (file missing)
# O2 - BHO: (no name) - {9794859F-875B-40F3-842F-3DBEE5680101} - (no file)
# O2 - BHO: (no name) - {99EB758D-F83E-411B-B831-B1BE84EF9ECF} - C:\WINDOWS\system32\mllml.dll (file missing)
# O2 - BHO: (no name) - {B2DAA879-74EB-43A9-8867-033A6DBA2367} - C:\WINDOWS\system32\uayeaflv.dll (file missing)
# O2 - BHO: (no name) - {DFE8772C-312C-49EC-9A7B-A9E4BB789A6F} - C:\WINDOWS\system32\awvvw.dll (file missing)
# O2 - BHO: (no name) - {E108FE29-5684-44FB-896A-443374608B8B} - C:\WINDOWS\system32\awvvw.dll (file missing)
# O2 - BHO: (no name) - {EBB99DBB-9896-4EB0-BC56-844412E8B29d} - C:\WINDOWS\system32\uayeaflv.dll (file missing)
# O20 - Winlogon Notify: ddccy - C:\WINDOWS\system32\ddccy.dll (file missing)
# O20 - Winlogon Notify: ddcyw - C:\WINDOWS\system32\ddcyw.dll (file missing)
# O20 - Winlogon Notify: gebyw - C:\WINDOWS\system32\gebyw.dll (file missing)
# O20 - Winlogon Notify: gebyy - C:\WINDOWS\system32\gebyy.dll (file missing)
# O20 - Winlogon Notify: geebb - C:\WINDOWS\system32\geebb.dll (file missing)
# O20 - Winlogon Notify: jkhhf - C:\WINDOWS\system32\jkhhf.dll (file missing)
# O20 - Winlogon Notify: jkkjg - C:\WINDOWS\system32\jkkjg.dll (file missing)
# O20 - Winlogon Notify: jkkjk - C:\WINDOWS\system32\jkkjk.dll (file missing)
# O20 - Winlogon Notify: jkklk - C:\WINDOWS\system32\jkklk.dll (file missing)
# O20 - Winlogon Notify: mljge - C:\WINDOWS\system32\mljge.dll (file missing)
# O20 - Winlogon Notify: mljgf - C:\WINDOWS\system32\mljgf.dll (file missing)
# O20 - Winlogon Notify: mljjh - C:\WINDOWS\system32\mljjh.dll (file missing)
# O20 - Winlogon Notify: mlljg - C:\WINDOWS\system32\mlljg.dll (file missing)
# O20 - Winlogon Notify: mllji - C:\WINDOWS\system32\mllji.dll (file missing)
# O20 - Winlogon Notify: mlljj - C:\WINDOWS\system32\mlljj.dll (file missing)
# O20 - Winlogon Notify: mllml - C:\WINDOWS\system32\mllml.dll (file missing)
# O20 - Winlogon Notify: pmkhh - C:\WINDOWS\system32\pmkhh.dll (file missing)
# O20 - Winlogon Notify: pmkjh - C:\WINDOWS\system32\pmkjh.dll (file missing)
# O20 - Winlogon Notify: pmnli - C:\WINDOWS\system32\pmnli.dll (file missing)
# O20 - Winlogon Notify: ssqpm - C:\WINDOWS\system32\ssqpm.dll (file missing)
# O20 - Winlogon Notify: ssqrs - C:\WINDOWS\system32\ssqrs.dll (file missing)
# O20 - Winlogon Notify: sstqn - C:\WINDOWS\system32\sstqn.dll (file missing)
# O20 - Winlogon Notify: sstqp - C:\WINDOWS\system32\sstqp.dll (file missing)
# O20 - Winlogon Notify: sstqr - C:\WINDOWS\system32\sstqr.dll (file missing)
# O20 - Winlogon Notify: ssttu - C:\WINDOWS\system32\ssttu.dll (file missing)
# O20 - Winlogon Notify: vtsts - C:\WINDOWS\system32\vtsts.dll (file missing)
# O20 - Winlogon Notify: vturo - C:\WINDOWS\system32\vturo.dll (file missing)
# O20 - Winlogon Notify: vtutr - C:\WINDOWS\system32\vtutr.dll (file missing)
# O20 - Winlogon Notify: winzbd32 - winzbd32.dll (file missing)
# O22 - SharedTaskScheduler: z - {9794859F-875B-40F3-842F-3DBEE5680101} - (no file)
Puis Fix Checked !
Puis refais un scan combofix, poste le rapport.
Salut,
Voici le rapport Combofix:
Voici le rapport Combofix:
ComboFix 07-12-02.4 - Loïc 2007-12-02 8:46:01.2 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.409 [GMT 1:00]
Running from: C:\Documents and Settings\Loïc\Bureau\ComboFix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-02 to 2007-12-02 ))))))))))))))))))))))))))))))))))))
.
2007-12-02 00:35 . <REP> C:\Documents and Settings\Eric 2007-12-02 00:35 <REP> ValÚrie\Local Settings
2007-12-01 18:50 . 2007-12-01 18:50 <REP> d-------- C:\Program Files\Trend Micro
2007-11-28 15:42 . 2007-11-28 15:59 <REP> d-------- C:\Program Files\The All-Seeing Eye
2007-11-27 18:45 . 2007-11-27 18:46 <REP> d-------- C:\Program Files\Windows Live
2007-11-25 14:49 . 2007-11-25 14:49 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-25 06:52 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-25 06:52 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-25 06:52 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-11-24 20:26 . 2007-11-24 20:29 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-24 20:26 . 2007-11-27 19:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-22 08:24 . 2007-11-22 08:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-20 00:09 . 2007-11-20 00:09 <REP> d-------- C:\Program Files\mnProjects
2007-11-18 16:52 . 2007-11-28 14:44 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-11-18 16:52 . 2007-11-18 16:52 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-11-18 16:52 . 2007-11-28 14:44 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-18 16:00 . 2007-11-25 08:52 <REP> d-------- C:\Program Files\Wolfenstein - Enemy Territory
2007-11-17 11:35 . 2007-11-18 18:41 <REP> d-------- C:\Program Files\NCSoft
2007-11-17 11:35 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-11-14 07:08 . 2007-11-14 07:08 118 --a------ C:\WINDOWS\system32\MRT.INI
2007-11-05 18:09 . 2007-11-05 18:45 <REP> d-------- C:\Program Files\Perfect World
2007-11-05 18:07 . 2007-11-05 17:38 258,352 --a------ C:\WINDOWS\system32\unicows.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-01 21:31 --------- d-----w C:\Program Files\eMule
2007-11-24 18:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-11-19 07:20 --------- d-----w C:\Program Files\Crawler
2007-11-18 17:44 --------- d-----w C:\Program Files\vanBasco's Karaoke Player
2007-11-18 17:44 --------- d-----w C:\Program Files\TrackMania Nations ESWC
2007-11-18 17:44 --------- d-----w C:\Program Files\StuffPlug3
2007-11-18 17:44 --------- d-----w C:\Program Files\LimeWire
2007-11-18 17:44 --------- d-----w C:\Program Files\Heroes Ragnarok
2007-11-18 17:44 --------- d-----w C:\Program Files\FrenchOtto
2007-11-18 17:44 --------- d-----w C:\Program Files\FaxTools
2007-11-18 17:44 --------- d-----w C:\Program Files\DivX
2007-11-18 17:44 --------- d-----w C:\Program Files\Beneton Movie GIF
2007-11-18 17:41 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-18 17:39 --------- d-----w C:\Program Files\Jasc Software Inc
2007-10-23 10:29 --------- d-----w C:\Program Files\Net Pro Anti-Popup
2007-10-22 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
2007-10-22 17:08 --------- d-----w C:\Program Files\Microsoft
2007-10-21 15:20 --------- d-----w C:\Program Files\Red Kawa
2007-10-21 14:23 --------- d-----w C:\Documents and Settings\Loïc\Application Data\Radios Media Player
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-09-28 16:08 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-09-28 16:07 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-09-28 16:07 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-09-28 16:07 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-09-28 16:07 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-09-28 16:07 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-09-28 16:07 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-09-28 16:07 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-09-28 16:05 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-09-28 16:05 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-09-28 16:05 739,840 ----a-w C:\WINDOWS\system32\DivX.dll
2007-09-28 16:05 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-09-28 16:05 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-09-28 16:05 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-09-28 16:05 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-09-28 16:05 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-09-28 16:05 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-03-14 21:06 583 ----a-w C:\Documents and Settings\Loïc\clean.reg
2007-03-14 21:06 583 ----a-w C:\Documents and Settings\Loïc\clean.reg
2007-02-18 19:45 3,992,288 ----a-w C:\Documents and Settings\Loïc\TRACE_BOOT+DRIVERS_1_1.BIN
2007-02-18 19:45 3,992,288 ----a-w C:\Documents and Settings\Loïc\TRACE_BOOT+DRIVERS_1_1.BIN
2006-12-09 22:54 251 ----a-w C:\Program Files\wt3d.ini
2007-07-26 08:13 6,486 --sh--w C:\WINDOWS\system32\bbeeg.bak1
2007-04-29 11:49 538,529 --sh--w C:\WINDOWS\system32\egjlm.bak1
2007-07-12 06:38 505,697 --sh--w C:\WINDOWS\system32\egjlm.bak2
2007-07-18 17:14 557,212 --sh--w C:\WINDOWS\system32\egjlm.ini2
2007-07-19 08:06 6,545 --sh--w C:\WINDOWS\system32\fgjlm.bak1
2007-07-25 14:32 6,526 --sh--w C:\WINDOWS\system32\fgjlm.bak2
2007-07-27 09:45 6,655 --sh--w C:\WINDOWS\system32\fgjlm.ini2
2007-07-31 08:36 6,486 --sh--w C:\WINDOWS\system32\fhhkj.bak1
2007-07-14 17:30 6,362 --sh--w C:\WINDOWS\system32\gjkkj.bak1
2007-07-19 13:32 6,362 --sh--w C:\WINDOWS\system32\gjllm.bak1
2007-07-12 17:45 6,362 --sh--w C:\WINDOWS\system32\hjjlm.bak1
2007-07-20 11:14 6,362 --sh--w C:\WINDOWS\system32\hjkmp.bak1
2007-07-20 05:56 6,362 --sh--w C:\WINDOWS\system32\ijllm.bak1
2007-07-13 16:02 6,362 --sh--w C:\WINDOWS\system32\ilnmp.bak1
2007-07-15 17:38 6,710 --sh--w C:\WINDOWS\system32\ilnmp.bak2
2007-07-11 07:48 6,497 --sh--w C:\WINDOWS\system32\jjllm.bak1
2007-07-13 09:59 6,402 --sh--w C:\WINDOWS\system32\jjllm.bak2
2007-07-30 17:16 6,486 --sh--w C:\WINDOWS\system32\kjkkj.bak1
2007-07-13 11:53 6,362 --sh--w C:\WINDOWS\system32\klkkj.bak1
2007-07-25 18:35 6,526 --sh--w C:\WINDOWS\system32\mpqss.bak1
2007-07-12 18:19 6,482 --sh--w C:\WINDOWS\system32\nqtss.bak1
2007-07-30 18:49 6,486 --sh--w C:\WINDOWS\system32\orutv.bak1
2007-07-13 08:52 6,362 --sh--w C:\WINDOWS\system32\pqtss.bak1
2007-07-16 07:46 6,362 --sh--w C:\WINDOWS\system32\rqtss.bak1
2007-07-17 22:08 6,362 --sh--w C:\WINDOWS\system32\rtutv.bak1
2007-07-20 08:06 6,362 --sh--w C:\WINDOWS\system32\srqss.bak1
2007-07-10 10:30 6,547 --sh--w C:\WINDOWS\system32\ststv.bak1
2007-07-31 08:25 6,486 --sh--w C:\WINDOWS\system32\uttss.bak1
2007-07-18 07:50 6,568 --sh--w C:\WINDOWS\system32\wybeg.bak1
2007-07-23 20:48 6,486 --sh--w C:\WINDOWS\system32\wybeg.bak2
2007-07-18 20:58 6,406 --sh--w C:\WINDOWS\system32\wycdd.bak1
2007-07-22 08:59 6,526 --sh--w C:\WINDOWS\system32\wycdd.bak2
2007-07-28 11:15 6,486 --sh--w C:\WINDOWS\system32\yccdd.bak1
2007-07-26 20:50 6,486 --sh--w C:\WINDOWS\system32\yybeg.bak1
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-11-06 15:03]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 08:27]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-10 21:00 C:\WINDOWS\system32\rundll32.exe]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-12-05 20:46]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 15:57]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" []
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00]
C:\Documents and Settings\Lo‹c\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
NOD32 Control Center.lnk - C:\Program Files\ESET\nod32kui.exe [2006-12-05 19:57:00]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 19:25:14]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 03:44:06]
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-01-20 12:53:32]
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2006-12-05 17:35:07]
Microsoft Office.lnk.disabled [2007-02-19 09:59:44]
NOD32 Control Center.lnk - C:\Program Files\ESET\nod32kui.exe [2006-12-05 19:57:00]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-02-23 22:23:49]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\j4241531]
rundll32 C:\WINDOWS\system32\j4241531.dll sook
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\setup]
rundll32.exe C:\WINDOWS\system32\vlobmjpy.dll,realset
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"GPLv3"=rundll32.exe "C:\WINDOWS\system32\xocfstys.dll",realset
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
R1 fwdrv;Kerio Personal Firewall Driver;C:\WINDOWS\system32\Drivers\fwdrv.sys
S2 Ca533av;Icatch(IV) Video Camera Device;C:\WINDOWS\system32\Drivers\Ca533av.sys
S3 int15.sys;int15.sys;\??\C:\Acer\Empowering Technology\eRecovery\int15.sys
S3 psdfilter;psdfilter;\??\C:\WINDOWS\system32\Drivers\psdfilter.sys
S3 psdvdisk;psdvdisk;\??\C:\WINDOWS\system32\Drivers\psdvdisk.sys
S3 USBCamera;Icatch(IV) Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk533.sys
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-07 09:03:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-02 08:47:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-02 8:48:38
C:\ComboFix2.txt ... 2007-12-02 00:35
.
--- E O F ---
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.409 [GMT 1:00]
Running from: C:\Documents and Settings\Loïc\Bureau\ComboFix.exe
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-02 to 2007-12-02 ))))))))))))))))))))))))))))))))))))
.
2007-12-02 00:35 . <REP> C:\Documents and Settings\Eric 2007-12-02 00:35 <REP> ValÚrie\Local Settings
2007-12-01 18:50 . 2007-12-01 18:50 <REP> d-------- C:\Program Files\Trend Micro
2007-11-28 15:42 . 2007-11-28 15:59 <REP> d-------- C:\Program Files\The All-Seeing Eye
2007-11-27 18:45 . 2007-11-27 18:46 <REP> d-------- C:\Program Files\Windows Live
2007-11-25 14:49 . 2007-11-25 14:49 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-25 06:52 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-25 06:52 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-25 06:52 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-11-24 20:26 . 2007-11-24 20:29 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-24 20:26 . 2007-11-27 19:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-22 08:24 . 2007-11-22 08:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-20 00:09 . 2007-11-20 00:09 <REP> d-------- C:\Program Files\mnProjects
2007-11-18 16:52 . 2007-11-28 14:44 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-11-18 16:52 . 2007-11-18 16:52 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-11-18 16:52 . 2007-11-28 14:44 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-18 16:00 . 2007-11-25 08:52 <REP> d-------- C:\Program Files\Wolfenstein - Enemy Territory
2007-11-17 11:35 . 2007-11-18 18:41 <REP> d-------- C:\Program Files\NCSoft
2007-11-17 11:35 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-11-14 07:08 . 2007-11-14 07:08 118 --a------ C:\WINDOWS\system32\MRT.INI
2007-11-05 18:09 . 2007-11-05 18:45 <REP> d-------- C:\Program Files\Perfect World
2007-11-05 18:07 . 2007-11-05 17:38 258,352 --a------ C:\WINDOWS\system32\unicows.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-01 21:31 --------- d-----w C:\Program Files\eMule
2007-11-24 18:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-11-19 07:20 --------- d-----w C:\Program Files\Crawler
2007-11-18 17:44 --------- d-----w C:\Program Files\vanBasco's Karaoke Player
2007-11-18 17:44 --------- d-----w C:\Program Files\TrackMania Nations ESWC
2007-11-18 17:44 --------- d-----w C:\Program Files\StuffPlug3
2007-11-18 17:44 --------- d-----w C:\Program Files\LimeWire
2007-11-18 17:44 --------- d-----w C:\Program Files\Heroes Ragnarok
2007-11-18 17:44 --------- d-----w C:\Program Files\FrenchOtto
2007-11-18 17:44 --------- d-----w C:\Program Files\FaxTools
2007-11-18 17:44 --------- d-----w C:\Program Files\DivX
2007-11-18 17:44 --------- d-----w C:\Program Files\Beneton Movie GIF
2007-11-18 17:41 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-18 17:39 --------- d-----w C:\Program Files\Jasc Software Inc
2007-10-23 10:29 --------- d-----w C:\Program Files\Net Pro Anti-Popup
2007-10-22 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
2007-10-22 17:08 --------- d-----w C:\Program Files\Microsoft
2007-10-21 15:20 --------- d-----w C:\Program Files\Red Kawa
2007-10-21 14:23 --------- d-----w C:\Documents and Settings\Loïc\Application Data\Radios Media Player
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-09-28 16:08 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-09-28 16:07 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-09-28 16:07 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-09-28 16:07 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-09-28 16:07 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-09-28 16:07 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-09-28 16:07 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-09-28 16:07 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-09-28 16:05 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-09-28 16:05 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-09-28 16:05 739,840 ----a-w C:\WINDOWS\system32\DivX.dll
2007-09-28 16:05 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-09-28 16:05 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-09-28 16:05 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-09-28 16:05 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-09-28 16:05 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-09-28 16:05 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-03-14 21:06 583 ----a-w C:\Documents and Settings\Loïc\clean.reg
2007-03-14 21:06 583 ----a-w C:\Documents and Settings\Loïc\clean.reg
2007-02-18 19:45 3,992,288 ----a-w C:\Documents and Settings\Loïc\TRACE_BOOT+DRIVERS_1_1.BIN
2007-02-18 19:45 3,992,288 ----a-w C:\Documents and Settings\Loïc\TRACE_BOOT+DRIVERS_1_1.BIN
2006-12-09 22:54 251 ----a-w C:\Program Files\wt3d.ini
2007-07-26 08:13 6,486 --sh--w C:\WINDOWS\system32\bbeeg.bak1
2007-04-29 11:49 538,529 --sh--w C:\WINDOWS\system32\egjlm.bak1
2007-07-12 06:38 505,697 --sh--w C:\WINDOWS\system32\egjlm.bak2
2007-07-18 17:14 557,212 --sh--w C:\WINDOWS\system32\egjlm.ini2
2007-07-19 08:06 6,545 --sh--w C:\WINDOWS\system32\fgjlm.bak1
2007-07-25 14:32 6,526 --sh--w C:\WINDOWS\system32\fgjlm.bak2
2007-07-27 09:45 6,655 --sh--w C:\WINDOWS\system32\fgjlm.ini2
2007-07-31 08:36 6,486 --sh--w C:\WINDOWS\system32\fhhkj.bak1
2007-07-14 17:30 6,362 --sh--w C:\WINDOWS\system32\gjkkj.bak1
2007-07-19 13:32 6,362 --sh--w C:\WINDOWS\system32\gjllm.bak1
2007-07-12 17:45 6,362 --sh--w C:\WINDOWS\system32\hjjlm.bak1
2007-07-20 11:14 6,362 --sh--w C:\WINDOWS\system32\hjkmp.bak1
2007-07-20 05:56 6,362 --sh--w C:\WINDOWS\system32\ijllm.bak1
2007-07-13 16:02 6,362 --sh--w C:\WINDOWS\system32\ilnmp.bak1
2007-07-15 17:38 6,710 --sh--w C:\WINDOWS\system32\ilnmp.bak2
2007-07-11 07:48 6,497 --sh--w C:\WINDOWS\system32\jjllm.bak1
2007-07-13 09:59 6,402 --sh--w C:\WINDOWS\system32\jjllm.bak2
2007-07-30 17:16 6,486 --sh--w C:\WINDOWS\system32\kjkkj.bak1
2007-07-13 11:53 6,362 --sh--w C:\WINDOWS\system32\klkkj.bak1
2007-07-25 18:35 6,526 --sh--w C:\WINDOWS\system32\mpqss.bak1
2007-07-12 18:19 6,482 --sh--w C:\WINDOWS\system32\nqtss.bak1
2007-07-30 18:49 6,486 --sh--w C:\WINDOWS\system32\orutv.bak1
2007-07-13 08:52 6,362 --sh--w C:\WINDOWS\system32\pqtss.bak1
2007-07-16 07:46 6,362 --sh--w C:\WINDOWS\system32\rqtss.bak1
2007-07-17 22:08 6,362 --sh--w C:\WINDOWS\system32\rtutv.bak1
2007-07-20 08:06 6,362 --sh--w C:\WINDOWS\system32\srqss.bak1
2007-07-10 10:30 6,547 --sh--w C:\WINDOWS\system32\ststv.bak1
2007-07-31 08:25 6,486 --sh--w C:\WINDOWS\system32\uttss.bak1
2007-07-18 07:50 6,568 --sh--w C:\WINDOWS\system32\wybeg.bak1
2007-07-23 20:48 6,486 --sh--w C:\WINDOWS\system32\wybeg.bak2
2007-07-18 20:58 6,406 --sh--w C:\WINDOWS\system32\wycdd.bak1
2007-07-22 08:59 6,526 --sh--w C:\WINDOWS\system32\wycdd.bak2
2007-07-28 11:15 6,486 --sh--w C:\WINDOWS\system32\yccdd.bak1
2007-07-26 20:50 6,486 --sh--w C:\WINDOWS\system32\yybeg.bak1
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-11-06 15:03]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 08:27]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-10 21:00 C:\WINDOWS\system32\rundll32.exe]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-12-05 20:46]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 15:57]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" []
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00]
C:\Documents and Settings\Lo‹c\Menu D‚marrer\Programmes\D‚marrage\
Adobe Gamma.lnk - C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe [2005-03-16 19:16:50]
NOD32 Control Center.lnk - C:\Program Files\ESET\nod32kui.exe [2006-12-05 19:57:00]
C:\Documents and Settings\All Users\Menu D‚marrer\Programmes\D‚marrage\
Acer WLAN 11g USB Dongle.lnk - C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe [2005-11-16 19:25:14]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2004-12-14 03:44:06]
BlueSoleil.lnk - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-01-20 12:53:32]
DSLMON.lnk - C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2006-12-05 17:35:07]
Microsoft Office.lnk.disabled [2007-02-19 09:59:44]
NOD32 Control Center.lnk - C:\Program Files\ESET\nod32kui.exe [2006-12-05 19:57:00]
Outil de mise … jour Google.lnk - C:\Program Files\Google\Google Updater\GoogleUpdater.exe [2007-02-23 22:23:49]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\j4241531]
rundll32 C:\WINDOWS\system32\j4241531.dll sook
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\setup]
rundll32.exe C:\WINDOWS\system32\vlobmjpy.dll,realset
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"GPLv3"=rundll32.exe "C:\WINDOWS\system32\xocfstys.dll",realset
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
R1 fwdrv;Kerio Personal Firewall Driver;C:\WINDOWS\system32\Drivers\fwdrv.sys
S2 Ca533av;Icatch(IV) Video Camera Device;C:\WINDOWS\system32\Drivers\Ca533av.sys
S3 int15.sys;int15.sys;\??\C:\Acer\Empowering Technology\eRecovery\int15.sys
S3 psdfilter;psdfilter;\??\C:\WINDOWS\system32\Drivers\psdfilter.sys
S3 psdvdisk;psdvdisk;\??\C:\WINDOWS\system32\Drivers\psdvdisk.sys
S3 USBCamera;Icatch(IV) Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk533.sys
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-07 09:03:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-02 08:47:47
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-02 8:48:38
C:\ComboFix2.txt ... 2007-12-02 00:35
.
--- E O F ---
Bien, on attaque..
Télécharge ZebRestore
Dézippe-le. Ouvre le dossier, lance le en double cliquant sur l’exe.
Coche :
- Policies
Copie le texte se situant dans le cadre ci-dessous :
Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
![]()
Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.
Télécharge ZebRestore
Dézippe-le. Ouvre le dossier, lance le en double cliquant sur l’exe.
Coche :
- Policies
Copie le texte se situant dans le cadre ci-dessous :
File::
C:\WINDOWS\system32\xocfstys.dll
C:\WINDOWS\system32\vlobmjpy.dll
C:\WINDOWS\system32\j4241531.dll
C:\Program Files\wt3d.ini
C:\WINDOWS\system32\bbeeg.bak1
C:\WINDOWS\system32\egjlm.bak1
C:\WINDOWS\system32\egjlm.bak2
C:\WINDOWS\system32\egjlm.ini2
C:\WINDOWS\system32\fgjlm.bak1
C:\WINDOWS\system32\fgjlm.bak2
C:\WINDOWS\system32\fgjlm.ini2
C:\WINDOWS\system32\fhhkj.bak1
C:\WINDOWS\system32\gjkkj.bak1
C:\WINDOWS\system32\gjllm.bak1
C:\WINDOWS\system32\hjjlm.bak1
C:\WINDOWS\system32\hjkmp.bak1
C:\WINDOWS\system32\ijllm.bak1
C:\WINDOWS\system32\ilnmp.bak1
C:\WINDOWS\system32\ilnmp.bak2
C:\WINDOWS\system32\jjllm.bak1
C:\WINDOWS\system32\jjllm.bak2
C:\WINDOWS\system32\kjkkj.bak1
C:\WINDOWS\system32\klkkj.bak1
C:\WINDOWS\system32\mpqss.bak1
C:\WINDOWS\system32\nqtss.bak1
C:\WINDOWS\system32\orutv.bak1
C:\WINDOWS\system32\pqtss.bak1
C:\WINDOWS\system32\rqtss.bak1
C:\WINDOWS\system32\rtutv.bak1
C:\WINDOWS\system32\srqss.bak1
C:\WINDOWS\system32\ststv.bak1
C:\WINDOWS\system32\uttss.bak1
C:\WINDOWS\system32\wybeg.bak1
C:\WINDOWS\system32\wybeg.bak2
C:\WINDOWS\system32\wycdd.bak1
C:\WINDOWS\system32\wycdd.bak2
C:\WINDOWS\system32\yccdd.bak1
C:\WINDOWS\system32\yybeg.bak1
Folder::
C:\Vundofix Backups
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"GPLv3"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\setup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\j4241531]
C:\WINDOWS\system32\xocfstys.dll
C:\WINDOWS\system32\vlobmjpy.dll
C:\WINDOWS\system32\j4241531.dll
C:\Program Files\wt3d.ini
C:\WINDOWS\system32\bbeeg.bak1
C:\WINDOWS\system32\egjlm.bak1
C:\WINDOWS\system32\egjlm.bak2
C:\WINDOWS\system32\egjlm.ini2
C:\WINDOWS\system32\fgjlm.bak1
C:\WINDOWS\system32\fgjlm.bak2
C:\WINDOWS\system32\fgjlm.ini2
C:\WINDOWS\system32\fhhkj.bak1
C:\WINDOWS\system32\gjkkj.bak1
C:\WINDOWS\system32\gjllm.bak1
C:\WINDOWS\system32\hjjlm.bak1
C:\WINDOWS\system32\hjkmp.bak1
C:\WINDOWS\system32\ijllm.bak1
C:\WINDOWS\system32\ilnmp.bak1
C:\WINDOWS\system32\ilnmp.bak2
C:\WINDOWS\system32\jjllm.bak1
C:\WINDOWS\system32\jjllm.bak2
C:\WINDOWS\system32\kjkkj.bak1
C:\WINDOWS\system32\klkkj.bak1
C:\WINDOWS\system32\mpqss.bak1
C:\WINDOWS\system32\nqtss.bak1
C:\WINDOWS\system32\orutv.bak1
C:\WINDOWS\system32\pqtss.bak1
C:\WINDOWS\system32\rqtss.bak1
C:\WINDOWS\system32\rtutv.bak1
C:\WINDOWS\system32\srqss.bak1
C:\WINDOWS\system32\ststv.bak1
C:\WINDOWS\system32\uttss.bak1
C:\WINDOWS\system32\wybeg.bak1
C:\WINDOWS\system32\wybeg.bak2
C:\WINDOWS\system32\wycdd.bak1
C:\WINDOWS\system32\wycdd.bak2
C:\WINDOWS\system32\yccdd.bak1
C:\WINDOWS\system32\yybeg.bak1
Folder::
C:\Vundofix Backups
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"GPLv3"=-
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\setup]
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\j4241531]
Ouvre le Bloc-Notes puis colle le texte copié.
(Démarrer\Tous les programmes\Accessoires\Bloc notes.)
Sauvegarde ce fichier sous le nom de CFScript.txt.
Glisse maintenant le fichier CFScript.txt dans Combofix.exe comme ci-dessous :
Cela va relancer Combofix, tape sur 1 puis valide. Après redémarrage, poste le contenu du rapport Combofix.txt accompagné d'un rapport Hijackthis.
S'il n'y a pas de rédémarrage, poste quand même les rapports.
Voici le rapport Combofix:
Et le rapport HijackThis:
ComboFix 07-12-02.4 - Loïc 2007-12-02 12:48:33.3 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.369 [GMT 1:00]
Running from: C:\Documents and Settings\Loïc\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Loïc\Bureau\CFScript.txt
* Created a new restore point
FILE
C:\Program Files\wt3d.ini
C:\WINDOWS\system32\bbeeg.bak1
C:\WINDOWS\system32\egjlm.bak1
C:\WINDOWS\system32\egjlm.bak2
C:\WINDOWS\system32\egjlm.ini2
C:\WINDOWS\system32\fgjlm.bak1
C:\WINDOWS\system32\fgjlm.bak2
C:\WINDOWS\system32\fgjlm.ini2
C:\WINDOWS\system32\fhhkj.bak1
C:\WINDOWS\system32\gjkkj.bak1
C:\WINDOWS\system32\gjllm.bak1
C:\WINDOWS\system32\hjjlm.bak1
C:\WINDOWS\system32\hjkmp.bak1
C:\WINDOWS\system32\ijllm.bak1
C:\WINDOWS\system32\ilnmp.bak1
C:\WINDOWS\system32\ilnmp.bak2
C:\WINDOWS\system32\j4241531.dll
C:\WINDOWS\system32\jjllm.bak1
C:\WINDOWS\system32\jjllm.bak2
C:\WINDOWS\system32\kjkkj.bak1
C:\WINDOWS\system32\klkkj.bak1
C:\WINDOWS\system32\mpqss.bak1
C:\WINDOWS\system32\nqtss.bak1
C:\WINDOWS\system32\orutv.bak1
C:\WINDOWS\system32\pqtss.bak1
C:\WINDOWS\system32\rqtss.bak1
C:\WINDOWS\system32\rtutv.bak1
C:\WINDOWS\system32\srqss.bak1
C:\WINDOWS\system32\ststv.bak1
C:\WINDOWS\system32\uttss.bak1
C:\WINDOWS\system32\vlobmjpy.dll
C:\WINDOWS\system32\wybeg.bak1
C:\WINDOWS\system32\wybeg.bak2
C:\WINDOWS\system32\wycdd.bak1
C:\WINDOWS\system32\wycdd.bak2
C:\WINDOWS\system32\xocfstys.dll
C:\WINDOWS\system32\yccdd.bak1
C:\WINDOWS\system32\yybeg.bak1
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\wt3d.ini
C:\Vundofix Backups
C:\Vundofix Backups\efhkj.bak1.bad
C:\Vundofix Backups\efhkj.bak2.bad
C:\Vundofix Backups\efhkj.ini.bad
C:\Vundofix Backups\efhkj.ini2.bad
C:\Vundofix Backups\efhkj.tmp.bad
C:\Vundofix Backups\jkhfe.dll.bad
C:\Vundofix Backups\kjkmp.bak1.bad
C:\Vundofix Backups\kjkmp.bak2.bad
C:\Vundofix Backups\kjkmp.ini.bad
C:\Vundofix Backups\lmllm.bak1.bad
C:\Vundofix Backups\lmllm.bak2.bad
C:\Vundofix Backups\lmllm.ini.bad
C:\Vundofix Backups\lmllm.ini2.bad
C:\Vundofix Backups\lmllm.tmp.bad
C:\Vundofix Backups\pmnmjhe.dll.bad
C:\Vundofix Backups\rqrollk.dll.bad
C:\Vundofix Backups\rqromnn.dll.bad
C:\Vundofix Backups\ssqomlk.dll.bad
C:\Vundofix Backups\wvvwa.bak1.bad
C:\Vundofix Backups\wvvwa.bak2.bad
C:\Vundofix Backups\wvvwa.ini.bad
C:\Vundofix Backups\wvvwa.ini2.bad
C:\Vundofix Backups\wvvwa.tmp.bad
C:\WINDOWS\system32\bbeeg.bak1
C:\WINDOWS\system32\egjlm.bak1
C:\WINDOWS\system32\egjlm.bak2
C:\WINDOWS\system32\egjlm.ini2
C:\WINDOWS\system32\fgjlm.bak1
C:\WINDOWS\system32\fgjlm.bak2
C:\WINDOWS\system32\fgjlm.ini2
C:\WINDOWS\system32\fhhkj.bak1
C:\WINDOWS\system32\gjkkj.bak1
C:\WINDOWS\system32\gjllm.bak1
C:\WINDOWS\system32\hjjlm.bak1
C:\WINDOWS\system32\hjkmp.bak1
C:\WINDOWS\system32\ijllm.bak1
C:\WINDOWS\system32\ilnmp.bak1
C:\WINDOWS\system32\ilnmp.bak2
C:\WINDOWS\system32\jjllm.bak1
C:\WINDOWS\system32\jjllm.bak2
C:\WINDOWS\system32\kjkkj.bak1
C:\WINDOWS\system32\klkkj.bak1
C:\WINDOWS\system32\mpqss.bak1
C:\WINDOWS\system32\nqtss.bak1
C:\WINDOWS\system32\orutv.bak1
C:\WINDOWS\system32\pqtss.bak1
C:\WINDOWS\system32\rqtss.bak1
C:\WINDOWS\system32\rtutv.bak1
C:\WINDOWS\system32\srqss.bak1
C:\WINDOWS\system32\ststv.bak1
C:\WINDOWS\system32\uttss.bak1
C:\WINDOWS\system32\wybeg.bak1
C:\WINDOWS\system32\wybeg.bak2
C:\WINDOWS\system32\wycdd.bak1
C:\WINDOWS\system32\wycdd.bak2
C:\WINDOWS\system32\yccdd.bak1
C:\WINDOWS\system32\yybeg.bak1
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-02 to 2007-12-02 ))))))))))))))))))))))))))))))))))))
.
2007-12-02 00:35 . <REP> C:\Documents and Settings\Eric 2007-12-02 00:35 <REP> ValÚrie\Local Settings
2007-12-02 00:35 . <REP> C:\Documents and Settings\Eric 2007-12-02 00:35 <REP> ValÚrie\Local Settings
2007-12-01 18:50 . 2007-12-01 18:50 <REP> d-------- C:\Program Files\Trend Micro
2007-11-28 15:42 . 2007-12-02 12:03 <REP> d-------- C:\Program Files\The All-Seeing Eye
2007-11-27 18:45 . 2007-11-27 18:46 <REP> d-------- C:\Program Files\Windows Live
2007-11-25 14:49 . 2007-11-25 14:49 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-25 06:52 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-25 06:52 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-25 06:52 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-11-24 20:26 . 2007-11-24 20:29 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-24 20:26 . 2007-11-27 19:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-22 08:24 . 2007-11-22 08:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-20 00:09 . 2007-11-20 00:09 <REP> d-------- C:\Program Files\mnProjects
2007-11-18 16:52 . 2007-12-02 12:15 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-11-18 16:52 . 2007-11-18 16:52 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-11-18 16:52 . 2007-12-02 12:10 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-18 16:00 . 2007-11-25 08:52 <REP> d-------- C:\Program Files\Wolfenstein - Enemy Territory
2007-11-17 11:35 . 2007-11-18 18:41 <REP> d-------- C:\Program Files\NCSoft
2007-11-17 11:35 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-11-14 07:08 . 2007-11-14 07:08 118 --a------ C:\WINDOWS\system32\MRT.INI
2007-11-05 18:09 . 2007-11-05 18:45 <REP> d-------- C:\Program Files\Perfect World
2007-11-05 18:07 . 2007-11-05 17:38 258,352 --a------ C:\WINDOWS\system32\unicows.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-01 21:31 --------- d-----w C:\Program Files\eMule
2007-11-24 18:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-11-19 07:20 --------- d-----w C:\Program Files\Crawler
2007-11-18 17:44 --------- d-----w C:\Program Files\vanBasco's Karaoke Player
2007-11-18 17:44 --------- d-----w C:\Program Files\TrackMania Nations ESWC
2007-11-18 17:44 --------- d-----w C:\Program Files\StuffPlug3
2007-11-18 17:44 --------- d-----w C:\Program Files\LimeWire
2007-11-18 17:44 --------- d-----w C:\Program Files\Heroes Ragnarok
2007-11-18 17:44 --------- d-----w C:\Program Files\FrenchOtto
2007-11-18 17:44 --------- d-----w C:\Program Files\FaxTools
2007-11-18 17:44 --------- d-----w C:\Program Files\DivX
2007-11-18 17:44 --------- d-----w C:\Program Files\Beneton Movie GIF
2007-11-18 17:41 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-18 17:39 --------- d-----w C:\Program Files\Jasc Software Inc
2007-10-23 10:29 --------- d-----w C:\Program Files\Net Pro Anti-Popup
2007-10-22 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
2007-10-22 17:08 --------- d-----w C:\Program Files\Microsoft
2007-10-21 15:20 --------- d-----w C:\Program Files\Red Kawa
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-11-06 15:03]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 08:27]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-10 21:00 C:\WINDOWS\system32\rundll32.exe]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-12-05 20:46]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 15:57]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" []
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
R1 fwdrv;Kerio Personal Firewall Driver;C:\WINDOWS\system32\Drivers\fwdrv.sys
S2 Ca533av;Icatch(IV) Video Camera Device;C:\WINDOWS\system32\Drivers\Ca533av.sys
S3 int15.sys;int15.sys;\??\C:\Acer\Empowering Technology\eRecovery\int15.sys
S3 psdfilter;psdfilter;\??\C:\WINDOWS\system32\Drivers\psdfilter.sys
S3 psdvdisk;psdvdisk;\??\C:\WINDOWS\system32\Drivers\psdvdisk.sys
S3 USBCamera;Icatch(IV) Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk533.sys
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-07 09:03:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-02 13:06:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-02 13:07:31 - machine was rebooted
C:\ComboFix2.txt ... 2007-12-02 08:48
C:\ComboFix3.txt ... 2007-12-02 00:35
.
--- E O F ---
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.369 [GMT 1:00]
Running from: C:\Documents and Settings\Loïc\Bureau\ComboFix.exe
Command switches used :: C:\Documents and Settings\Loïc\Bureau\CFScript.txt
* Created a new restore point
FILE
C:\Program Files\wt3d.ini
C:\WINDOWS\system32\bbeeg.bak1
C:\WINDOWS\system32\egjlm.bak1
C:\WINDOWS\system32\egjlm.bak2
C:\WINDOWS\system32\egjlm.ini2
C:\WINDOWS\system32\fgjlm.bak1
C:\WINDOWS\system32\fgjlm.bak2
C:\WINDOWS\system32\fgjlm.ini2
C:\WINDOWS\system32\fhhkj.bak1
C:\WINDOWS\system32\gjkkj.bak1
C:\WINDOWS\system32\gjllm.bak1
C:\WINDOWS\system32\hjjlm.bak1
C:\WINDOWS\system32\hjkmp.bak1
C:\WINDOWS\system32\ijllm.bak1
C:\WINDOWS\system32\ilnmp.bak1
C:\WINDOWS\system32\ilnmp.bak2
C:\WINDOWS\system32\j4241531.dll
C:\WINDOWS\system32\jjllm.bak1
C:\WINDOWS\system32\jjllm.bak2
C:\WINDOWS\system32\kjkkj.bak1
C:\WINDOWS\system32\klkkj.bak1
C:\WINDOWS\system32\mpqss.bak1
C:\WINDOWS\system32\nqtss.bak1
C:\WINDOWS\system32\orutv.bak1
C:\WINDOWS\system32\pqtss.bak1
C:\WINDOWS\system32\rqtss.bak1
C:\WINDOWS\system32\rtutv.bak1
C:\WINDOWS\system32\srqss.bak1
C:\WINDOWS\system32\ststv.bak1
C:\WINDOWS\system32\uttss.bak1
C:\WINDOWS\system32\vlobmjpy.dll
C:\WINDOWS\system32\wybeg.bak1
C:\WINDOWS\system32\wybeg.bak2
C:\WINDOWS\system32\wycdd.bak1
C:\WINDOWS\system32\wycdd.bak2
C:\WINDOWS\system32\xocfstys.dll
C:\WINDOWS\system32\yccdd.bak1
C:\WINDOWS\system32\yybeg.bak1
.
(((((((((((((((((((((((((((((((((((( Autres suppressions ))))))))))))))))))))))))))))))))))))))))))))))))
.
C:\Program Files\wt3d.ini
C:\Vundofix Backups
C:\Vundofix Backups\efhkj.bak1.bad
C:\Vundofix Backups\efhkj.bak2.bad
C:\Vundofix Backups\efhkj.ini.bad
C:\Vundofix Backups\efhkj.ini2.bad
C:\Vundofix Backups\efhkj.tmp.bad
C:\Vundofix Backups\jkhfe.dll.bad
C:\Vundofix Backups\kjkmp.bak1.bad
C:\Vundofix Backups\kjkmp.bak2.bad
C:\Vundofix Backups\kjkmp.ini.bad
C:\Vundofix Backups\lmllm.bak1.bad
C:\Vundofix Backups\lmllm.bak2.bad
C:\Vundofix Backups\lmllm.ini.bad
C:\Vundofix Backups\lmllm.ini2.bad
C:\Vundofix Backups\lmllm.tmp.bad
C:\Vundofix Backups\pmnmjhe.dll.bad
C:\Vundofix Backups\rqrollk.dll.bad
C:\Vundofix Backups\rqromnn.dll.bad
C:\Vundofix Backups\ssqomlk.dll.bad
C:\Vundofix Backups\wvvwa.bak1.bad
C:\Vundofix Backups\wvvwa.bak2.bad
C:\Vundofix Backups\wvvwa.ini.bad
C:\Vundofix Backups\wvvwa.ini2.bad
C:\Vundofix Backups\wvvwa.tmp.bad
C:\WINDOWS\system32\bbeeg.bak1
C:\WINDOWS\system32\egjlm.bak1
C:\WINDOWS\system32\egjlm.bak2
C:\WINDOWS\system32\egjlm.ini2
C:\WINDOWS\system32\fgjlm.bak1
C:\WINDOWS\system32\fgjlm.bak2
C:\WINDOWS\system32\fgjlm.ini2
C:\WINDOWS\system32\fhhkj.bak1
C:\WINDOWS\system32\gjkkj.bak1
C:\WINDOWS\system32\gjllm.bak1
C:\WINDOWS\system32\hjjlm.bak1
C:\WINDOWS\system32\hjkmp.bak1
C:\WINDOWS\system32\ijllm.bak1
C:\WINDOWS\system32\ilnmp.bak1
C:\WINDOWS\system32\ilnmp.bak2
C:\WINDOWS\system32\jjllm.bak1
C:\WINDOWS\system32\jjllm.bak2
C:\WINDOWS\system32\kjkkj.bak1
C:\WINDOWS\system32\klkkj.bak1
C:\WINDOWS\system32\mpqss.bak1
C:\WINDOWS\system32\nqtss.bak1
C:\WINDOWS\system32\orutv.bak1
C:\WINDOWS\system32\pqtss.bak1
C:\WINDOWS\system32\rqtss.bak1
C:\WINDOWS\system32\rtutv.bak1
C:\WINDOWS\system32\srqss.bak1
C:\WINDOWS\system32\ststv.bak1
C:\WINDOWS\system32\uttss.bak1
C:\WINDOWS\system32\wybeg.bak1
C:\WINDOWS\system32\wybeg.bak2
C:\WINDOWS\system32\wycdd.bak1
C:\WINDOWS\system32\wycdd.bak2
C:\WINDOWS\system32\yccdd.bak1
C:\WINDOWS\system32\yybeg.bak1
.
((((((((((((((((((((((((((((( Fichiers cr‚‚s 2007-11-02 to 2007-12-02 ))))))))))))))))))))))))))))))))))))
.
2007-12-02 00:35 . <REP> C:\Documents and Settings\Eric 2007-12-02 00:35 <REP> ValÚrie\Local Settings
2007-12-02 00:35 . <REP> C:\Documents and Settings\Eric 2007-12-02 00:35 <REP> ValÚrie\Local Settings
2007-12-01 18:50 . 2007-12-01 18:50 <REP> d-------- C:\Program Files\Trend Micro
2007-11-28 15:42 . 2007-12-02 12:03 <REP> d-------- C:\Program Files\The All-Seeing Eye
2007-11-27 18:45 . 2007-11-27 18:46 <REP> d-------- C:\Program Files\Windows Live
2007-11-25 14:49 . 2007-11-25 14:49 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-25 06:52 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-25 06:52 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-25 06:52 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-11-24 20:26 . 2007-11-24 20:29 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-24 20:26 . 2007-11-27 19:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-22 08:24 . 2007-11-22 08:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-20 00:09 . 2007-11-20 00:09 <REP> d-------- C:\Program Files\mnProjects
2007-11-18 16:52 . 2007-12-02 12:15 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-11-18 16:52 . 2007-11-18 16:52 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-11-18 16:52 . 2007-12-02 12:10 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-18 16:00 . 2007-11-25 08:52 <REP> d-------- C:\Program Files\Wolfenstein - Enemy Territory
2007-11-17 11:35 . 2007-11-18 18:41 <REP> d-------- C:\Program Files\NCSoft
2007-11-17 11:35 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-11-14 07:08 . 2007-11-14 07:08 118 --a------ C:\WINDOWS\system32\MRT.INI
2007-11-05 18:09 . 2007-11-05 18:45 <REP> d-------- C:\Program Files\Perfect World
2007-11-05 18:07 . 2007-11-05 17:38 258,352 --a------ C:\WINDOWS\system32\unicows.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-01 21:31 --------- d-----w C:\Program Files\eMule
2007-11-24 18:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-11-19 07:20 --------- d-----w C:\Program Files\Crawler
2007-11-18 17:44 --------- d-----w C:\Program Files\vanBasco's Karaoke Player
2007-11-18 17:44 --------- d-----w C:\Program Files\TrackMania Nations ESWC
2007-11-18 17:44 --------- d-----w C:\Program Files\StuffPlug3
2007-11-18 17:44 --------- d-----w C:\Program Files\LimeWire
2007-11-18 17:44 --------- d-----w C:\Program Files\Heroes Ragnarok
2007-11-18 17:44 --------- d-----w C:\Program Files\FrenchOtto
2007-11-18 17:44 --------- d-----w C:\Program Files\FaxTools
2007-11-18 17:44 --------- d-----w C:\Program Files\DivX
2007-11-18 17:44 --------- d-----w C:\Program Files\Beneton Movie GIF
2007-11-18 17:41 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-18 17:39 --------- d-----w C:\Program Files\Jasc Software Inc
2007-10-23 10:29 --------- d-----w C:\Program Files\Net Pro Anti-Popup
2007-10-22 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
2007-10-22 17:08 --------- d-----w C:\Program Files\Microsoft
2007-10-21 15:20 --------- d-----w C:\Program Files\Red Kawa
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* les ‚l‚ments vides & les ‚l‚ments initiaux l‚gitimes ne sont pas list‚s
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-11-06 15:03]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe" [2007-05-16 08:27]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-10 21:00 C:\WINDOWS\system32\rundll32.exe]
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" [2006-12-05 20:46]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2006-09-01 15:57]
"NeroFilterCheck"="C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe" [2007-03-01 14:57]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" []
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
R1 fwdrv;Kerio Personal Firewall Driver;C:\WINDOWS\system32\Drivers\fwdrv.sys
S2 Ca533av;Icatch(IV) Video Camera Device;C:\WINDOWS\system32\Drivers\Ca533av.sys
S3 int15.sys;int15.sys;\??\C:\Acer\Empowering Technology\eRecovery\int15.sys
S3 psdfilter;psdfilter;\??\C:\WINDOWS\system32\Drivers\psdfilter.sys
S3 psdvdisk;psdvdisk;\??\C:\WINDOWS\system32\Drivers\psdvdisk.sys
S3 USBCamera;Icatch(IV) Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk533.sys
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
.
Contenu du dossier 'Scheduled Tasks/Tƒches planifi‚es'
"2007-11-07 09:03:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-02 13:06:52
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-02 13:07:31 - machine was rebooted
C:\ComboFix2.txt ... 2007-12-02 08:48
C:\ComboFix3.txt ... 2007-12-02 00:35
.
--- E O F ---
Et le rapport HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:08:01, on 02/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezobho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk.disabled
O4 - Global Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Loïc\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Ra...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
--
End of file - 9353 bytes
Scan saved at 13:08:01, on 02/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\ESET\nod32kui.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezobho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk.disabled
O4 - Global Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Loïc\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Ra...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
--
End of file - 9353 bytes
Bien,
Télécharge sur ton bureau : Clean (de Malekal) >Tuto<
Dézippe le sur ton bureau. Double-clic sur ce dossier clean.
Double-clic sur clean.cmd. (L’extension cmd peut ne pas apparaître) Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé et poste le rapport ici.
Le rapport se trouve ici : C:\rapport_clean.txt
Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.
Télécharge sur ton bureau : Clean (de Malekal) >Tuto<
Dézippe le sur ton bureau. Double-clic sur ce dossier clean.
Double-clic sur clean.cmd. (L’extension cmd peut ne pas apparaître) Cela va ouvrir une fenêtre noire.
Un menu va apparaître, choisis l'option 1 puis entrée. Ensuite appuies sur une touche comme il te sera demandé et poste le rapport ici.
Le rapport se trouve ici : C:\rapport_clean.txt
Si tu obtiens un fichier C:\upload_moi.zip, merci de faire ceci.
J'ai uploadé le fichier upload_moi.
Voici le rapport Clean:
EDIT: En fait non, upload.malekal.com me dit "Vous n'avez pas choisi de fichier !".
Le fichier que j'ai obtenu n'était pas "C:\upload_moi.zip" mais "C:\upload_moi_TEYSSIER.tar.gz".
Voici le rapport Clean:
02/12/2007 a 13:24:28,78
*** Recherche des fichiers dans C:
C:\StubInstaller.exe FOUND
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\mcrh.tmp FOUND
*** Recherche des fichiers dans C:\Program Files
C:\PROGRA~1\PERFEC~1\ FOUND
*** Recherche des fichiers dans C:
C:\StubInstaller.exe FOUND
*** Recherche des fichiers dans C:\WINDOWS\
*** Recherche des fichiers dans C:\WINDOWS\system32
C:\WINDOWS\system32\mcrh.tmp FOUND
*** Recherche des fichiers dans C:\Program Files
C:\PROGRA~1\PERFEC~1\ FOUND
EDIT: En fait non, upload.malekal.com me dit "Vous n'avez pas choisi de fichier !".
Le fichier que j'ai obtenu n'était pas "C:\upload_moi.zip" mais "C:\upload_moi_TEYSSIER.tar.gz".
Essaie de l'uploader sinon tan pis.
Télécharge AVG Anti-Spyware Installes-le.
Si le lien ne fonctionne pas : >Clique ici<
Lance AVG et fais une mise à jour.
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglet comment réagir, clique sur Actions recommandées. Choisis Quarantaine.
Ne fais pas d’analyse pour le moment.
Redémarre en mode sans échec
/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\
Relance Avg.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
Poste le ici.
&
Toujours en mode sans échec, relance clean et fais l'option 2, poste le rapport.
Télécharge AVG Anti-Spyware Installes-le.
Si le lien ne fonctionne pas : >Clique ici<
Lance AVG et fais une mise à jour.
Clique sur le bouton Analyse (de la barre d'outils)
Puis sur l'onglet comment réagir, clique sur Actions recommandées. Choisis Quarantaine.
Ne fais pas d’analyse pour le moment.
Redémarre en mode sans échec
/!\ Ne jamais démarrer en mode sans échec via MSCONFIG /!\
Relance Avg.
Reviens à l'onglet Analyse. Clique sur Analyse complète du système.
A la fin du scan, choisis l'option " Appliquer toutes les actions " en bas.
Clique sur "Enregistrer le rapport". Ceci génère un rapport qui se trouve dans le dossier Reports du dossier d'AVG Anti-Spyware.
Poste le ici.
&
Toujours en mode sans échec, relance clean et fais l'option 2, poste le rapport.
Re,
Rapport AVG:
Rapport Clean:
Rapport AVG:
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 16:28:09 02/12/2007
+ Résultat de l'analyse:
HKU\S-1-5-21-2074014421-2895735302-1175302388-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5D4831E0-5A7C-4A46-AFD5-A79AB8CE36C2} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0099821.exe -> Downloader.Tiny.id : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0099826.exe -> Downloader.Tiny.id : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\ESET\infected\C5AD42CA.NQF -> Logger.VBStat.h : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.263:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.317:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.318:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.319:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.727:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.728:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.210:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.216:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.217:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.218:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.219:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.220:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.221:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.222:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.223:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.224:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.225:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.227:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.230:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.231:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.232:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.400:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.444:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.566:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.63:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.640:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.64:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.654:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@msnportal.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.134:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.135:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.136:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.141:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.143:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.30:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.31:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.32:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.611:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.612:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.613:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@3.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@stats.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Nettoyé.
:mozilla.205:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.626:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.627:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.628:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.629:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.630:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.631:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.219:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.231:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.322:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.323:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.10:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.12:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.13:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.14:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.17:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.29:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.32:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.33:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.34:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.90:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.93:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.94:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.107:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.466:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.162:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.162:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.297:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.120:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.28:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.59:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.129:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.130:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.131:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.132:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.133:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.134:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.220:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.524:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.525:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.617:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.679:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.714:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Clickhype : Nettoyé.
:mozilla.423:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.424:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.425:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.74:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.75:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.76:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.313:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Counted : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@cpvfeed[3].txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.729:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Cqcounter : Nettoyé.
:mozilla.109:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.23:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.66:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.133:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.246:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.31:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.459:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.655:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.656:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.100:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.101:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.102:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.103:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.104:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.105:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.106:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.107:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.108:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.237:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.238:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.239:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.58:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.59:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.60:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.62:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.199:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.343:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.637:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.405:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.406:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.407:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.458:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.577:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.578:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.579:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.580:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.662:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.757:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.81:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.82:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.831:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.832:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@ehg-warnerbrothers.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ehg.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.197:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.198:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.358:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.359:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ivwbox[2].txt -> TrackingCookie.Ivwbox : Nettoyé.
:mozilla.614:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.151:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.344:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.71:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.27:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.517:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.518:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.127:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.165:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.165:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.607:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.116:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.117:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.419:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.420:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@realmedia[2].txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.804:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.805:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.806:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.807:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.808:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.809:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.117:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.118:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.119:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.120:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.121:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.122:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.123:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.142:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.143:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.144:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.145:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.146:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.147:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.148:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.240:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.241:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.242:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.243:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.244:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.245:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.246:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.370:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.371:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.116:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.117:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.118:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.119:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.18:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.19:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.19:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.20:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.20:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.21:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.21:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.22:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.22:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.23:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.235:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.236:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.329:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.330:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.331:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.49:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.53:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.54:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.55:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.56:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.100:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.101:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.102:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.20:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.23:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.24:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.25:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.67:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.68:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.69:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.70:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.99:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.606:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.229:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Vegasred : Nettoyé.
:mozilla.41:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.42:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.43:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.55:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.57:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.58:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.63:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.64:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.65:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.673:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@statse.webtrendslive[3].txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.263:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.264:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.265:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.266:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.267:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.45:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.46:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.47:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.48:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.50:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.51:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.52:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.542:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.543:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.544:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.137:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.138:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.139:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.140:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.142:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.268:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.269:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.270:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.271:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.272:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.273:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.274:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.491:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.492:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Program Files\ESET\infected\3AQ2TSDA.NQF -> Trojan.BHO.bd : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\awtuspo.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\wvuvurs.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
Fin du rapport
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------
+ Créé à: 16:28:09 02/12/2007
+ Résultat de l'analyse:
HKU\S-1-5-21-2074014421-2895735302-1175302388-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{5D4831E0-5A7C-4A46-AFD5-A79AB8CE36C2} -> Adware.Generic : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0099821.exe -> Downloader.Tiny.id : Nettoyé et sauvegardé (mise en quarantaine).
C:\System Volume Information\_restore{B89CEA26-ECB5-40D8-BB54-F267A162670D}\RP390\A0099826.exe -> Downloader.Tiny.id : Nettoyé et sauvegardé (mise en quarantaine).
C:\Program Files\ESET\infected\C5AD42CA.NQF -> Logger.VBStat.h : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.263:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.317:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.318:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.319:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.727:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.728:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.247realmedia : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.210:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.216:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.217:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.218:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.219:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.220:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.221:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.222:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.223:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.224:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.225:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.227:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.230:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.231:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.232:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.400:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.444:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.566:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.63:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.640:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.64:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.654:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@msnportal.112.2o7[2].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.134:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.135:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.136:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.141:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.143:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.30:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.31:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.32:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.611:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.612:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.613:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@3.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ads.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@stats.adbrite[1].txt -> TrackingCookie.Adbrite : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Nettoyé.
:mozilla.205:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.626:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.627:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.628:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.629:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.630:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.631:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adrevolver : Nettoyé.
:mozilla.219:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.231:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.322:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.323:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@adtech[1].txt -> TrackingCookie.Adtech : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.10:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.12:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.13:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.14:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.17:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.29:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.32:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.33:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.34:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.90:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.93:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.94:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.107:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.466:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.162:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.162:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.297:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.120:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.28:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.59:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.129:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.130:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.131:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.132:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.133:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.134:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.220:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.524:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.525:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.617:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.679:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@www.casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
:mozilla.714:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Clickhype : Nettoyé.
:mozilla.423:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.424:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.425:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.74:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.75:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.76:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Comclick : Nettoyé.
:mozilla.313:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Counted : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@cpvfeed[3].txt -> TrackingCookie.Cpvfeed : Nettoyé.
:mozilla.729:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Cqcounter : Nettoyé.
:mozilla.109:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.23:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.66:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@doubleclick[2].txt -> TrackingCookie.Doubleclick : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
:mozilla.133:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.246:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.31:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
:mozilla.459:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.655:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.656:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Euroclick : Nettoyé.
:mozilla.100:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.101:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.102:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.103:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.104:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.105:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.106:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.107:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.108:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.237:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.238:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.239:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.58:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.59:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.60:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.62:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.199:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.343:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.637:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Googleadservices : Nettoyé.
:mozilla.405:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.406:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.407:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.458:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.577:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.578:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.579:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.580:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.662:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.757:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.81:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.82:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.831:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.832:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@ehg-warnerbrothers.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ehg-dig.hitbox[1].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ehg-telecomitalia.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ehg.hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
:mozilla.197:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.198:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.358:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
:mozilla.359:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Imrworldwide : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ivwbox[2].txt -> TrackingCookie.Ivwbox : Nettoyé.
:mozilla.614:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Liveperson : Nettoyé.
:mozilla.151:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.344:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.71:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
:mozilla.27:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Netflame : Nettoyé.
:mozilla.517:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.518:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Onestat : Nettoyé.
:mozilla.127:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.165:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.165:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Overture : Nettoyé.
:mozilla.607:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@overture[2].txt -> TrackingCookie.Overture : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Nettoyé.
:mozilla.116:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.117:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.419:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Questionmarket : Nettoyé.
:mozilla.420:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Questionmarket : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@realmedia[2].txt -> TrackingCookie.Realmedia : Nettoyé.
:mozilla.804:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.805:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.806:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.807:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.808:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.809:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Revsci : Nettoyé.
:mozilla.117:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.118:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.119:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.120:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.121:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.122:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.123:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.142:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.143:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.144:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.145:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.146:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.147:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.148:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.240:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.241:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.242:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.243:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.244:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.245:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.246:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@serving-sys[1].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.370:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.371:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Sitestat : Nettoyé.
:mozilla.116:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.117:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.118:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.119:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.18:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.19:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.19:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.20:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.20:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.21:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.21:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.22:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.22:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.23:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@smartadserver[2].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.235:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.236:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.329:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.330:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.331:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Statcounter : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.49:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.53:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.54:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.55:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.56:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.100:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.101:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.102:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.20:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.23:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.24:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.25:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.67:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.68:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.69:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.70:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.99:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.606:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Tribalfusion : Nettoyé.
:mozilla.229:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Vegasred : Nettoyé.
:mozilla.41:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.42:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.43:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.55:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.57:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.58:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.63:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.64:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.65:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@weborama[2].txt -> TrackingCookie.Weborama : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
:mozilla.673:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@m.webtrends[1].txt -> TrackingCookie.Webtrends : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@statse.webtrendslive[3].txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.263:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.264:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.265:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.266:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.267:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.45:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.46:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.47:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.48:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.50:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.51:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.52:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.542:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.543:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.544:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.137:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.138:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.139:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.140:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.142:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.268:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.269:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.270:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.271:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.272:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.273:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.274:C:\Documents and Settings\Loïc\Application Data\Mozilla\Firefox\Profiles\8b3jolt2.default\cookies-1.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.491:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
:mozilla.492:C:\Documents and Settings\Eric & Valérie\Application Data\Mozilla\Firefox\Profiles\j6dseoa2.default\cookies.txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Eric & Valérie\Cookies\eric_&_valérie@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Documents and Settings\Loïc\Cookies\loïc@zedo[2].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Program Files\ESET\infected\3AQ2TSDA.NQF -> Trojan.BHO.bd : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\awtuspo.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
C:\WINDOWS\system32\wvuvurs.exe -> Trojan.Small : Nettoyé et sauvegardé (mise en quarantaine).
Fin du rapport
Rapport Clean:
Script execute en mode sans echec
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 02/12/2007 a 16:29:02,65
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
tentative de suppression de C:\StubInstaller.exe
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\mcrh.tmp
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de C:\PROGRA~1\PERFEC~1\
*** Suppression des clefs du registre effectuee..
Rapport clean par Malekal_morte - http://www.malekal.com
Script execute en mode sans echec 02/12/2007 a 16:29:02,65
Microsoft Windows XP [version 5.1.2600]
*** Suppression des fichiers dans C:
tentative de suppression de C:\StubInstaller.exe
*** Suppression des fichiers dans C:\WINDOWS\
*** Suppression des fichiers dans C:\WINDOWS\system32
tentative de suppression de C:\WINDOWS\system32\mcrh.tmp
*** Suppression des fichiers dans C:\Program Files
tentative de suppression de C:\PROGRA~1\PERFEC~1\
*** Suppression des clefs du registre effectuee..
Voila:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:17:05, on 02/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\ESET\nod32kui.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezobho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk.disabled
O4 - Global Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Loïc\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Ra...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
--
End of file - 9531 bytes
Scan saved at 23:17:05, on 02/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Kerio\Personal Firewall\persfw.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\ESET\nod32kui.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexStoreSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezobho.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: Microsoft Office.lnk.disabled
O4 - Global Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Outil de mise à jour Google.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Loïc\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Ra...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
--
End of file - 9531 bytes
Re,
Relance HiJackThis, do a system scan only, coche ces lignes :
Puis Fix Checked !
Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer. (Tuto)
Autorise les active x.
Clique sur Démarrer Online Scanner.
Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
Colle son rapport ici.
Relance HiJackThis, do a system scan only, coche ces lignes :
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezobho.dll (file missing)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Loïc\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://recherche.neuf.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=66006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=6...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1036
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: EoRezoBHO - {64F56FC1-1272-44CD-BA6E-39723696E350} - C:\Program Files\eoRezo\EoAdv\EoRezobho.dll (file missing)
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Ahead\Lib\NeroCheck.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Loïc\Menu Démarrer\Programmes\IMVU\Run IMVU.lnk (file missing)
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
Puis Fix Checked !
Fais une analyse antivirus en ligne sur Kaspersky avec Internet Explorer. (Tuto)
Autorise les active x.
Clique sur Démarrer Online Scanner.
Sélectionne le poste de travail comme analyse. Enregistres sous le rapport en format .txt.
Colle son rapport ici.
Voila, il en a trouvé beaucoup ^^'.
Je l'ai uploadé sur partage-facile parce que ça me fesait planter firefox quand je le c/c sur le forum.
Voici le lien : http://www.partage-facile.com/112278-Rapport_Kaspersky.txt.html
Je l'ai uploadé sur partage-facile parce que ça me fesait planter firefox quand je le c/c sur le forum.
Voici le lien : http://www.partage-facile.com/112278-Rapport_Kaspersky.txt.html
Re,
Supprime C:\Program Files\eMule\Incomplete\T-217706-Menace.Sur.La.Planete.Rap.2007.PAL.FRENCH.COMPLETE.MDVDR-NRV.zip
Vide ce dossier : Je suppose que c'est la quarantaine de nod32 : C:\Program Files\ESET\infected
Désactive-réactive la restauration système
Désinstalle, supprime tous les logiciels utilisés pour la désinfection ainsi que les dossiers créés correspondants.. Garde ccleaner, avg et antivir si nous les avons installé..
Rapporte ton infection sur Malware Complaints >Tuto<
Ton(tes) infection(s) : Vundo
Puis regarde ces pages :
Sécuriser son Ordinateur
cracks/P2P
Toujours des problèmes ?
Supprime C:\Program Files\eMule\Incomplete\T-217706-Menace.Sur.La.Planete.Rap.2007.PAL.FRENCH.COMPLETE.MDVDR-NRV.zip
Vide ce dossier : Je suppose que c'est la quarantaine de nod32 : C:\Program Files\ESET\infected
Désactive-réactive la restauration système
Désinstalle, supprime tous les logiciels utilisés pour la désinfection ainsi que les dossiers créés correspondants.. Garde ccleaner, avg et antivir si nous les avons installé..
Rapporte ton infection sur Malware Complaints >Tuto<
Ton(tes) infection(s) : Vundo
Puis regarde ces pages :
Sécuriser son Ordinateur
cracks/P2P
Toujours des problèmes ?
Je te remercie beaucoup pour ton aide, apparement il n'y a plus de problèmes. Je repasserai dans quelques jours pour dire si des virus se sont encore manifestés ou pas.
J'ai rapporté mon infection sur Malware Complaints.
Merci pour tes liens sur la sécurité de l'ordinateur et le risque des cracks/P2P, ils me seront utiles![:)]( ":)")
.
Encore un grand merci pour ton aide.
Bonne continuation![;)]( ";)")
.
J'ai rapporté mon infection sur Malware Complaints.
Merci pour tes liens sur la sécurité de l'ordinateur et le risque des cracks/P2P, ils me seront utiles
.Encore un grand merci pour ton aide.
Bonne continuation
.
Merci de ton aide ![:)]( ":)")
Voila le rapport HijackThis:
Et le rapport Combofix:
Voila le rapport HijackThis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:37:32, on 05/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\ESET\nod32kui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Ra...
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
--
End of file - 7142 bytes
Scan saved at 22:37:32, on 05/12/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\ESET\nod32kui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.neuf.fr/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: NOD32 Control Center.lnk = C:\Program Files\ESET\nod32kui.exe
O4 - Global Startup: Acer WLAN 11g USB Dongle.lnk = C:\Program Files\Acer WLAN 11g USB Dongle\ZDWlan.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://s.tf1.fr/mmdia/static/rawflow/clients/5.3.1.0/Ra...
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner/default/kavweb...
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986....
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.ca...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClie...
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst....
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPACl...
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows Live Setup Service (WLSetupSvc) - Unknown owner - C:\Program Files\Windows Live\installer\WLSetupSvc.exe (file missing)
--
End of file - 7142 bytes
Et le rapport Combofix:
ComboFix 07-12-02.6 - Loïc 2007-12-05 22:39:28.4 - NTFSx86
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.315 [GMT 1:00]
Running from: C:\Documents and Settings\Loïc\Bureau\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-05 to 2007-12-05 ))))))))))))))))))))))))))))))))))))
.
2007-12-05 22:37 . 2007-12-05 22:37 <REP> d-------- C:\Program Files\Trend Micro
2007-12-04 18:27 . 2007-12-04 18:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-12-04 18:27 . 2007-12-04 23:36 624,672 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-04 18:27 . 2007-12-04 18:27 75,932 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-12-04 18:27 . 2007-06-21 21:54 75,248 --a------ C:\WINDOWS\zllsputility.exe
2007-12-04 18:27 . 2007-12-04 18:27 74,396 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-12-04 18:27 . 2007-06-21 21:55 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2007-12-04 18:27 . 2007-06-21 21:55 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
2007-12-04 18:27 . 2007-06-21 21:55 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
2007-12-04 18:27 . 2007-06-21 21:55 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
2007-12-04 18:27 . 2007-12-04 23:36 8,396 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-04 18:27 . 2007-12-04 18:29 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-12-04 18:25 . 2007-12-05 22:35 <REP> d-------- C:\WINDOWS\Internet Logs
2007-12-04 12:45 . <REP> C:\Documents and Settings\Eric 2007-12-04 12:45 <REP> Valérie\Application Data\Grisoft
2007-12-04 08:15 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-12-02 23:46 . 2007-12-02 23:46 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-12-02 23:46 . 2007-12-02 23:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-12-02 16:44 . 2007-12-02 16:44 <REP> d-------- C:\Program Files\Gravity
2007-12-02 15:23 . 2007-12-02 15:23 <REP> d-------- C:\Documents and Settings\Loïc\Application Data\Grisoft
2007-12-02 15:23 . 2007-12-02 15:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-02 15:23 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-12-02 00:35 . <REP> C:\Documents and Settings\Eric 2007-12-02 00:35 <REP> ValÚrie\Local Settings
2007-11-28 15:42 . 2007-12-02 12:03 <REP> d-------- C:\Program Files\The All-Seeing Eye
2007-11-27 18:45 . 2007-11-27 18:46 <REP> d-------- C:\Program Files\Windows Live
2007-11-25 14:49 . 2007-11-25 14:49 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-25 06:52 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-25 06:52 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-25 06:52 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-11-24 20:26 . 2007-11-24 20:29 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-24 20:26 . 2007-11-27 19:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-22 08:24 . 2007-11-22 08:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-20 00:09 . 2007-11-20 00:09 <REP> d-------- C:\Program Files\mnProjects
2007-11-18 16:52 . 2007-12-02 12:15 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-11-18 16:52 . 2007-11-18 16:52 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-11-18 16:52 . 2007-12-02 12:10 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-18 16:00 . 2007-11-25 08:52 <REP> d-------- C:\Program Files\Wolfenstein - Enemy Territory
2007-11-17 11:35 . 2007-11-18 18:41 <REP> d-------- C:\Program Files\NCSoft
2007-11-17 11:35 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-11-14 07:08 . 2007-11-14 07:08 118 --a------ C:\WINDOWS\system32\MRT.INI
2007-11-05 18:07 . 2007-11-05 17:38 258,352 --a------ C:\WINDOWS\system32\unicows.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-05 21:10 --------- d-----w C:\Program Files\Heroes Ragnarok
2007-12-04 19:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-04 11:54 --------- d-----w C:\Program Files\eMule
2007-12-04 11:45 --------- d-----w C:\Documents and Settings\Eric & Valérie\Application Data\Grisoft
2007-12-04 07:15 --------- d-----w C:\Program Files\Java
2007-11-24 18:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-11-19 07:20 --------- d-----w C:\Program Files\Crawler
2007-11-18 17:44 --------- d-----w C:\Program Files\vanBasco's Karaoke Player
2007-11-18 17:44 --------- d-----w C:\Program Files\TrackMania Nations ESWC
2007-11-18 17:44 --------- d-----w C:\Program Files\LimeWire
2007-11-18 17:44 --------- d-----w C:\Program Files\FrenchOtto
2007-11-18 17:44 --------- d-----w C:\Program Files\FaxTools
2007-11-18 17:44 --------- d-----w C:\Program Files\DivX
2007-11-18 17:44 --------- d-----w C:\Program Files\Beneton Movie GIF
2007-11-18 17:41 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-18 17:39 --------- d-----w C:\Program Files\Jasc Software Inc
2007-10-23 10:29 --------- d-----w C:\Program Files\Net Pro Anti-Popup
2007-10-22 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
2007-10-22 17:08 --------- d-----w C:\Program Files\Microsoft
2007-10-21 15:20 --------- d-----w C:\Program Files\Red Kawa
2007-10-21 14:23 --------- d-----w C:\Documents and Settings\Loïc\Application Data\Radios Media Player
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-09-28 16:08 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-09-28 16:07 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-09-28 16:07 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-09-28 16:07 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-09-28 16:07 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-09-28 16:07 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-09-28 16:07 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-09-28 16:07 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-09-28 16:05 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-09-28 16:05 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-09-28 16:05 739,840 ----a-w C:\WINDOWS\system32\DivX.dll
2007-09-28 16:05 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-09-28 16:05 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-09-28 16:05 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-09-28 16:05 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-09-28 16:05 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-09-28 16:05 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-03-14 21:06 583 ----a-w C:\Documents and Settings\Loïc\clean.reg
2007-03-14 21:06 583 ----a-w C:\Documents and Settings\Loïc\clean.reg
2007-02-18 19:45 3,992,288 ----a-w C:\Documents and Settings\Loïc\TRACE_BOOT+DRIVERS_1_1.BIN
2007-02-18 19:45 3,992,288 ----a-w C:\Documents and Settings\Loïc\TRACE_BOOT+DRIVERS_1_1.BIN
.
((((((((((((((((((((((((((((( snapshot@2007-12-02_ 0.34.47.04 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-24 02:01:44 780,800 ----a-w C:\WINDOWS\Resources\Themes\Zune\Shell\NormalColor\shellstyle.dll
+ 2007-05-30 23:03:48 110,360 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
+ 2007-05-30 23:03:50 119,576 ----a-w C:\WINDOWS\system32\drivers\klif.sys
- 2007-11-08 14:11:45 189,792 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2007-12-05 07:28:59 191,384 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2006-12-15 00:30:58 49,248 ----a-w C:\WINDOWS\system32\java.exe
+ 2007-09-24 21:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2006-12-15 00:31:06 53,346 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2007-09-24 21:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2006-12-15 02:09:14 127,078 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2007-09-24 22:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2005-05-24 11:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 14:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 14:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2007-06-21 20:54:26 796,048 ----a-w C:\WINDOWS\system32\libeay32_0.9.6l.dll
+ 2007-06-21 20:54:30 83,432 ----a-w C:\WINDOWS\system32\vsdata.dll
+ 2007-06-21 20:54:52 394,984 ----a-w C:\WINDOWS\system32\vsdatant.sys
+ 2007-06-21 20:54:32 157,160 ----a-w C:\WINDOWS\system32\vsinit.dll
+ 2007-06-21 20:54:32 103,912 ----a-w C:\WINDOWS\system32\vsmonapi.dll
+ 2007-06-21 20:54:32 275,944 ----a-w C:\WINDOWS\system32\vspubapi.dll
+ 2007-06-21 20:54:32 71,144 ----a-w C:\WINDOWS\system32\vsregexp.dll
+ 2007-06-21 20:54:34 472,552 ----a-w C:\WINDOWS\system32\vsutil.dll
+ 2007-06-21 20:54:34 46,568 ----a-w C:\WINDOWS\system32\vswmi.dll
+ 2007-06-21 20:54:34 99,816 ----a-w C:\WINDOWS\system32\vsxml.dll
+ 2007-06-21 20:54:34 83,432 ----a-w C:\WINDOWS\system32\zlcomm.dll
+ 2007-06-21 20:54:34 71,144 ----a-w C:\WINDOWS\system32\zlcommdb.dll
+ 2007-06-21 20:54:24 366,112 ----a-w C:\WINDOWS\system32\ZoneLabs\av.dll
+ 2007-06-21 20:55:26 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\av_loc040c.dll
+ 2007-05-30 23:03:30 65,248 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.dat
+ 2006-06-30 13:47:36 21,568 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll
+ 2007-05-30 23:03:16 77,824 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll
+ 2007-05-30 23:03:16 110,592 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll
+ 2007-05-30 23:03:16 331,776 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll
+ 2007-05-30 23:03:16 38,400 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll
+ 2006-09-19 22:12:14 208,960 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll
+ 2007-05-30 23:03:16 258,048 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll
+ 2006-12-19 17:13:52 1,093,632 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll
+ 2007-05-30 23:03:20 548,864 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll
+ 2007-05-30 23:03:20 626,688 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll
+ 2007-05-30 23:03:18 184,320 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll
+ 2007-05-30 23:03:22 90,112 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll
+ 2007-05-30 23:03:18 118,784 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
+ 2006-12-19 17:13:52 200,704 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll
+ 2007-06-21 20:54:24 99,816 ----a-w C:\WINDOWS\system32\ZoneLabs\camupd.dll
+ 2007-06-21 20:55:26 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\camupd_loc040c.dll
+ 2004-01-30 11:35:08 813,568 ----a-w C:\WINDOWS\system32\ZoneLabs\dbghelp.dll
+ 2007-06-21 20:54:24 128,480 ----a-w C:\WINDOWS\system32\ZoneLabs\fbl.dll
+ 2007-06-21 20:54:26 38,376 ----a-w C:\WINDOWS\system32\ZoneLabs\featuremap.dll
+ 2007-06-21 20:54:26 321,016 ----a-w C:\WINDOWS\system32\ZoneLabs\imsecure.dll
+ 2007-06-21 20:55:28 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\imsecure_loc040c.dll
+ 2007-06-21 20:55:26 288,144 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard_loc040c.zip.dll
+ 2007-06-21 20:55:28 152,976 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\LicenseUI_loc040c.zip.dll
+ 2007-06-21 20:54:54 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll
+ 2007-06-21 20:54:54 1,361,296 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll
+ 2007-06-21 20:54:54 71,056 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll
+ 2007-06-21 20:56:16 30,184 ----a-w C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll
+ 2007-06-21 20:56:16 30,216 ----a-w C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
+ 2007-06-11 11:43:50 714,472 ----a-w C:\WINDOWS\system32\ZoneLabs\qrbase.dll
+ 2007-06-11 11:43:52 788,200 ----a-w C:\WINDOWS\system32\ZoneLabs\qrsrecl.dll
+ 2007-06-21 20:54:28 173,544 ----a-w C:\WINDOWS\system32\ZoneLabs\scheduler.dll
+ 2007-06-21 20:55:30 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\scheduler_loc040c.dll
+ 2007-01-11 10:12:08 2,432,259 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
+ 2007-06-11 11:43:56 1,496,808 ----a-w C:\WINDOWS\system32\ZoneLabs\srescan.dll
+ 2007-06-11 11:44:10 50,416 ----a-w C:\WINDOWS\system32\ZoneLabs\srescan.sys
+ 2007-06-21 20:54:28 456,168 ----a-w C:\WINDOWS\system32\ZoneLabs\ssleay32.dll
+ 2007-06-21 20:56:16 210,432 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll
+ 2007-06-21 20:56:18 3,229,176 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll
+ 2007-06-21 20:55:28 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp_loc040c.dll
+ 2006-09-04 19:59:14 503,875 ----a-w C:\WINDOWS\system32\ZoneLabs\upd_core.dll
+ 2007-12-04 18:12:46 833,248 ----a-w C:\WINDOWS\system32\ZoneLabs\updating.dll
+ 2007-06-21 20:54:46 144,936 ----a-w C:\WINDOWS\system32\ZoneLabs\updclient.exe
+ 2007-06-21 20:55:30 75,152 ----a-w C:\WINDOWS\system32\ZoneLabs\updClient_loc040c.dll
+ 2007-01-11 16:31:06 286,787 ----a-w C:\WINDOWS\system32\ZoneLabs\updtrsdk.dll
+ 2007-06-21 20:54:30 108,008 ----a-w C:\WINDOWS\system32\ZoneLabs\vsavpro.dll
+ 2007-06-21 20:54:30 79,336 ----a-w C:\WINDOWS\system32\ZoneLabs\vsdb.dll
+ 2007-06-21 20:55:30 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\vsdb_loc040c.dll
+ 2007-06-21 20:54:46 75,304 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmon.exe
+ 2007-06-21 20:55:30 46,480 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmon_loc040c.dll
+ 2007-06-21 20:54:32 2,024,936 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmondll.dll
+ 2007-06-21 20:54:32 1,345,000 ----a-w C:\WINDOWS\system32\ZoneLabs\vsruledb.dll
+ 2007-06-21 20:55:30 198,032 ----a-w C:\WINDOWS\system32\ZoneLabs\vsruledb_loc040c.dll
+ 2007-06-21 20:54:34 243,176 ----a-w C:\WINDOWS\system32\ZoneLabs\vsvault.dll
+ 2007-06-21 20:55:30 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\vsvault_loc040c.dll
+ 2007-01-11 10:12:08 2,432,259 ----a-w C:\WINDOWS\system32\ZoneLabs\zlasdbup.dat
+ 2007-06-21 20:54:36 177,640 ----a-w C:\WINDOWS\system32\ZoneLabs\zlparser.dll
+ 2007-06-21 20:54:36 79,344 ----a-w C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll
+ 2007-06-21 20:55:32 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\zlquarantine_loc040c.dll
+ 2007-06-21 20:54:36 378,344 ----a-w C:\WINDOWS\system32\ZoneLabs\zlsre.dll
+ 2007-06-21 20:55:32 21,904 ----a-w C:\WINDOWS\system32\ZoneLabs\zlsre_loc040c.dll
+ 2007-06-21 20:54:36 120,296 ----a-w C:\WINDOWS\system32\ZoneLabs\zlupdate.dll
+ 2007-06-21 20:54:40 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-11-06 15:03]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-10 21:00 C:\WINDOWS\system32\rundll32.exe]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00]
C:\Documents and Settings\Lo‹c\Menu D‚marrer\Programmes\D‚marrage\
NOD32 Control Center.lnk - C:\Program Files\ESET\nod32kui.exe [2006-12-05 19:57:00]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
S2 Ca533av;Icatch(IV) Video Camera Device;C:\WINDOWS\system32\Drivers\Ca533av.sys
S3 int15.sys;int15.sys;\??\C:\Acer\Empowering Technology\eRecovery\int15.sys
S3 psdfilter;psdfilter;\??\C:\WINDOWS\system32\Drivers\psdfilter.sys
S3 psdvdisk;psdvdisk;\??\C:\WINDOWS\system32\Drivers\psdvdisk.sys
S3 USBCamera;Icatch(IV) Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk533.sys
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-07 09:03:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-05 22:42:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-05 22:42:51
.
--- E O F ---
Microsoft Windows XP Professionnel 5.1.2600.2.1252.1.1036.18.315 [GMT 1:00]
Running from: C:\Documents and Settings\Loïc\Bureau\ComboFix.exe
* Created a new restore point
.
((((((((((((((((((((((((((((( Fichiers créés 2007-11-05 to 2007-12-05 ))))))))))))))))))))))))))))))))))))
.
2007-12-05 22:37 . 2007-12-05 22:37 <REP> d-------- C:\Program Files\Trend Micro
2007-12-04 18:27 . 2007-12-04 18:27 <REP> d-------- C:\Documents and Settings\All Users\Application Data\MailFrontier
2007-12-04 18:27 . 2007-12-04 23:36 624,672 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-12-04 18:27 . 2007-12-04 18:27 75,932 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-12-04 18:27 . 2007-06-21 21:54 75,248 --a------ C:\WINDOWS\zllsputility.exe
2007-12-04 18:27 . 2007-12-04 18:27 74,396 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-12-04 18:27 . 2007-06-21 21:55 54,672 --a------ C:\WINDOWS\system32\vsutil_loc040c.dll
2007-12-04 18:27 . 2007-06-21 21:55 42,384 --a------ C:\WINDOWS\zllsputility_loc040c.dll
2007-12-04 18:27 . 2007-06-21 21:55 21,904 --a------ C:\WINDOWS\system32\imsinstall_loc040c.dll
2007-12-04 18:27 . 2007-06-21 21:55 17,808 --a------ C:\WINDOWS\system32\imslsp_install_loc040c.dll
2007-12-04 18:27 . 2007-12-04 23:36 8,396 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2007-12-04 18:27 . 2007-12-04 18:29 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-12-04 18:25 . 2007-12-05 22:35 <REP> d-------- C:\WINDOWS\Internet Logs
2007-12-04 12:45 . <REP> C:\Documents and Settings\Eric 2007-12-04 12:45 <REP> Valérie\Application Data\Grisoft
2007-12-04 08:15 . 2007-09-24 23:31 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2007-12-02 23:46 . 2007-12-02 23:46 <REP> d-------- C:\WINDOWS\system32\Kaspersky Lab
2007-12-02 23:46 . 2007-12-02 23:46 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2007-12-02 16:44 . 2007-12-02 16:44 <REP> d-------- C:\Program Files\Gravity
2007-12-02 15:23 . 2007-12-02 15:23 <REP> d-------- C:\Documents and Settings\Loïc\Application Data\Grisoft
2007-12-02 15:23 . 2007-12-02 15:23 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-02 15:23 . 2007-05-30 13:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-12-02 00:35 . <REP> C:\Documents and Settings\Eric 2007-12-02 00:35 <REP> ValÚrie\Local Settings
2007-11-28 15:42 . 2007-12-02 12:03 <REP> d-------- C:\Program Files\The All-Seeing Eye
2007-11-27 18:45 . 2007-11-27 18:46 <REP> d-------- C:\Program Files\Windows Live
2007-11-25 14:49 . 2007-11-25 14:49 <REP> d-------- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2007-11-25 06:52 . 2007-07-30 19:19 271,224 --a------ C:\WINDOWS\system32\mucltui.dll
2007-11-25 06:52 . 2007-07-30 19:19 207,736 --a------ C:\WINDOWS\system32\muweb.dll
2007-11-25 06:52 . 2007-07-30 19:18 30,072 --a------ C:\WINDOWS\system32\mucltui.dll.mui
2007-11-24 20:26 . 2007-11-24 20:29 <REP> d--hsc--- C:\Program Files\Fichiers communs\WindowsLiveInstaller
2007-11-24 20:26 . 2007-11-27 19:02 <REP> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
2007-11-22 08:24 . 2007-11-22 08:24 <REP> d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2007-11-20 00:09 . 2007-11-20 00:09 <REP> d-------- C:\Program Files\mnProjects
2007-11-18 16:52 . 2007-12-02 12:15 107,832 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2007-11-18 16:52 . 2007-11-18 16:52 66,872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2007-11-18 16:52 . 2007-12-02 12:10 22,328 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-11-18 16:00 . 2007-11-25 08:52 <REP> d-------- C:\Program Files\Wolfenstein - Enemy Territory
2007-11-17 11:35 . 2007-11-18 18:41 <REP> d-------- C:\Program Files\NCSoft
2007-11-17 11:35 . 2007-03-12 16:42 3,495,784 --a------ C:\WINDOWS\system32\d3dx9_33.dll
2007-11-14 07:08 . 2007-11-14 07:08 118 --a------ C:\WINDOWS\system32\MRT.INI
2007-11-05 18:07 . 2007-11-05 17:38 258,352 --a------ C:\WINDOWS\system32\unicows.dll
.
(((((((((((((((((((((((((((((((((( Compte-rendu de Find3M ))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-05 21:10 --------- d-----w C:\Program Files\Heroes Ragnarok
2007-12-04 19:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-04 11:54 --------- d-----w C:\Program Files\eMule
2007-12-04 11:45 --------- d-----w C:\Documents and Settings\Eric & Valérie\Application Data\Grisoft
2007-12-04 07:15 --------- d-----w C:\Program Files\Java
2007-11-24 18:39 --------- d-----w C:\Documents and Settings\All Users\Application Data\Google Updater
2007-11-19 07:20 --------- d-----w C:\Program Files\Crawler
2007-11-18 17:44 --------- d-----w C:\Program Files\vanBasco's Karaoke Player
2007-11-18 17:44 --------- d-----w C:\Program Files\TrackMania Nations ESWC
2007-11-18 17:44 --------- d-----w C:\Program Files\LimeWire
2007-11-18 17:44 --------- d-----w C:\Program Files\FrenchOtto
2007-11-18 17:44 --------- d-----w C:\Program Files\FaxTools
2007-11-18 17:44 --------- d-----w C:\Program Files\DivX
2007-11-18 17:44 --------- d-----w C:\Program Files\Beneton Movie GIF
2007-11-18 17:41 --------- d--h--w C:\Program Files\InstallShield Installation Information
2007-11-18 17:39 --------- d-----w C:\Program Files\Jasc Software Inc
2007-10-23 10:29 --------- d-----w C:\Program Files\Net Pro Anti-Popup
2007-10-22 17:10 --------- d-----w C:\Documents and Settings\All Users\Application Data\WhiteCap (Holiday Edition)
2007-10-22 17:08 --------- d-----w C:\Program Files\Microsoft
2007-10-21 15:20 --------- d-----w C:\Program Files\Red Kawa
2007-10-21 14:23 --------- d-----w C:\Documents and Settings\Loïc\Application Data\Radios Media Player
2007-10-18 10:31 51,224 ----a-w C:\WINDOWS\system32\sirenacm.dll
2007-09-28 16:08 156,992 ----a-w C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2007-09-28 16:07 524,288 ----a-w C:\WINDOWS\system32\DivXsm.exe
2007-09-28 16:07 3,596,288 ----a-w C:\WINDOWS\system32\qt-dx331.dll
2007-09-28 16:07 200,704 ----a-w C:\WINDOWS\system32\ssldivx.dll
2007-09-28 16:07 129,784 ------w C:\WINDOWS\system32\pxafs.dll
2007-09-28 16:07 120,056 ------w C:\WINDOWS\system32\pxcpyi64.exe
2007-09-28 16:07 118,520 ------w C:\WINDOWS\system32\pxinsi64.exe
2007-09-28 16:07 1,044,480 ----a-w C:\WINDOWS\system32\libdivx.dll
2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2007-09-28 16:05 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2007-09-28 16:05 81,920 ----a-w C:\WINDOWS\system32\dpl100.dll
2007-09-28 16:05 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2007-09-28 16:05 739,840 ----a-w C:\WINDOWS\system32\DivX.dll
2007-09-28 16:05 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2007-09-28 16:05 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2007-09-28 16:05 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2007-09-28 16:05 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2007-09-28 16:05 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
2007-09-28 16:05 196,608 ----a-w C:\WINDOWS\system32\dtu100.dll
2007-09-28 16:05 12,288 ----a-w C:\WINDOWS\system32\DivXWMPExtType.dll
2007-03-14 21:06 583 ----a-w C:\Documents and Settings\Loïc\clean.reg
2007-03-14 21:06 583 ----a-w C:\Documents and Settings\Loïc\clean.reg
2007-02-18 19:45 3,992,288 ----a-w C:\Documents and Settings\Loïc\TRACE_BOOT+DRIVERS_1_1.BIN
2007-02-18 19:45 3,992,288 ----a-w C:\Documents and Settings\Loïc\TRACE_BOOT+DRIVERS_1_1.BIN
.
((((((((((((((((((((((((((((( snapshot@2007-12-02_ 0.34.47.04 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-10-24 02:01:44 780,800 ----a-w C:\WINDOWS\Resources\Themes\Zune\Shell\NormalColor\shellstyle.dll
+ 2007-05-30 23:03:48 110,360 ----a-w C:\WINDOWS\system32\drivers\kl1.sys
+ 2007-05-30 23:03:50 119,576 ----a-w C:\WINDOWS\system32\drivers\klif.sys
- 2007-11-08 14:11:45 189,792 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
+ 2007-12-05 07:28:59 191,384 ----a-w C:\WINDOWS\system32\FNTCACHE.DAT
- 2006-12-15 00:30:58 49,248 ----a-w C:\WINDOWS\system32\java.exe
+ 2007-09-24 21:30:28 135,168 ----a-w C:\WINDOWS\system32\java.exe
- 2006-12-15 00:31:06 53,346 ----a-w C:\WINDOWS\system32\javaw.exe
+ 2007-09-24 21:30:30 135,168 ----a-w C:\WINDOWS\system32\javaw.exe
- 2006-12-15 02:09:14 127,078 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2007-09-24 22:31:42 139,264 ----a-w C:\WINDOWS\system32\javaws.exe
+ 2005-05-24 11:27:16 213,048 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavss.dll
+ 2007-08-29 14:47:20 94,208 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavuninstall.exe
+ 2007-08-29 14:49:54 950,272 ----a-w C:\WINDOWS\system32\Kaspersky Lab\Kaspersky Online Scanner\kavwebscan.dll
+ 2007-06-21 20:54:26 796,048 ----a-w C:\WINDOWS\system32\libeay32_0.9.6l.dll
+ 2007-06-21 20:54:30 83,432 ----a-w C:\WINDOWS\system32\vsdata.dll
+ 2007-06-21 20:54:52 394,984 ----a-w C:\WINDOWS\system32\vsdatant.sys
+ 2007-06-21 20:54:32 157,160 ----a-w C:\WINDOWS\system32\vsinit.dll
+ 2007-06-21 20:54:32 103,912 ----a-w C:\WINDOWS\system32\vsmonapi.dll
+ 2007-06-21 20:54:32 275,944 ----a-w C:\WINDOWS\system32\vspubapi.dll
+ 2007-06-21 20:54:32 71,144 ----a-w C:\WINDOWS\system32\vsregexp.dll
+ 2007-06-21 20:54:34 472,552 ----a-w C:\WINDOWS\system32\vsutil.dll
+ 2007-06-21 20:54:34 46,568 ----a-w C:\WINDOWS\system32\vswmi.dll
+ 2007-06-21 20:54:34 99,816 ----a-w C:\WINDOWS\system32\vsxml.dll
+ 2007-06-21 20:54:34 83,432 ----a-w C:\WINDOWS\system32\zlcomm.dll
+ 2007-06-21 20:54:34 71,144 ----a-w C:\WINDOWS\system32\zlcommdb.dll
+ 2007-06-21 20:54:24 366,112 ----a-w C:\WINDOWS\system32\ZoneLabs\av.dll
+ 2007-06-21 20:55:26 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\av_loc040c.dll
+ 2007-05-30 23:03:30 65,248 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\aphish.dat
+ 2006-06-30 13:47:36 21,568 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\bases\avcmhk4.dll
+ 2007-05-30 23:03:16 77,824 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHComm.dll
+ 2007-05-30 23:03:16 110,592 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHrule.dll
+ 2007-05-30 23:03:16 331,776 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\CKAHUM.dll
+ 2007-05-30 23:03:16 38,400 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\FSSync.dll
+ 2006-09-19 22:12:14 208,960 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\inv.dll
+ 2007-05-30 23:03:16 258,048 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\kave.dll
+ 2006-12-19 17:13:52 1,093,632 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\libeay32.dll
+ 2007-05-30 23:03:20 548,864 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\msvcp80.dll
+ 2007-05-30 23:03:20 626,688 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\msvcr80.dll
+ 2007-05-30 23:03:18 184,320 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\prloader.dll
+ 2007-05-30 23:03:22 90,112 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\prremote.dll
+ 2007-05-30 23:03:18 118,784 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
+ 2006-12-19 17:13:52 200,704 ----a-w C:\WINDOWS\system32\ZoneLabs\avsys\ssleay32.dll
+ 2007-06-21 20:54:24 99,816 ----a-w C:\WINDOWS\system32\ZoneLabs\camupd.dll
+ 2007-06-21 20:55:26 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\camupd_loc040c.dll
+ 2004-01-30 11:35:08 813,568 ----a-w C:\WINDOWS\system32\ZoneLabs\dbghelp.dll
+ 2007-06-21 20:54:24 128,480 ----a-w C:\WINDOWS\system32\ZoneLabs\fbl.dll
+ 2007-06-21 20:54:26 38,376 ----a-w C:\WINDOWS\system32\ZoneLabs\featuremap.dll
+ 2007-06-21 20:54:26 321,016 ----a-w C:\WINDOWS\system32\ZoneLabs\imsecure.dll
+ 2007-06-21 20:55:28 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\imsecure_loc040c.dll
+ 2007-06-21 20:55:26 288,144 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\ConfigWizard_loc040c.zip.dll
+ 2007-06-21 20:55:28 152,976 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\LicenseUI_loc040c.zip.dll
+ 2007-06-21 20:54:54 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zlsvc.zip.dll
+ 2007-06-21 20:54:54 1,361,296 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zpy.zip.dll
+ 2007-06-21 20:54:54 71,056 ----a-w C:\WINDOWS\system32\ZoneLabs\lib\zui.zip.dll
+ 2007-06-21 20:56:16 30,184 ----a-w C:\WINDOWS\system32\ZoneLabs\plugins\rpc_server\rpc_server.dll
+ 2007-06-21 20:56:16 30,216 ----a-w C:\WINDOWS\system32\ZoneLabs\plugins\vsmon_plugin\vsmon_plugin.dll
+ 2007-06-11 11:43:50 714,472 ----a-w C:\WINDOWS\system32\ZoneLabs\qrbase.dll
+ 2007-06-11 11:43:52 788,200 ----a-w C:\WINDOWS\system32\ZoneLabs\qrsrecl.dll
+ 2007-06-21 20:54:28 173,544 ----a-w C:\WINDOWS\system32\ZoneLabs\scheduler.dll
+ 2007-06-21 20:55:30 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\scheduler_loc040c.dll
+ 2007-01-11 10:12:08 2,432,259 ----a-w C:\WINDOWS\system32\ZoneLabs\spyware.dat
+ 2007-06-11 11:43:56 1,496,808 ----a-w C:\WINDOWS\system32\ZoneLabs\srescan.dll
+ 2007-06-11 11:44:10 50,416 ----a-w C:\WINDOWS\system32\ZoneLabs\srescan.sys
+ 2007-06-21 20:54:28 456,168 ----a-w C:\WINDOWS\system32\ZoneLabs\ssleay32.dll
+ 2007-06-21 20:56:16 210,432 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\httpblocker\httpblocker.dll
+ 2007-06-21 20:56:18 3,229,176 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp.dll
+ 2007-06-21 20:55:28 26,000 ----a-w C:\WINDOWS\system32\ZoneLabs\streamapi\imslsp\imslsp_loc040c.dll
+ 2006-09-04 19:59:14 503,875 ----a-w C:\WINDOWS\system32\ZoneLabs\upd_core.dll
+ 2007-12-04 18:12:46 833,248 ----a-w C:\WINDOWS\system32\ZoneLabs\updating.dll
+ 2007-06-21 20:54:46 144,936 ----a-w C:\WINDOWS\system32\ZoneLabs\updclient.exe
+ 2007-06-21 20:55:30 75,152 ----a-w C:\WINDOWS\system32\ZoneLabs\updClient_loc040c.dll
+ 2007-01-11 16:31:06 286,787 ----a-w C:\WINDOWS\system32\ZoneLabs\updtrsdk.dll
+ 2007-06-21 20:54:30 108,008 ----a-w C:\WINDOWS\system32\ZoneLabs\vsavpro.dll
+ 2007-06-21 20:54:30 79,336 ----a-w C:\WINDOWS\system32\ZoneLabs\vsdb.dll
+ 2007-06-21 20:55:30 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\vsdb_loc040c.dll
+ 2007-06-21 20:54:46 75,304 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmon.exe
+ 2007-06-21 20:55:30 46,480 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmon_loc040c.dll
+ 2007-06-21 20:54:32 2,024,936 ----a-w C:\WINDOWS\system32\ZoneLabs\vsmondll.dll
+ 2007-06-21 20:54:32 1,345,000 ----a-w C:\WINDOWS\system32\ZoneLabs\vsruledb.dll
+ 2007-06-21 20:55:30 198,032 ----a-w C:\WINDOWS\system32\ZoneLabs\vsruledb_loc040c.dll
+ 2007-06-21 20:54:34 243,176 ----a-w C:\WINDOWS\system32\ZoneLabs\vsvault.dll
+ 2007-06-21 20:55:30 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\vsvault_loc040c.dll
+ 2007-01-11 10:12:08 2,432,259 ----a-w C:\WINDOWS\system32\ZoneLabs\zlasdbup.dat
+ 2007-06-21 20:54:36 177,640 ----a-w C:\WINDOWS\system32\ZoneLabs\zlparser.dll
+ 2007-06-21 20:54:36 79,344 ----a-w C:\WINDOWS\system32\ZoneLabs\zlquarantine.dll
+ 2007-06-21 20:55:32 17,808 ----a-w C:\WINDOWS\system32\ZoneLabs\zlquarantine_loc040c.dll
+ 2007-06-21 20:54:36 378,344 ----a-w C:\WINDOWS\system32\ZoneLabs\zlsre.dll
+ 2007-06-21 20:55:32 21,904 ----a-w C:\WINDOWS\system32\ZoneLabs\zlsre_loc040c.dll
+ 2007-06-21 20:54:36 120,296 ----a-w C:\WINDOWS\system32\ZoneLabs\zlupdate.dll
+ 2007-06-21 20:54:40 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((( Point de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-11-06 15:03]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 21:00]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-10 21:00 C:\WINDOWS\system32\rundll32.exe]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 10:25]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [2007-09-25 01:11]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2007-06-21 21:54]
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 21:00]
C:\Documents and Settings\Lo‹c\Menu D‚marrer\Programmes\D‚marrage\
NOD32 Control Center.lnk - C:\Program Files\ESET\nod32kui.exe [2006-12-05 19:57:00]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"NvCplDaemon"=RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" -atboottime
"TkBellExe"="C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
S2 Ca533av;Icatch(IV) Video Camera Device;C:\WINDOWS\system32\Drivers\Ca533av.sys
S3 int15.sys;int15.sys;\??\C:\Acer\Empowering Technology\eRecovery\int15.sys
S3 psdfilter;psdfilter;\??\C:\WINDOWS\system32\Drivers\psdfilter.sys
S3 psdvdisk;psdvdisk;\??\C:\WINDOWS\system32\Drivers\psdvdisk.sys
S3 USBCamera;Icatch(IV) Still Camera Device;C:\WINDOWS\system32\Drivers\Bulk533.sys
S3 ZD1211BU(ZyDAS);ZyDAS ZD1211B IEEE 802.11 b+g Wireless LAN Driver (USB)(ZyDAS);C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys
.
Contenu du dossier 'Scheduled Tasks/Tâches planifiées'
"2007-11-07 09:03:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe
.
**************************************************************************
catchme 0.3.1318 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-05 22:42:04
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2007-12-05 22:42:51
.
--- E O F ---
Problème reglé. Apres une série de redémarages réussis/ratés en terminant des processus dans le gestionnaire des tâches, j'ai fini par voir que c'était le processus " BTNtservice.exe" qui m'empechait de fermer Windows.
BTNtservice.exe est un processus du logiciel BlueSoleil (qui permet d'envoyer des fichiers via bluetooth avec un adaptateur USB).
Probleme reglé en supprimant BTNtservice.exe. Cela ne gene pas l'envoi/reception de fichiers via bluetooth.
J'ai ajouté "[Résolu]" au titre de mon topic.
Voila, je te remercie encore pour toute ton aide pour désinfecter mon PC. Bonne soirée à toi![:D]( ":D")
.
![:hello:]( ":hello:")
BTNtservice.exe est un processus du logiciel BlueSoleil (qui permet d'envoyer des fichiers via bluetooth avec un adaptateur USB).
Probleme reglé en supprimant BTNtservice.exe. Cela ne gene pas l'envoi/reception de fichiers via bluetooth.
J'ai ajouté "[Résolu]" au titre de mon topic.
Voila, je te remercie encore pour toute ton aide pour désinfecter mon PC. Bonne soirée à toi
. 
Lassé par la pub ? Créez un compte
- Contenus similaires :
- Forum[RESOLU] problème de pubs qui s'ouvrent seules
- ForumPubs intempestives sur aspire one [RESOLU]
- ForumRésolu[Résolu] Pub intempestives
- Forum[Résolu] Demande d'aide pour les Pubs Internet !
- ForumOuverture intempestive de firefox pour pubs : virus ? [RESOLU]
- Forum [ RESOLU ] Pubs intempestives!!!
- Forumpubs intempestives. RESOLU
- Forum[Résolu]Pubs intempestives et lenteur du PC : rapport hijack normal?
- Forum[Résolu] Pubs sous explorer
- Forum[Résolu] Fenêtres pubs Explorer
- Voir plus
