Infection bravesentry + différents messages
Résolu/Fermé
marie-p
Messages postés
69
Date d'inscription
mercredi 19 juillet 2006
Statut
Membre
Dernière intervention
30 octobre 2011
-
19 juil. 2006 à 15:50
Regis59 Messages postés 21143 Date d'inscription mardi 27 juin 2006 Statut Contributeur sécurité Dernière intervention 22 juin 2016 - 24 juil. 2006 à 20:51
Regis59 Messages postés 21143 Date d'inscription mardi 27 juin 2006 Statut Contributeur sécurité Dernière intervention 22 juin 2016 - 24 juil. 2006 à 20:51
A voir également:
- Infection bravesentry + différents messages
- Comment récupérer les messages supprimés sur whatsapp - Guide
- Comment savoir si quelqu'un lit mes messages sur whatsapp - Guide
- Il veut recevoir les messages de louna mais ne plus voir ses photos dans son fil d'actualité sur facebook - Forum Facebook
- Mes messages le bon coin - Forum Réseaux sociaux
- Leboncoin.fr/messages - Forum Réseaux sociaux
40 réponses
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
19 juil. 2006 à 16:46
19 juil. 2006 à 16:46
Salut Marie;
Télécharge ceci: (merci a S!RI pour ce programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport
Copie/colle le sur le poste stp.
----------------------------------------------------------------------------
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum
A+
Télécharge ceci: (merci a S!RI pour ce programme).
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Exécute le, Double click sur Smitfraudfix.cmd choisit l’option 1, il va générer un rapport
Copie/colle le sur le poste stp.
----------------------------------------------------------------------------
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum
A+
marie-p
Messages postés
69
Date d'inscription
mercredi 19 juillet 2006
Statut
Membre
Dernière intervention
30 octobre 2011
1
19 juil. 2006 à 17:24
19 juil. 2006 à 17:24
voici le premier rapport:
SmitFraudFix v2.05
Rapport fait à 17:24:45,78 le 19/07/2006
Executé à partir de C:\Documents and Settings\marie\Mes documents\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS
C:\WINDOWS\desktop.html PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\marie\Application Data
C:\Documents and Settings\marie\Application Data\Install.dat PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pr‚-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="D‚mon de cache des cat‚gories de composant"
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport
SmitFraudFix v2.05
Rapport fait à 17:24:45,78 le 19/07/2006
Executé à partir de C:\Documents and Settings\marie\Mes documents\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS
C:\WINDOWS\desktop.html PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\marie\Application Data
C:\Documents and Settings\marie\Application Data\Install.dat PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pr‚-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="D‚mon de cache des cat‚gories de composant"
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport
marie-p
Messages postés
69
Date d'inscription
mercredi 19 juillet 2006
Statut
Membre
Dernière intervention
30 octobre 2011
1
19 juil. 2006 à 17:50
19 juil. 2006 à 17:50
Voila le deuxième rapport:
SmitFraudFix v2.05
Rapport fait à 17:30:10,23 le 19/07/2006
Executé à partir de C:\Documents and Settings\marie\Mes documents\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\desktop.html supprimé
C:\Documents and Settings\marie\Application Data\Install.dat supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport
Mais après cette utilisation de smitfraudfix j'ai été obligé de redémarrer avec la dernière bonne configuration parce que je n'avais plus qu'un écran bleu en redémarrant normalement.
SmitFraudFix v2.05
Rapport fait à 17:30:10,23 le 19/07/2006
Executé à partir de C:\Documents and Settings\marie\Mes documents\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\desktop.html supprimé
C:\Documents and Settings\marie\Application Data\Install.dat supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport
Mais après cette utilisation de smitfraudfix j'ai été obligé de redémarrer avec la dernière bonne configuration parce que je n'avais plus qu'un écran bleu en redémarrant normalement.
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
19 juil. 2006 à 18:52
19 juil. 2006 à 18:52
Salut
Un ecran bleu? a quel endroit?
A la place de ton fond d ecran?
a+
Un ecran bleu? a quel endroit?
A la place de ton fond d ecran?
a+
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
marie-p
Messages postés
69
Date d'inscription
mercredi 19 juillet 2006
Statut
Membre
Dernière intervention
30 octobre 2011
1
19 juil. 2006 à 19:29
19 juil. 2006 à 19:29
J'ai un écran bleu juste après avoir choisi la session de l'utilisateur, à la place de tout ce qui doit apparître sur le bureau. En fait, c'est le bureau mais sans aucune icône ou barre de tâches.
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
19 juil. 2006 à 20:04
19 juil. 2006 à 20:04
Salut
Ok !
La, tu es reparti en arriere alors.
Tu peux remettre un smitfraudfix option 1?
A+
Ok !
La, tu es reparti en arriere alors.
Tu peux remettre un smitfraudfix option 1?
A+
marie-p
Messages postés
69
Date d'inscription
mercredi 19 juillet 2006
Statut
Membre
Dernière intervention
30 octobre 2011
1
19 juil. 2006 à 20:09
19 juil. 2006 à 20:09
Voila ce que vous m'avez demandé
SmitFraudFix v2.05
Rapport fait à 20:09:22,40 le 19/07/2006
Executé à partir de C:\Documents and Settings\marie\Mes documents\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS
C:\WINDOWS\desktop.html PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\marie\Application Data
C:\Documents and Settings\marie\Application Data\Install.dat PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pr‚-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="D‚mon de cache des cat‚gories de composant"
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport
SmitFraudFix v2.05
Rapport fait à 20:09:22,40 le 19/07/2006
Executé à partir de C:\Documents and Settings\marie\Mes documents\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS
C:\WINDOWS\desktop.html PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Documents and Settings\marie\Application Data
C:\Documents and Settings\marie\Application Data\Install.dat PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Bureau
»»»»»»»»»»»»»»»»»»»»»»»» Recherche C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Recherche présence de clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Recherche éléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» Recherche Sharedtaskscheduler
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pr‚-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="D‚mon de cache des cat‚gories de composant"
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin du rapport
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
19 juil. 2006 à 22:27
19 juil. 2006 à 22:27
Salut
Tu n'as pas telecharger ce que je te demandais.
Tu te sers d une version tres tres ancienne.
Merci de retelecharger le programme et de le lancer, puis option 1.
a+
Tu n'as pas telecharger ce que je te demandais.
Tu te sers d une version tres tres ancienne.
Merci de retelecharger le programme et de le lancer, puis option 1.
a+
marie-p
Messages postés
69
Date d'inscription
mercredi 19 juillet 2006
Statut
Membre
Dernière intervention
30 octobre 2011
1
19 juil. 2006 à 22:50
19 juil. 2006 à 22:50
Je suis vraiment désolée. Je ferai plus attention par la suite.
Voila le rapport et j'espère vraiment que c'est le bon. Encore désolée pour la perte de temps.
SmitFraudFix v2.74
Rapport fait à 22:50:14,14, 19/07/2006
Executé à partir de C:\DOCUME~1\marie\MESDOC~1\mp.villette\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
C:\WINDOWS\azesearch.bmp PRESENT !
C:\WINDOWS\desktop.html PRESENT !
C:\WINDOWS\drsmartload.dat PRESENT !
C:\WINDOWS\xpupdate.exe PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\dlh9jkdq?.exe PRESENT !
C:\WINDOWS\system32\kernels8.exe PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\marie\Application Data
C:\Documents and Settings\marie\Application Data\Install.dat PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\marie\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Voila le rapport et j'espère vraiment que c'est le bon. Encore désolée pour la perte de temps.
SmitFraudFix v2.74
Rapport fait à 22:50:14,14, 19/07/2006
Executé à partir de C:\DOCUME~1\marie\MESDOC~1\mp.villette\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode normal
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
C:\WINDOWS\azesearch.bmp PRESENT !
C:\WINDOWS\desktop.html PRESENT !
C:\WINDOWS\drsmartload.dat PRESENT !
C:\WINDOWS\xpupdate.exe PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
C:\WINDOWS\system32\dlh9jkdq?.exe PRESENT !
C:\WINDOWS\system32\kernels8.exe PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\marie\Application Data
C:\Documents and Settings\marie\Application Data\Install.dat PRESENT !
»»»»»»»»»»»»»»»»»»»»»»»» Menu Démarrer
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\marie\Favoris
»»»»»»»»»»»»»»»»»»»»»»»» Bureau
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Clés corrompues
»»»»»»»»»»»»»»»»»»»»»»»» Eléments du bureau
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Recherche infection wininet.dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
19 juil. 2006 à 22:59
19 juil. 2006 à 22:59
Re,
ce n'est pas grave, il n y a pas de mal ;-)
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum
A+
ce n'est pas grave, il n y a pas de mal ;-)
Démarre en mode sans échec :
Pour cela, tu tapotes la touche F8 dès le début de l’allumage du pc sans t’arrêter
Une fenêtre va s’ouvrir tu te déplaces avec les flèches du clavier sur démarrer en mode sans échec puis tape entrée.
Une fois sur le bureau s’il n’y a pas toutes les couleurs et autres c’est normal !
(Si F8 ne marche pas utilise la touche F5).
----------------------------------------------------------------------------
Relance le programme Smitfraud,
Cette fois choisit l’option 2, répond oui a tous ;
Sauvegarde le rapport, Redémarre en mode normal, copie/colle le rapport sauvegardé sur le forum
A+
marie-p
Messages postés
69
Date d'inscription
mercredi 19 juillet 2006
Statut
Membre
Dernière intervention
30 octobre 2011
1
20 juil. 2006 à 00:01
20 juil. 2006 à 00:01
Enfin le 2ème rapport:
SmitFraudFix v2.74
Rapport fait à 23:54:15,71, 19/07/2006
Executé à partir de C:\Documents and Settings\marie\Mes documents\mp.villette\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\azesearch.bmp supprimé
C:\WINDOWS\desktop.html supprimé
C:\WINDOWS\drsmartload.dat supprimé
C:\WINDOWS\xpupdate.exe supprimé
C:\WINDOWS\system32\dlh9jkdq?.exe supprimé
C:\WINDOWS\system32\kernels8.exe supprimé
C:\Documents and Settings\marie\Application Data\Install.dat supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
SmitFraudFix v2.74
Rapport fait à 23:54:15,71, 19/07/2006
Executé à partir de C:\Documents and Settings\marie\Mes documents\mp.villette\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600] - Windows_NT
Fix executé en mode sans echec
»»»»»»»»»»»»»»»»»»»»»»»» Avant SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Arret des processus
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Suppression des fichiers infectés
C:\WINDOWS\azesearch.bmp supprimé
C:\WINDOWS\desktop.html supprimé
C:\WINDOWS\drsmartload.dat supprimé
C:\WINDOWS\xpupdate.exe supprimé
C:\WINDOWS\system32\dlh9jkdq?.exe supprimé
C:\WINDOWS\system32\kernels8.exe supprimé
C:\Documents and Settings\marie\Application Data\Install.dat supprimé
»»»»»»»»»»»»»»»»»»»»»»»» Suppression Fichiers Temporaires
»»»»»»»»»»»»»»»»»»»»»»»» Nettoyage du registre
Nettoyage terminé.
»»»»»»»»»»»»»»»»»»»»»»»» Après SmitFraudFix
!!!Attention, les clés qui suivent ne sont pas forcément infectées!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» Fin
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
20 juil. 2006 à 10:47
20 juil. 2006 à 10:47
Salut
Ou en sont tes soucis?
a+
Ou en sont tes soucis?
a+
marie-p
Messages postés
69
Date d'inscription
mercredi 19 juillet 2006
Statut
Membre
Dernière intervention
30 octobre 2011
1
20 juil. 2006 à 12:25
20 juil. 2006 à 12:25
Salut!
Tout est redevenu normal. Merci beaucoup pour ton aide.
J'aimerais savoir si il existe un moyen de se protéger de ce genre de problèmes.
Tout est redevenu normal. Merci beaucoup pour ton aide.
J'aimerais savoir si il existe un moyen de se protéger de ce genre de problèmes.
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
20 juil. 2006 à 13:08
20 juil. 2006 à 13:08
Salut
Pour se proteger, il faut que je connaisses tes programmes de securité.
J'aimerais verifier que tu es bien protege et qu il ne reste plus d infections, peux tu faire ceci?
télécharge HijackThis ici:
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
A+
Pour se proteger, il faut que je connaisses tes programmes de securité.
J'aimerais verifier que tu es bien protege et qu il ne reste plus d infections, peux tu faire ceci?
télécharge HijackThis ici:
https://www.01net.com/telecharger/windows/Securite/anti-spyware/fiches/29061.html
Dézippe le dans un dossier prévu à cet effet.
Par exemple C:\hijackthis < Enregistre le bien dans c : !
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/Hijenr.gif
Lance le puis:
clique sur "do a system scan and save logfile" (cf démo)
faire un copier coller du log entier sur le forum
Démo : (Merci a Balltrap34 pour cette réalisation)
http://pageperso.aol.fr/balltrap34/demohijack.htm
Bon courage
A+
marie-p
Messages postés
69
Date d'inscription
mercredi 19 juillet 2006
Statut
Membre
Dernière intervention
30 octobre 2011
1
20 juil. 2006 à 16:33
20 juil. 2006 à 16:33
Le rapport de Hijackthis:
Logfile of HijackThis v1.99.1
Scan saved at 16:31:02, on 20/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\Program Files\Network\ipnetwork.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\eMule\emule.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Philips\Philips Lime Service\bin\Lime.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\marie\Mes documents\mp.villette\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AzEntretien Class - {0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} - %SystemRoot%\azentretien.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Windows Genuine Tool - {c815ace8-3dbf-4ffd-8231-ab1d21e8b7ee} - %SystemRoot%\system32\bitsprx3s.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\system32\gah95on6.exe
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [IpNetwork] C:\Program Files\Network\ipnetwork.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://videohd.m6.fr.ipercast.net/installer-hidden.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0557225d9113c1c5e105/netzip/RdxIE601_fr.cab
O16 - DPF: {5DDCC37F-7C6B-48B8-9664-97C537920CA0} (aecviz Class) - http://www.maisonfamiliale.com/AECVIZ/npaecviz.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.fr/
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/NET/Import/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game18.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game19.zylom.servicesalacarte.wanadoo.fr/activex/zylomloader.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - https://www.pinterest.com/abetterresume/seo-strategies/
O18 - Protocol: bw+0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll (file missing)
O20 - Winlogon Notify: Uninstall - C:\WINDOWS\system32\cXg18030.dll (file missing)
O21 - SSODL: SysTray.Exys - {7368D5FC-6F5C-4f5b-B964-E67214F67852} - C:\WINDOWS\system32\camkokqd.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Logfile of HijackThis v1.99.1
Scan saved at 16:31:02, on 20/07/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\FTRTSVC.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
C:\Program Files\Caere\OmniPagePro90\opware32.exe
C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe
C:\Program Files\Network\ipnetwork.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\Wanadoo\TaskBarIcon.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Wanadoo\GestionnaireInternet.exe
C:\PROGRA~1\Wanadoo\ComComp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\Wanadoo\Toaster.exe
C:\PROGRA~1\Wanadoo\Inactivity.exe
C:\PROGRA~1\Wanadoo\PollingModule.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\WINDOWS\System32\ALERTM~1\ALERTM~1.EXE
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\Wanadoo\Watch.exe
C:\Program Files\Fichiers communs\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\eMule\emule.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Philips\Philips Lime Service\bin\Lime.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe
C:\Documents and Settings\marie\Mes documents\mp.villette\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Orange
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\Wanadoo\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AzEntretien Class - {0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} - %SystemRoot%\azentretien.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O2 - BHO: Windows Genuine Tool - {c815ace8-3dbf-4ffd-8231-ab1d21e8b7ee} - %SystemRoot%\system32\bitsprx3s.dll (file missing)
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fr\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Fichiers communs\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Fichiers communs\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [OmniPage] C:\Program Files\Caere\OmniPagePro90\opware32.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\system32\gah95on6.exe
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [PhilipsDM] "C:\Program Files\Philips\Philips Device Manager\Bin\DeviceManager.exe"
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [IpNetwork] C:\Program Files\Network\ipnetwork.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\Wanadoo\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\Wanadoo\GestMaj.exe TaskBarIcon.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\HP\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [WOOKIT] C:\PROGRA~1\Wanadoo\Shell.exe appLaunchClientZone.shl|PARAM= cnx
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [PhilipsLime] "C:\Program Files\Philips\Philips Lime Service\bin\LimeAlive.exe"
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Fichiers communs\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Lancement rapide d'Adobe Reader.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logiciel Kodak EasyShare.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Easy-WebPrint Ajouter à la liste d'impressions - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint Impression rapide - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Imprimer - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint Prévisualiser - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Orange - {1462651F-F4BA-4C76-A001-C4284D0FE16E} - https://www.orange.fr/portail (file missing) (HKCU)
O16 - DPF: {01347765-1965-426B-91A4-AA6BB342B9A3} (InstallerObj Class) - http://videohd.m6.fr.ipercast.net/installer-hidden.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0557225d9113c1c5e105/netzip/RdxIE601_fr.cab
O16 - DPF: {5DDCC37F-7C6B-48B8-9664-97C537920CA0} (aecviz Class) - http://www.maisonfamiliale.com/AECVIZ/npaecviz.cab
O16 - DPF: {6F750200-1362-4815-A476-88533DE61D0C} (Ofoto Upload Manager Class) - http://www.kodakgallery.fr/
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://www.extrafilm.fr/NET/Import/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game18.zylom.servicesalacarte.wanadoo.fr/activex/zylomgamesplayer.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game19.zylom.servicesalacarte.wanadoo.fr/activex/zylomloader.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} - https://www.pinterest.com/abetterresume/seo-strategies/
O18 - Protocol: bw+0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {73872A23-82A2-427A-86D8-B892A5651CCA} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\system32\msctl32.dll (file missing)
O20 - Winlogon Notify: Uninstall - C:\WINDOWS\system32\cXg18030.dll (file missing)
O21 - SSODL: SysTray.Exys - {7368D5FC-6F5C-4f5b-B964-E67214F67852} - C:\WINDOWS\system32\camkokqd.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\System32\drivers\CDAC11BA.EXE
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:\WINDOWS\System32\FTRTSVC.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Fichiers communs\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Fichiers communs\Ulead Systems\DVD\ULCDRSvr.exe
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
20 juil. 2006 à 17:02
20 juil. 2006 à 17:02
Re,
oh mais tu es tres infecté!!
1-Télécharge la version d'évaluation d'Ewido:
https://www.avg.com/en-ww/homepage
Installe et mets à jour.
Important: Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".
Démarre Ewido avec l'icône qui se trouve sur ton Bureau. Clique sur mise à jour, attendre la fin de cette mise à jour puis, ferme le programme.
Redémarre en mode Sans Échec (au démarrage, tapote immédiatement la touche F8, puis tu verras un écran avec choix de démarrages : choisis "Mode sans échec" avec les flèches du clavier, puis valide avec "Entrée". Choisis ton compte usuel (et non Administrateur). Relance Ewido et clique sur scanner puis sur scan complet du système.
Si des fichiers infectés sont trouvés, garde l'option par défaut Supprimer (avec la ligne "Créer des copies de sauvegarde cryptées dans la quarantaine" cochée), et coche "Effectuer cette action avec toutes les infections".
A la fin du scan, sauvegarde le rapport (Fichier/Enregistrer sous...) sur le Bureau. Redémarre en mode normal.
oh mais tu es tres infecté!!
1-Télécharge la version d'évaluation d'Ewido:
https://www.avg.com/en-ww/homepage
Installe et mets à jour.
Important: Pendant l'installation, sur la page "Additional Options" décoche les deux options "Install background guard" et "Install scan via context menu".
Démarre Ewido avec l'icône qui se trouve sur ton Bureau. Clique sur mise à jour, attendre la fin de cette mise à jour puis, ferme le programme.
Redémarre en mode Sans Échec (au démarrage, tapote immédiatement la touche F8, puis tu verras un écran avec choix de démarrages : choisis "Mode sans échec" avec les flèches du clavier, puis valide avec "Entrée". Choisis ton compte usuel (et non Administrateur). Relance Ewido et clique sur scanner puis sur scan complet du système.
Si des fichiers infectés sont trouvés, garde l'option par défaut Supprimer (avec la ligne "Créer des copies de sauvegarde cryptées dans la quarantaine" cochée), et coche "Effectuer cette action avec toutes les infections".
A la fin du scan, sauvegarde le rapport (Fichier/Enregistrer sous...) sur le Bureau. Redémarre en mode normal.
marie-p
Messages postés
69
Date d'inscription
mercredi 19 juillet 2006
Statut
Membre
Dernière intervention
30 octobre 2011
1
20 juil. 2006 à 23:03
20 juil. 2006 à 23:03
je suis pas sûre d'avoir fait ce qu'il fallait mais je mets quand mème le rapport:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 21:38:37 20/07/2006
+ Scan result:
HKLM\SOFTWARE\180solutions -> Adware.180Solutions : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\nCASE -> Adware.180Solutions : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA038DDD-0FE0-41F5-BA60-FC3660529E71} -> Adware.Ad-Protect : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B51DC573-E998-4834-9B45-BAB7C2AE0A75} -> Adware.AdProtector : No action taken.
C:\WINDOWS\Temp\Altnet -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\DMinfo3.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\Setup.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\Setup.exe -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\adm25.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\adm4.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\admdata.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\admdloader.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\admfdi.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\admprog.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\atl.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\dmfiles.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\dminstall7.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\msvcirt.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\mysearch.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\pmexe.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\pmfiles.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\pminstall.cab -> Adware.Altnet : No action taken.
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : No action taken.
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : No action taken.
C:\WINDOWS\system32\iasadm.dll -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\AzEntretienCo -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\AzEntretienCo\AzEntretien -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\Classes\AzEntretien.Loader -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\Classes\AzEntretien.Loader.1 -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\Classes\AzEntretien.Loader\CLSID -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\Classes\AzEntretien.Loader\CurVer -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\AZESearchCo -> Adware.Azsearch : No action taken.
HKLM\SOFTWARE\AZESearchCo\AZESearch -> Adware.Azsearch : No action taken.
HKLM\SOFTWARE\AZESearchCo\AZESearch\popup -> Adware.Azsearch : No action taken.
HKLM\SOFTWARE\AZESearchCo\AZESearch\times -> Adware.Azsearch : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{2296428D-C133-4928-B76A-A200FF409572} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{c815ace8-3dbf-4ffd-8231-ab1d21e8b7ee} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c815ace8-3dbf-4ffd-8231-ab1d21e8b7ee} -> Adware.Generic : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2296428D-C133-4928-B76A-A200FF409572} -> Adware.Generic : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C815ACE8-3DBF-4FFD-8231-AB1D21E8B7EE} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Avenue Media -> Adware.InternetOptimizer : No action taken.
C:\Program Files\DNS\cwebpage.dll -> Adware.Maxifiles : No action taken.
C:\Program Files\Fichiers communs\system32.dll/Catcher.dll -> Adware.Maxifiles : No action taken.
C:\Program Files\Fichiers communs\system32.dll/cwebpage.dll -> Adware.Maxifiles : No action taken.
C:\Program Files\Network\ipnetwork.exe -> Adware.Maxifiles : No action taken.
C:\Program Files\Media Access -> Adware.MediaAccess : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} -> Adware.MWSearch : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} -> Adware.MWSearch : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0D2DEF3A-F4F1-42EC-AC4F-132E7BA6E292} -> Adware.MWSearch : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A19EF336-01D4-48E6-926A-FE7E1C747AED} -> Adware.MWSearch : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA7FF3F8-08BE-4CAC-BC00-94D91C6AE7F4} -> Adware.MWSearch : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F65B197F-8260-4D52-909A-F70118E646EB} -> Adware.MWSearch : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\70tovmto -> Adware.SAHA : No action taken.
C:\WINDOWS\system32\70tovmto.ini -> Adware.Sahat : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} -> Adware.Shorty : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\DNS -> Adware.Shorty : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFF4E223-7019-4CE7-BE03-D7D3C8CCE884} -> Adware.Shorty : No action taken.
HKLM\SOFTWARE\Classes\MediaAccess.Installer -> Adware.WinAd : No action taken.
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CLSID -> Adware.WinAd : No action taken.
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CurVer -> Adware.WinAd : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Media Access -> Adware.WinAD : No action taken.
C:\Program Files\Fichiers communs\WinSoftware\CrXML.dll -> Adware.Winfixer : No action taken.
C:\Program Files\Fichiers communs\WinSoftware\PCheck.dll -> Adware.Winfixer : No action taken.
C:\Program Files\WinFixer 2005 -> Adware.WinFixer : No action taken.
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 21:38:37 20/07/2006
+ Scan result:
HKLM\SOFTWARE\180solutions -> Adware.180Solutions : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\nCASE -> Adware.180Solutions : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA038DDD-0FE0-41F5-BA60-FC3660529E71} -> Adware.Ad-Protect : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B51DC573-E998-4834-9B45-BAB7C2AE0A75} -> Adware.AdProtector : No action taken.
C:\WINDOWS\Temp\Altnet -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\DMinfo3.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\Setup.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\Setup.exe -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\adm25.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\adm4.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\admdata.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\admdloader.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\admfdi.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\admprog.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\atl.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\dmfiles.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\dminstall7.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\msvcirt.dll -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\mysearch.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\pmexe.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\pmfiles.cab -> Adware.Altnet : No action taken.
C:\WINDOWS\Temp\Altnet\pminstall.cab -> Adware.Altnet : No action taken.
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : No action taken.
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : No action taken.
C:\WINDOWS\system32\iasadm.dll -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\AzEntretienCo -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\AzEntretienCo\AzEntretien -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\Classes\AzEntretien.Loader -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\Classes\AzEntretien.Loader.1 -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\Classes\AzEntretien.Loader\CLSID -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\Classes\AzEntretien.Loader\CurVer -> Adware.Azesearch : No action taken.
HKLM\SOFTWARE\AZESearchCo -> Adware.Azsearch : No action taken.
HKLM\SOFTWARE\AZESearchCo\AZESearch -> Adware.Azsearch : No action taken.
HKLM\SOFTWARE\AZESearchCo\AZESearch\popup -> Adware.Azsearch : No action taken.
HKLM\SOFTWARE\AZESearchCo\AZESearch\times -> Adware.Azsearch : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{2296428D-C133-4928-B76A-A200FF409572} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{c815ace8-3dbf-4ffd-8231-ab1d21e8b7ee} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c815ace8-3dbf-4ffd-8231-ab1d21e8b7ee} -> Adware.Generic : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2296428D-C133-4928-B76A-A200FF409572} -> Adware.Generic : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C815ACE8-3DBF-4FFD-8231-AB1D21E8B7EE} -> Adware.Generic : No action taken.
HKLM\SOFTWARE\Avenue Media -> Adware.InternetOptimizer : No action taken.
C:\Program Files\DNS\cwebpage.dll -> Adware.Maxifiles : No action taken.
C:\Program Files\Fichiers communs\system32.dll/Catcher.dll -> Adware.Maxifiles : No action taken.
C:\Program Files\Fichiers communs\system32.dll/cwebpage.dll -> Adware.Maxifiles : No action taken.
C:\Program Files\Network\ipnetwork.exe -> Adware.Maxifiles : No action taken.
C:\Program Files\Media Access -> Adware.MediaAccess : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} -> Adware.MWSearch : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} -> Adware.MWSearch : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0D2DEF3A-F4F1-42EC-AC4F-132E7BA6E292} -> Adware.MWSearch : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A19EF336-01D4-48E6-926A-FE7E1C747AED} -> Adware.MWSearch : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA7FF3F8-08BE-4CAC-BC00-94D91C6AE7F4} -> Adware.MWSearch : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F65B197F-8260-4D52-909A-F70118E646EB} -> Adware.MWSearch : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\70tovmto -> Adware.SAHA : No action taken.
C:\WINDOWS\system32\70tovmto.ini -> Adware.Sahat : No action taken.
HKLM\SOFTWARE\Classes\CLSID\{FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} -> Adware.Shorty : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\DNS -> Adware.Shorty : No action taken.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFF4E223-7019-4CE7-BE03-D7D3C8CCE884} -> Adware.Shorty : No action taken.
HKLM\SOFTWARE\Classes\MediaAccess.Installer -> Adware.WinAd : No action taken.
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CLSID -> Adware.WinAd : No action taken.
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CurVer -> Adware.WinAd : No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Media Access -> Adware.WinAD : No action taken.
C:\Program Files\Fichiers communs\WinSoftware\CrXML.dll -> Adware.Winfixer : No action taken.
C:\Program Files\Fichiers communs\WinSoftware\PCheck.dll -> Adware.Winfixer : No action taken.
C:\Program Files\WinFixer 2005 -> Adware.WinFixer : No action taken.
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
21 juil. 2006 à 12:15
21 juil. 2006 à 12:15
Salut
Relance ewido et choisit l option supprimer pour toutes les detections.
La, tu as choisi, no action, donc rien n est desinfecté.
Remet le rapport :-)
a+
Relance ewido et choisit l option supprimer pour toutes les detections.
La, tu as choisi, no action, donc rien n est desinfecté.
Remet le rapport :-)
a+
marie-p
Messages postés
69
Date d'inscription
mercredi 19 juillet 2006
Statut
Membre
Dernière intervention
30 octobre 2011
1
21 juil. 2006 à 15:47
21 juil. 2006 à 15:47
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 15:37:49 21/07/2006
+ Scan result:
HKLM\SOFTWARE\180solutions -> Adware.180Solutions : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\nCASE -> Adware.180Solutions : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA038DDD-0FE0-41F5-BA60-FC3660529E71} -> Adware.Ad-Protect : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B51DC573-E998-4834-9B45-BAB7C2AE0A75} -> Adware.AdProtector : Cleaned.
C:\WINDOWS\Temp\Altnet -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\DMinfo3.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\Setup.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\Setup.exe -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\adm25.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\adm4.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\admdata.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\admdloader.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\admfdi.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\admprog.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\atl.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\dmfiles.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\dminstall7.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\msvcirt.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\mysearch.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\pmexe.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\pmfiles.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\pminstall.cab -> Adware.Altnet : Cleaned.
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Cleaned.
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Cleaned.
C:\WINDOWS\system32\iasadm.dll -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\AzEntretienCo -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\AzEntretienCo\AzEntretien -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\Classes\AzEntretien.Loader -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\Classes\AzEntretien.Loader.1 -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\Classes\AzEntretien.Loader\CLSID -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\Classes\AzEntretien.Loader\CurVer -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\AZESearchCo -> Adware.Azsearch : Cleaned.
HKLM\SOFTWARE\AZESearchCo\AZESearch -> Adware.Azsearch : Cleaned.
HKLM\SOFTWARE\AZESearchCo\AZESearch\popup -> Adware.Azsearch : Cleaned.
HKLM\SOFTWARE\AZESearchCo\AZESearch\times -> Adware.Azsearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{2296428D-C133-4928-B76A-A200FF409572} -> Adware.Generic : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{c815ace8-3dbf-4ffd-8231-ab1d21e8b7ee} -> Adware.Generic : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c815ace8-3dbf-4ffd-8231-ab1d21e8b7ee} -> Adware.Generic : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2296428D-C133-4928-B76A-A200FF409572} -> Adware.Generic : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C815ACE8-3DBF-4FFD-8231-AB1D21E8B7EE} -> Adware.Generic : Cleaned.
HKLM\SOFTWARE\Avenue Media -> Adware.InternetOptimizer : Cleaned.
C:\Program Files\DNS\cwebpage.dll -> Adware.Maxifiles : Cleaned.
C:\Program Files\Fichiers communs\system32.dll/Catcher.dll -> Adware.Maxifiles : Error during cleaning.
C:\Program Files\Fichiers communs\system32.dll/cwebpage.dll -> Adware.Maxifiles : Error during cleaning.
C:\Program Files\Network\ipnetwork.exe -> Adware.Maxifiles : Cleaned.
C:\Program Files\Media Access -> Adware.MediaAccess : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} -> Adware.MWSearch : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} -> Adware.MWSearch : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0D2DEF3A-F4F1-42EC-AC4F-132E7BA6E292} -> Adware.MWSearch : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA7FF3F8-08BE-4CAC-BC00-94D91C6AE7F4} -> Adware.MWSearch : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F65B197F-8260-4D52-909A-F70118E646EB} -> Adware.MWSearch : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\70tovmto -> Adware.SAHA : Cleaned.
C:\WINDOWS\system32\70tovmto.ini -> Adware.Sahat : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} -> Adware.Shorty : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\DNS -> Adware.Shorty : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFF4E223-7019-4CE7-BE03-D7D3C8CCE884} -> Adware.Shorty : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A19EF336-01D4-48E6-926A-FE7E1C747AED} -> Adware.TrustCleaner : Cleaned.
HKLM\SOFTWARE\Classes\MediaAccess.Installer -> Adware.WinAd : Cleaned.
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CLSID -> Adware.WinAd : Cleaned.
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CurVer -> Adware.WinAd : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Media Access -> Adware.WinAD : Cleaned.
C:\Program Files\Fichiers communs\WinSoftware\CrXML.dll -> Adware.Winfixer : Cleaned.
C:\Program Files\Fichiers communs\WinSoftware\PCheck.dll -> Adware.Winfixer : Cleaned.
C:\Program Files\WinFixer 2005 -> Adware.WinFixer : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} -> Adware.ZangoSearch : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2559D0B1-AF60-4BD5-965D-0E51383A6367} -> Hijacker.Generic : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\OP6FKDAN\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Cleaned.
C:\Program Files\Softwin\BitDefender Free Edition\Infected\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@247realmedia[3].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@microsoftwlmessengermkt.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@adtech[1].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temp\Cookies\marie@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@centrport[1].txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temp\Cookies\marie@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@sel.as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temp\Cookies\marie@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@ehg-ads.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temp\Cookies\marie@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temp\Cookies\marie@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@spylog[1].txt -> TrackingCookie.Spylog : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@spylog[1].txt -> TrackingCookie.Spylog : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@43.tnssearch[2].txt -> TrackingCookie.Tnssearch : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temp\Cookies\marie@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@c5.zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
::Report end
ewido anti-spyware - Scan Report
---------------------------------------------------------
+ Created at: 15:37:49 21/07/2006
+ Scan result:
HKLM\SOFTWARE\180solutions -> Adware.180Solutions : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\nCASE -> Adware.180Solutions : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EA038DDD-0FE0-41F5-BA60-FC3660529E71} -> Adware.Ad-Protect : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B51DC573-E998-4834-9B45-BAB7C2AE0A75} -> Adware.AdProtector : Cleaned.
C:\WINDOWS\Temp\Altnet -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\DMinfo3.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\Setup.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\Setup.exe -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\adm25.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\adm4.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\admdata.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\admdloader.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\admfdi.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\admprog.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\atl.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\dmfiles.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\dminstall7.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\msvcirt.dll -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\mysearch.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\pmexe.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\pmfiles.cab -> Adware.Altnet : Cleaned.
C:\WINDOWS\Temp\Altnet\pminstall.cab -> Adware.Altnet : Cleaned.
HKLM\SOFTWARE\Classes\AppID\Altnet Signing Module.EXE -> Adware.Altnet : Cleaned.
HKLM\SOFTWARE\Classes\AppID\adm.EXE -> Adware.Altnet : Cleaned.
C:\WINDOWS\system32\iasadm.dll -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\AzEntretienCo -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\AzEntretienCo\AzEntretien -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\Classes\AzEntretien.Loader -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\Classes\AzEntretien.Loader.1 -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\Classes\AzEntretien.Loader\CLSID -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\Classes\AzEntretien.Loader\CurVer -> Adware.Azesearch : Cleaned.
HKLM\SOFTWARE\AZESearchCo -> Adware.Azsearch : Cleaned.
HKLM\SOFTWARE\AZESearchCo\AZESearch -> Adware.Azsearch : Cleaned.
HKLM\SOFTWARE\AZESearchCo\AZESearch\popup -> Adware.Azsearch : Cleaned.
HKLM\SOFTWARE\AZESearchCo\AZESearch\times -> Adware.Azsearch : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{2296428D-C133-4928-B76A-A200FF409572} -> Adware.Generic : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{c815ace8-3dbf-4ffd-8231-ab1d21e8b7ee} -> Adware.Generic : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c815ace8-3dbf-4ffd-8231-ab1d21e8b7ee} -> Adware.Generic : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2296428D-C133-4928-B76A-A200FF409572} -> Adware.Generic : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C815ACE8-3DBF-4FFD-8231-AB1D21E8B7EE} -> Adware.Generic : Cleaned.
HKLM\SOFTWARE\Avenue Media -> Adware.InternetOptimizer : Cleaned.
C:\Program Files\DNS\cwebpage.dll -> Adware.Maxifiles : Cleaned.
C:\Program Files\Fichiers communs\system32.dll/Catcher.dll -> Adware.Maxifiles : Error during cleaning.
C:\Program Files\Fichiers communs\system32.dll/cwebpage.dll -> Adware.Maxifiles : Error during cleaning.
C:\Program Files\Network\ipnetwork.exe -> Adware.Maxifiles : Cleaned.
C:\Program Files\Media Access -> Adware.MediaAccess : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} -> Adware.MWSearch : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0d2def3a-f4f1-42ec-ac4f-132e7ba6e292} -> Adware.MWSearch : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0D2DEF3A-F4F1-42EC-AC4F-132E7BA6E292} -> Adware.MWSearch : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DA7FF3F8-08BE-4CAC-BC00-94D91C6AE7F4} -> Adware.MWSearch : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F65B197F-8260-4D52-909A-F70118E646EB} -> Adware.MWSearch : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\70tovmto -> Adware.SAHA : Cleaned.
C:\WINDOWS\system32\70tovmto.ini -> Adware.Sahat : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{FFF4E223-7019-4ce7-BE03-D7D3C8CCE884} -> Adware.Shorty : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\DNS -> Adware.Shorty : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFF4E223-7019-4CE7-BE03-D7D3C8CCE884} -> Adware.Shorty : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A19EF336-01D4-48E6-926A-FE7E1C747AED} -> Adware.TrustCleaner : Cleaned.
HKLM\SOFTWARE\Classes\MediaAccess.Installer -> Adware.WinAd : Cleaned.
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CLSID -> Adware.WinAd : Cleaned.
HKLM\SOFTWARE\Classes\MediaAccess.Installer\CurVer -> Adware.WinAd : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Media Access -> Adware.WinAD : Cleaned.
C:\Program Files\Fichiers communs\WinSoftware\CrXML.dll -> Adware.Winfixer : Cleaned.
C:\Program Files\Fichiers communs\WinSoftware\PCheck.dll -> Adware.Winfixer : Cleaned.
C:\Program Files\WinFixer 2005 -> Adware.WinFixer : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} -> Adware.ZangoSearch : Cleaned.
HKU\S-1-5-21-2708925285-65171688-2931747147-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2559D0B1-AF60-4BD5-965D-0E51383A6367} -> Hijacker.Generic : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temporary Internet Files\Content.IE5\OP6FKDAN\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Cleaned.
C:\Program Files\Softwin\BitDefender Free Edition\Infected\send_car_int[1].htm -> Not-A-Virus.Exploit.HTML.CodeBaseExec : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@247realmedia[3].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@247realmedia[1].txt -> TrackingCookie.247realmedia : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@microsoftwlmessengermkt.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@redcats.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@ads.addynamix[2].txt -> TrackingCookie.Addynamix : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@z1.adserver[1].txt -> TrackingCookie.Adserver : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@adtech[1].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@advertising[1].txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temp\Cookies\marie@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@promo.casinotropez[1].txt -> TrackingCookie.Casinotropez : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@centrport[1].txt -> TrackingCookie.Centrport : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@ad1.clickhype[1].txt -> TrackingCookie.Clickhype : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@fl01.ct2.comclick[1].txt -> TrackingCookie.Comclick : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temp\Cookies\marie@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@estat[1].txt -> TrackingCookie.Estat : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@sel.as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temp\Cookies\marie@as1.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@media.fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@findwhat[1].txt -> TrackingCookie.Findwhat : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@c.goclick[2].txt -> TrackingCookie.Goclick : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@ehg-ads.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@hotlog[1].txt -> TrackingCookie.Hotlog : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@data2.perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@perf.overture[1].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@overture[2].txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temp\Cookies\marie@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@revenue[2].txt -> TrackingCookie.Revenue : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@bs.serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@cs.sexcounter[2].txt -> TrackingCookie.Sexcounter : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temp\Cookies\marie@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@spylog[1].txt -> TrackingCookie.Spylog : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@spylog[1].txt -> TrackingCookie.Spylog : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@43.tnssearch[2].txt -> TrackingCookie.Tnssearch : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@weborama[2].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@weborama[1].txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\marie\Local Settings\Temp\Cookies\marie@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\marie\Cookies\marie@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@c5.zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\matthieu\Cookies\matthieu@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
::Report end
Regis59
Messages postés
21143
Date d'inscription
mardi 27 juin 2006
Statut
Contributeur sécurité
Dernière intervention
22 juin 2016
1 320
21 juil. 2006 à 17:44
21 juil. 2006 à 17:44
Salut
C'est vraiment beaucoup mieux ainsi.
Pourrais je avoir un nouvel HijackThis?
Merci
C'est vraiment beaucoup mieux ainsi.
Pourrais je avoir un nouvel HijackThis?
Merci