rss
Ils ont besoin de votre aide Tous les messages sans réponse
Rechercher : dans
Par : Pertinence Date Nom d'utilisateur
Statut : Résolu

Pop up CiD

Posté par Shikita, le jeudi 8 mars 2007 à 16:23:51
Bonjour,
depuis quelques temps j'ai des popup qui s'affiche des que j'ouvre une page internet j'ai beau avoir des bloquer dez popup rien ne les arrete. j'ai remarqué qu'au début de l'affichage il y a toujours le mot CiD comme nom de fenetre.
Quelqu'un peuy-il m'aider?
Merci Shikita
Configuration: Windows XP
Internet Explorer 7.0
 Signaler ce message aux modérateurs
101 réponses 12345

1


  • 1    Ce message vous semble utile, votez !
  • Ce message ne vous semble pas utile, votez !
  • Signaler ce message aux modérateurs
Regis59, le jeudi 8 mars 2007 à 17:08:23
Salut,

télécharge HijackThis ici:
http://telechargement.zebulon.fr/138-hijackthis-1991.html

Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif

Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum

Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm

Bon courage

A+
"J'avais rêvé d'un monde meilleur...Sans différence de couleurS...Egalité..."-MLK-
   

2


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
shikita, le vendredi 9 mars 2007 à 17:45:04
Merci Regis59.
Voila le log donné par Hijackthis


Logfile of HijackThis v1.99.1
Scan saved at 17:41:47, on 09/03/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
c:\progra~1\intern~1\iexplore.exe
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\niSvcLoc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
c:\APPS\Powercinema\Kernel\TV\CLSched.exe
C:\WINDOWS\system32\nipalsm.exe
C:\WINDOWS\system32\nipalsm.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Norton AntiVirus\navw32.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Norton AntiVirus\navw32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://format.packardbell.com/...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://format.packardbell.com/cgi-bin/redirect/?country=FR&r­ange=AD&phase=7&key=MED
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard Bell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Fichiers communs\Symantec Shared\AdBlocking\NISShExt.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Fichiers communs\Symantec Shared\ccApp.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Dash view] D:\DOCUME~1\CHRIST~1\APPLIC~1\THIRDT~1\Tick Draw.exe
O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://vivi-tito.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/...
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - c:\APPS\Powercinema\Kernel\TV\CLSched.exe
O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program Files\CyberLink\Shared Files\CLML_NTService\CLMLServer.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Unknown owner - C:\Program Files\Norton Internet Security\ISSVC.exe (file missing)
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: MysqlInventime - Unknown owner - C:\Apps\INVENT~1\mysql\bin\mysqld-nt.exe
O23 - Service: Service Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: nidevldu - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NILM License manager - Macrovision Corporation - C:\Program Files\National Instruments\Shared\License Manager\Bin\lmgrd.exe
O23 - Service: nipxirmu - National Instruments Corporation - C:\WINDOWS\system32\nipalsm.exe
O23 - Service: NI Service Locator (niSvcLoc) - National Instruments - C:\WINDOWS\system32\niSvcLoc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FICHIE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\CCPD-LC\symlcsvc.exe
   

96


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
b1b1, le dimanche 1 juin 2008 à 12:12:21
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:10:38, on 01/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\OrangeHSS\Systray\SystrayApp.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\System32\spool\drivers\w32x86\3\E_FATICAE.EXE
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Users\ben ben\Program Files\DNA\btdna.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolb­arNotifier.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\ehome\ehmsas.exe
C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\AlertModule\0\AlertModule.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
C:\Program Files\Internet Explorer\ieuser.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Users\ben ben\Documents\HijackThis\HiJackThis.exe
C:\Program Files\Windows Media Player\wmplayer.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fr.fr.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fr.fr.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\Program Files\OrangeHSS\SearchURLHook\SearchPageURL.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: Yahoo! Toolbar avec bloqueur de fenêtres pop-up - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Apanel] C:\ACERSW\config\NewSetApanel.cmd
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKLM\..\Run: [SystrayORAHSS] "C:\Program Files\OrangeHSS\Systray\SystrayApp.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [EPSON Stylus DX4400 Series] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATICAE.EXE /FU "C:\Windows\TEMP\E_S16BB.tmp" /EF "HKCU"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BitTorrent DNA] "C:\Users\ben ben\Program Files\DNA\btdna.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolb­arNotifier.exe
O4 - HKCU\..\Run: [Error mail] "C:\ProgramData\Upload Bags Bags.71l8ud"
O4 - HKCU\..\Run: [LESS CITY AMEN SETUP] "C:\ProgramData\axis rule frag.2kaa3eh"
O4 - HKCU\..\Run: [AdwareBot] C:\Program Files\AdwareBot\AdwareBot.exe -boot
O4 - HKUS\S-1-5-18\..\Run: [] (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [] (User 'Default user')
O4 - Startup: OneNote 2007 - Capture d'écran et lancement.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O9 - Extra button: Ajout Direct - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Envoyer à OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Service Bonjour (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom SA - C:\PROGRA~1\COMMON~1\France Telecom\Shared Modules\FTRTSVC\0\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Service de l'iPod (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Validation de mot de passe Symantec IS (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Planificateur LiveUpdate automatique - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
End of file - 11659 bytes
   

98


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
fabyfgj, le dimanche 1 juin 2008 à 15:18:14
Logfile of HijackThis v1.99.1
Scan saved at 15:11:38, on 01/06/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Media Connect\mswmcls.exe
C:\WINDOWS\system32\drivers\Icon.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Apps\Powercinema\PCMService.exe
C:\Program Files\Packard Bell EverSafe\TrayControl.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Program Files\Microsoft Works\WksSb.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Shareaza\Shareaza.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearchIndexer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\iWizz\iWizz.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\MSN Toolbar Suite\SL\02.05.0001.1119\fr-fr\msn_sl.exe
C:\DOCUME~1\Fabien\LOCALS~1\Temp\Répertoire temporaire 1 pour hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,userinit.exe
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Catcher Class - {ADECBED6-0366-4377-A739-E69DFBA04663} - C:\Program Files\Moyea\FLV Downloader\MoyeaCth.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Barre d'outils MSN Search Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Barre d'outils MSN Search - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [Icon] C:\WINDOWS\system32\drivers\Icon.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [PCMService] "c:\Apps\Powercinema\PCMService.exe"
O4 - HKLM\..\Run: [EmailChecker] C:\APPS\EmailChecker\ech.exe
O4 - HKLM\..\Run: [NovaNet-WEB Tray Control] C:\Program Files\Packard Bell EverSafe\TrayControl.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [runner1] C:\WINDOWS\mrofinu1423.exe 61A847B5BBF7281336993B466188719AB689201522886B092CBD44BD8689­220221DD3257
O4 - HKLM\..\Run: [Cake Wipe Inside Wma] C:\Documents and Settings\All Users\Application Data\flag barb cake wipe\16 Bore.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe­
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|DEFAULT=cnx|PARAM=
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [way meet] C:\DOCUME~1\Fabien\APPLIC~1\ONCEAU~1\find wma.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: Démarrage rapide de HP Photosmart Premier.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\microsoft office\Office\OSA9.EXE
O4 - Global Startup: Packard Bell EverSafe Tray Control.lnk = C:\Program Files\Packard Bell EverSafe\TrayControl.exe
O4 - Global Startup: Rappels du Calendrier Microsoft Works.lnk = ?
O4 - Global Startup: Windows Desktop Search.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fr-fr\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fr-fr\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Organise-notes - {9455301C-CF6B-11D3-A266-00C04F689C50} - C:\Program Files\Fichiers communs\Microsoft Shared\Reference 2001\EROProj.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra 'Tools' menuitem: Messager Wanadoo - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\WANADO~1\Wanadoo Messager.exe
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - http://www.orange.fr (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\fr.htm
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/FR-FR/a-UNO1/GAME_UNO1.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\FICHIE~1\AOL\ACS\AOLacsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: MySqlInventime - Unknown owner - c:\mysql\bin\mysqld-max-nt.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Windows Service Pack Installer update service (spupdsvc) - Unknown owner - C:\WINDOWS\system32\spupdsvc.exe
   

3


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
Regis59, le vendredi 9 mars 2007 à 17:55:15
Salut,

Télécharge LopxpMH sur ton Bureau.

http://perso.numericable.fr/~altshift/Info/Fichiers/lopxpMH2­.zip

Dézippe-le (clic droit >> Extraire ici) et double clique sur le fichier lopxpMH.bat.

Poste le contenu du rapport qui va s'ouvrir.

A+ "J'avais rêvé d'un monde meilleur...Sans différence de couleurS...Egalité..."-MLK-
   

4


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
shikita, le vendredi 9 mars 2007 à 22:15:25
Merci encore

Voici le rapport:

Rapport fait à 22:13:48,71 le 09/03/2007

******************************************
## Répertoires Application Data

Le volume dans le lecteur D s'appelle DATA
Le num‚ro de s‚rie du volume est B0C9-D054

R‚pertoire de D:\aa42012516fb491ead0f72

Le volume dans le lecteur D s'appelle DATA
Le num‚ro de s‚rie du volume est B0C9-D054

R‚pertoire de D:\Documents and Settings

Le volume dans le lecteur D s'appelle DATA
Le num‚ro de s‚rie du volume est B0C9-D054

R‚pertoire de D:\MSOCache

Le volume dans le lecteur D s'appelle DATA
Le num‚ro de s‚rie du volume est B0C9-D054

R‚pertoire de D:\Nouveau dossier

Le volume dans le lecteur D s'appelle DATA
Le num‚ro de s‚rie du volume est B0C9-D054

R‚pertoire de D:\RECYCLER

Le volume dans le lecteur D s'appelle DATA
Le num‚ro de s‚rie du volume est B0C9-D054

R‚pertoire de D:\System Volume Information

Le volume dans le lecteur D s'appelle DATA
Le num‚ro de s‚rie du volume est B0C9-D054

R‚pertoire de D:\T‚l‚chargements

Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est 8CB4-F7B5

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Application Data

16/08/2004 18:16 <REP> .
16/08/2004 18:16 <REP> ..
13/01/2006 21:07 <REP> Identities
13/01/2006 21:07 <REP> Macromedia
16/08/2004 18:16 <REP> Microsoft
13/01/2006 21:07 <REP> Real
13/01/2006 21:07 <REP> Symantec
13/01/2006 21:07 <REP> You've Got Pictures Screensaver
16/08/2004 18:16 62 desktop.ini
1 fichier(s) 62 octets
8 R‚p(s) 9ÿ661ÿ644ÿ800 octets libres
Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est 8CB4-F7B5

R‚pertoire de C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data

16/08/2004 18:16 <REP> .
16/08/2004 18:16 <REP> ..
13/01/2006 21:07 <REP> {3248F0A6-6813-11D6-A77B-00B0D0150020}
13/01/2006 21:07 <REP> ApplicationHistory
16/08/2004 18:16 <REP> Microsoft
13/01/2006 21:07 <REP> PowerCinema
13/01/2006 21:07 135 fusioncache.dat
13/01/2006 21:07 34ÿ232 GDIPFONTCACHEV1.DAT
13/01/2006 21:07 2ÿ692ÿ438 IconCache.db
3 fichier(s) 2ÿ726ÿ805 octets
6 R‚p(s) 9ÿ661ÿ644ÿ800 octets libres

******************************************
Recherche des taches planifiées dans C:\WINDOWS\tasks

Le volume dans le lecteur D s'appelle DATA
Le num‚ro de s‚rie du volume est B0C9-D054

R‚pertoire de D:\

29/01/2007 21:03 <REP> Nouveau dossier
05/01/2007 00:59 268 sqmdata19.sqm
05/01/2007 00:59 244 sqmnoopt19.sqm
06/12/2006 01:12 268 sqmdata18.sqm
06/12/2006 01:12 0 sqmnoopt18.sqm
05/12/2006 23:56 268 sqmdata17.sqm
05/12/2006 23:56 244 sqmnoopt17.sqm
01/12/2006 01:38 268 sqmdata16.sqm
01/12/2006 01:38 244 sqmnoopt16.sqm
29/11/2006 01:46 268 sqmdata15.sqm
29/11/2006 01:46 244 sqmnoopt15.sqm
28/11/2006 12:42 268 sqmdata14.sqm
28/11/2006 12:42 244 sqmnoopt14.sqm
27/11/2006 23:39 268 sqmdata13.sqm
27/11/2006 23:39 244 sqmnoopt13.sqm
15/11/2006 20:24 <REP> aa42012516fb491ead0f72
14/11/2006 00:23 268 sqmdata12.sqm
14/11/2006 00:23 244 sqmnoopt12.sqm
13/11/2006 16:36 268 sqmdata11.sqm
13/11/2006 16:36 244 sqmnoopt11.sqm
11/11/2006 11:37 <REP> T‚l‚chargements
10/11/2006 18:24 268 sqmdata10.sqm
10/11/2006 18:24 244 sqmnoopt10.sqm
10/11/2006 16:23 268 sqmdata09.sqm
10/11/2006 16:23 244 sqmnoopt09.sqm
09/11/2006 20:54 244 sqmnoopt08.sqm
09/11/2006 20:54 268 sqmdata08.sqm
24/10/2006 18:12 244 sqmnoopt07.sqm
24/10/2006 18:12 268 sqmdata07.sqm
23/10/2006 21:46 268 sqmdata06.sqm
23/10/2006 21:46 244 sqmnoopt06.sqm
23/10/2006 21:40 268 sqmdata05.sqm
23/10/2006 21:40 244 sqmnoopt05.sqm
23/10/2006 17:53 244 sqmnoopt04.sqm
23/10/2006 17:53 268 sqmdata04.sqm
23/10/2006 17:45 244 sqmnoopt03.sqm
23/10/2006 17:45 268 sqmdata03.sqm
17/10/2006 20:52 244 sqmnoopt02.sqm
17/10/2006 20:52 268 sqmdata02.sqm
16/10/2006 23:17 268 sqmdata01.sqm
16/10/2006 23:17 244 sqmnoopt01.sqm
15/10/2006 20:00 268 sqmdata00.sqm
15/10/2006 20:00 244 sqmnoopt00.sqm
11/02/2006 17:23 <REP> MSOCache
07/11/2005 09:11 <REP> Documents and Settings
07/11/2005 00:50 <REP> RECYCLER
07/11/2005 00:12 <REP> System Volume Information
40 fichier(s) 9ÿ996 octets
7 R‚p(s) 20ÿ038ÿ459ÿ392 octets libres

******************************************
## Répertoires de C:\Program Files

Le volume dans le lecteur C s'appelle HDD
Le num‚ro de s‚rie du volume est 8CB4-F7B5

R‚pertoire de C:\Program Files

26/02/2007 12:12 <REP> .
26/02/2007 12:12 <REP> ..
06/12/2006 20:27 <REP> Adobe
11/02/2006 16:18 <REP> Ahead
12/02/2007 21:59 <REP> Aladdin Systems
02/08/2006 19:12 <REP> Alcohol Soft
07/11/2005 00:19 <REP> AMD
17/01/2006 15:21 <REP> AOL 9.0
07/11/2005 00:30 <REP> AOL Compagnon
02/12/2006 14:32 <REP> AVI to VCD SVCD DVD Converter
13/11/2006 13:57 <REP> BitComet
09/02/2007 16:11 <REP> BitDownload
13/01/2006 22:38 <REP> Ciel
02/08/2006 19:24 <REP> Codemasters
16/08/2004 18:05 <REP> ComPlus Applications
18/01/2006 22:28 <REP> Convertor
25/09/2006 16:04 <REP> Cubemaster 2000
07/11/2005 00:39 <REP> CyberLink
29/11/2006 01:38 <REP> DelMp3Kok
09/10/2006 14:38 <REP> Disney Interactive
22/01/2007 13:48 <REP> Doom 3
02/12/2006 14:38 <REP> DVDx
08/03/2007 20:33 <REP> eMule
09/02/2007 16:09 <REP> Fichiers communs
11/01/2007 23:41 <REP> FlashFXP
09/02/2007 16:56 <REP> GecoMaes
07/11/2005 00:36 <REP> GMixon
09/02/2007 17:33 <REP> Google
26/01/2007 13:41 <REP> GrabIt
11/01/2007 13:04 <REP> Heredis 8
29/11/2006 01:24 <REP> Illustrate
16/02/2007 13:00 <REP> Internet Explorer
13/01/2006 22:40 <REP> ISSENDIS
07/11/2005 00:23 <REP> Java
23/10/2006 19:09 <REP> K!TV
05/12/2006 23:19 <REP> KaraFun
15/01/2006 19:30 <REP> K-Lite Codec Pack
02/08/2006 19:48 <REP> KONAMI
18/01/2006 22:28 <REP> Lavalys
12/01/2007 15:06 <REP> Lavasoft
07/11/2005 00:30 <REP> Learn2.com
02/08/2006 20:40 <REP> Logitech
16/08/2004 18:03 <REP> Messenger
02/02/2006 19:59 <REP> MeuhMeuhTV
04/02/2006 14:01 <REP> Micro Application
16/08/2004 18:11 <REP> microsoft frontpage
11/02/2006 17:25 <REP> Microsoft Office
11/02/2006 17:24 <REP> Microsoft.NET
16/08/2004 18:06 <REP> Movie Maker
15/01/2007 00:54 <REP> Mozilla Firefox
16/08/2004 18:03 <REP> MSN
16/08/2004 18:03 <REP> MSN Gaming Zone
08/03/2007 16:47 <REP> MSN Messenger
15/11/2006 20:24 <REP> MSXML 4.0
25/02/2006 09:44 <REP> National Instruments
16/08/2004 18:06 <REP> NetMeeting
15/01/2007 00:31 <REP> Norton
25/01/2007 16:48 <REP> Norton AntiVirus
13/01/2006 22:40 <REP> OFFICE One6.5
16/08/2004 18:03 <REP> Online Services
15/12/2006 02:36 <REP> Outlook Express
09/03/2007 00:26 <REP> PacificPoker
12/01/2007 15:05 <REP> Picasa2
01/12/2006 00:20 <REP> QuickTime
13/01/2006 22:39 <REP> Readiris Pro 8
07/11/2005 00:30 <REP> Real
02/08/2006 20:50 <REP> ReflexiveArcade
11/01/2007 02:48 <REP> RegCleaner
05/09/2006 12:05 <REP> Ricochet Xtreme
16/08/2004 18:07 <REP> Services en ligne
01/12/2006 00:21 <REP> SmartSound Software
07/11/2005 00:40 <REP> Sonic
15/01/2007 01:10 <REP> Symantec
17/10/2006 15:09 <REP> SymNetDrv
26/02/2007 12:12 <REP> THIRDTHUNKHELP
15/01/2006 19:37 <REP> ToniArts
14/12/2006 18:59 <REP> Ubi soft
05/12/2006 23:23 <REP> Ulead Systems
23/01/2006 22:17 <REP> VideoLAN
07/11/2005 00:30 <REP> Viewpoint
30/11/2006 21:52 <REP> VirtualDub
02/08/2006 20:49 <REP> WildTangent
25/09/2006 15:22 <REP> Win G‚n‚alogic
12/01/2007 17:06 <REP> Windows Installer Clean Up
07/11/2005 00:38 <REP> Windows Media Components
27/11/2006 23:35 <REP> Windows Media Connect 2
27/11/2006 23:35 <REP> Windows Media Player
16/08/2004 18:03 <REP> Windows NT
01/12/2006 22:04 <REP> winOKE Ltd
11/01/2007 13:04 <REP> WinRAR
16/08/2004 18:11 <REP> xerox
11/01/2007 00:16 <REP> XisoManager
0 fichier(s) 0 octets
92 R‚p(s) 9ÿ661ÿ636ÿ608 octets libres

******************************************
## Popups autorisées

* Internet Explorer

! REG.EXE VERSION 3.0

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow
www.packardbell.fr REG_NONE
www.3suisses.fr REG_BINARY
www.cmonjour.com REG_BINARY
www.laredoute.fr REG_BINARY
www.super-secretaire.com REG_BINARY
www.manpower.fr REG_BINARY
www.anpe.fr REG_BINARY
www.grattage.com REG_BINARY 0000
*.fr.prizee.com REG_BINARY
www.code-hit.com REG_BINARY
www.concours.fr REG_BINARY
www.keljob.com REG_BINARY
www.skihorizon.com REG_BINARY
www.travelski.com REG_BINARY
fr.france-montagnes.com REG_BINARY
www.skibed.com REG_BINARY
www.sports-hiver.com REG_BINARY
www.homelidays.com REG_BINARY
www.skifrance.fr REG_BINARY
www.2alpeservices.com REG_BINARY
www.chalets-des-alpes.fr REG_BINARY
www.123skichalets.com REG_BINARY
www.les2alpes.com REG_BINARY
netbios-wait.com REG_SZ
www.netbios-wait.com REG_SZ
netsearchsoft.com REG_SZ
www.netsearchsoft.com REG_SZ
www.carriereonline.com REG_BINARY
www.ameli.fr REG_BINARY
www.chalet-montagne.com REG_BINARY
www38.mappy.com REG_BINARY

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\New Windows\Allow\*.od2.com
<SANS NOM> REG_SZ 0

* Mozilla Firefox (1 autorisé 2 interdit)

---------- D:\DOCUMENTS AND SETTINGS\CHRISTOPHE\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\T81LBB6A.DEFAULT\HOSTPERM.1

******************************************
## Registre

* [HKEY_CURRENT_USER\\Software\Microsoft\Internet Explorer\Main]
Search Bar REG_SZ http://format.packardbell.com/...

* [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion­\Run]
Dash view REG_SZ D:\DOCUME~1\CHRIST~1\APPLIC~1\THIRDT~1\Tick Draw.exe

* [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
command REG_SZ D:\Documents and Settings\All Users\Application Data\Play Tick Copy For\Dash Logo.exe
command REG_SZ D:\DOCUME~1\CHRIST~1\APPLIC~1\THIRDT~1\Tick Draw.exe

******************************************
## Zones de sécurité

* HKCU Domains (4)

* P3P History (5)

******************************************
## Recherche C:\WINDOWS\*.htm, "C:\WINDOWS\*.gif"


*************** Fin du rapport ****************
   

5


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
Regis59, le samedi 10 mars 2007 à 11:57:42
Salut :)

Installe AVG Anti-Spyware :

http://www.malekal.com/tutorial_AVG_AntiSpyware.php

¤ Lance AVG Anti-Spyware

Clique sur le bouton Analyse (de la barre d'outils)

Puis sur l'onglets Comment réagir, clique sur Actions recommandées. Sélectionne Quarantaine.

Reviens à l'onglet Analyse. Clique sur Analyse complète du système.

A la fin du scan, choisis l'option 3

"Appliquer toutes les actions " en bas.

Clique sur "Enregistrer le rapport".

Copie/colle le rapport sur le forum.
------------------------------------------------------------­----------------
A+ "J'avais rêvé d'un monde meilleur...Sans différence de couleurS...Egalité..."-MLK-
   

6


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
shikita, le lundi 12 mars 2007 à 11:50:00
Salut voila le rapport

---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 11:48:01 12/03/2007

+ Résultat de l'analyse:



D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\R­P191\A0035942.exe -> Downloader.Agent.aii : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\R­P192\A0035944.exe -> Downloader.Agent.aii : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\R­P192\A0036942.exe -> Downloader.Agent.aii : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\R­P192\A0036953.exe -> Downloader.Agent.aii : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\R­P193\A0036955.exe -> Downloader.Agent.aii : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\R­P193\A0036985.exe -> Downloader.Agent.aii : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\R­P194\A0036987.exe -> Downloader.Agent.aii : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\R­P196\A0037143.exe -> Downloader.Agent.aii : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\R­P197\A0037153.exe -> Downloader.Agent.aii : Nettoyé et sauvegardé (mise en quarantaine).
C:\SET UP\Programmes-Cracks Télechargés\WinOKE_v3[1].23_WORKING-DIGERATI.rar/run.exe -> Downloader.Zlob.bbs : Nettoyé et sauvegardé (mise en quarantaine).
C:\SET UP\Programmes-Cracks Télechargés\WinOke[1].v3.23.WinAll.Incl.Patch-EiTheL.rar/run­.exe -> Downloader.Zlob.bbs : Nettoyé et sauvegardé (mise en quarantaine).
D:\Documents and Settings\Christophe\Mes documents\Mes jeux\JEUX PC\LE MAILLON FAIBLE\TEST 1\CRACK\Le_Maillon_Faible_NoCD[GJeux]\le_maillon_faible_1001­.exe -> Not-A-Virus.VirTool.Win32.AvSpoffer.a : Nettoyé et sauvegardé (mise en quarantaine).
D:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\R­P195\A0037107.exe -> Proxy.Horst.vs : Nettoyé et sauvegardé (mise en quarantaine).
:mozilla.114:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.115:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.116:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.117:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
:mozilla.118:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.247realmedia : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@mistergooddeal.112.2o­7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@msnlivefavorites.112.­2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@msnportal.112.2o7[1].­txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@notrefamille.112.2o7[­1].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@partygaming.122.2o7[2­].txt -> TrackingCookie.2o7 : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@sfr.122.2o7[1].txt -> TrackingCookie.2o7 : Nettoyé.
:mozilla.34:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.35:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.36:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Adbrite : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@adbrite[2].txt -> TrackingCookie.Adbrite : Nettoyé.
:mozilla.42:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.43:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Adtech : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@adtech[2].txt -> TrackingCookie.Adtech : Nettoyé.
:mozilla.92:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.93:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.94:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Advertising : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@advertising[2].txt -> TrackingCookie.Advertising : Nettoyé.
:mozilla.71:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Adviva : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@adviva[2].txt -> TrackingCookie.Adviva : Nettoyé.
:mozilla.113:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Atdmt : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@atdmt[2].txt -> TrackingCookie.Atdmt : Nettoyé.
:mozilla.99:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@bluestreak[1].txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@iv2.bluestreak[1].txt­ -> TrackingCookie.Bluestreak : Nettoyé.
:mozilla.112:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
:mozilla.145:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Burstnet : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@casalemedia[1].txt -> TrackingCookie.Casalemedia : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@banner.casinoking[2].­txt -> TrackingCookie.Casinoking : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@casinoking[1].txt -> TrackingCookie.Casinoking : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@casinotropez[1].txt -> TrackingCookie.Casinotropez : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@www.casinotropez[1].t­xt -> TrackingCookie.Casinotropez : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@clickbank[1].txt -> TrackingCookie.Clickbank : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@fl01.ct2.comclick[2].­txt -> TrackingCookie.Comclick : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@data.coremetrics[1].t­xt -> TrackingCookie.Coremetrics : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@cpvfeed[2].txt -> TrackingCookie.Cpvfeed : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@stat.dealtime[2].txt -> TrackingCookie.Dealtime : Nettoyé.
:mozilla.151:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Doubleclick : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@doubleclick[1].txt -> TrackingCookie.Doubleclick : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@estat[1].txt -> TrackingCookie.Estat : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Nettoyé.
:mozilla.22:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.23:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
:mozilla.26:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Fastclick : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@fastclick[1].txt -> TrackingCookie.Fastclick : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@banner.goldenpalace[2­].txt -> TrackingCookie.Goldenpalace : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@goldenpalace[1].txt -> TrackingCookie.Goldenpalace : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@ehg-discoverynetwork.­hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@ehg-telecomitalia.hit­box[2].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@hitbox[2].txt -> TrackingCookie.Hitbox : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@ilead.itrack[1].txt -> TrackingCookie.Itrack : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@server.iad.liveperson­[1].txt -> TrackingCookie.Liveperson : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@www.lop[2].txt -> TrackingCookie.Lop : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@mediaplex[1].txt -> TrackingCookie.Mediaplex : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@questionmarket[1].txt­ -> TrackingCookie.Questionmarket : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@bs.serving-sys[2].txt­ -> TrackingCookie.Serving-sys : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@serving-sys[2].txt -> TrackingCookie.Serving-sys : Nettoyé.
:mozilla.119:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.120:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.121:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
:mozilla.122:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@smartadserver[1].txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@www.smartadserver[2].­txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@statcounter[1].txt -> TrackingCookie.Statcounter : Nettoyé.
:mozilla.138:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.139:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.140:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.141:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Tacoda : Nettoyé.
:mozilla.136:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.137:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Tradedoubler : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Nettoyé.
:mozilla.81:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Trafic : Nettoyé.
:mozilla.87:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.88:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.89:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Valuead : Nettoyé.
:mozilla.76:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Weborama : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@statse.webtrendslive[­2].txt -> TrackingCookie.Webtrendslive : Nettoyé.
:mozilla.12:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.13:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.14:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.15:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.16:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.17:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.18:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.19:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.20:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.21:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.24:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
:mozilla.7:D:\Documents and Settings\Christophe\Application Data\Mozilla\Firefox\Profiles\t81lbb6a.default\cookies.txt -> TrackingCookie.Yieldmanager : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@ad.yieldmanager[2].tx­t -> TrackingCookie.Yieldmanager : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@zedo[1].txt -> TrackingCookie.Zedo : Nettoyé.
C:\Program Files\BitDownload\ZM\minime.exe -> Trojan.Inject.ba : Nettoyé et sauvegardé (mise en quarantaine).
   

7


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
shikita, le lundi 12 mars 2007 à 14:05:02
---------------------------------------------------------
AVG Anti-Spyware - Rapport d'analyse
---------------------------------------------------------

+ Créé à: 14:02:09 12/03/2007

+ Résultat de l'analyse:



D:\Documents and Settings\Christophe\Cookies\christophe@247realmedia[1].txt -> TrackingCookie.247realmedia : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@bluestreak[2].txt -> TrackingCookie.Bluestreak : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@www.smartadserver[1].­txt -> TrackingCookie.Smartadserver : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@weborama[1].txt -> TrackingCookie.Weborama : Nettoyé.
D:\Documents and Settings\Christophe\Cookies\christophe@ad.yieldmanager[1].tx­t -> TrackingCookie.Yieldmanager : Nettoyé.
C:\System Volume Information\_restore{751238CC-FEB5-4605-9EA9-B441EBD3D66D}\R­P230\A0046712.exe -> Trojan.Inject.ba : Nettoyé et sauvegardé (mise en quarantaine).


Fin du rapport
   

8


  • Ce message vous semble utile, votez !
  • Signaler ce message aux modérateurs
Regis59, le lundi 12 mars 2007 à 21:13:41
Salut

Remet un Hjt et un lopxp

a+