Desinfection impossible de Adware Gator C
Résolu/Fermé
OntheWaterfront
Messages postés
3
Date d'inscription
dimanche 8 octobre 2006
Statut
Membre
Dernière intervention
3 janvier 2007
-
22 nov. 2006 à 23:37
blackrock01 - 3 janv. 2009 à 17:40
blackrock01 - 3 janv. 2009 à 17:40
A voir également:
- Desinfection impossible de Adware Gator C
- Adware cleaner - Télécharger - Antivirus & Antimalwares
- Supprimer adware - Guide
- Adware elex shrtcln ✓ - Forum Virus
- Adware gratuit - Télécharger - Sécurité
- Adware pokki ✓ - Forum Virus
8 réponses
Utilisateur anonyme
22 nov. 2006 à 23:38
22 nov. 2006 à 23:38
Salut,
Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici stp
Ewido: (en Anglais reste gratuit après la période d'essai)
Ewido
Si tu as besoin d'aide avec Ewido(devenu AVG-antispyware) regarde ce tutoriel:
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
Alors ceci; C:\System Volume Information\_restore indique que ta restauration du systeme etait infecté ou est infecté, pour être sûr, nous allons créer un point propre.
Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"
¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
¤ decoches la case et clic sur "appliquer" puis "ok".
Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:
Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.
Telecharge, installe puis mets à jour ce logiciel(Ewido), une fois que c'est fait, fais un scan complet de ton système, supprime (delete) tout ce qu'il te trouve puis colle le rapport ici stp
Ewido: (en Anglais reste gratuit après la période d'essai)
Ewido
Si tu as besoin d'aide avec Ewido(devenu AVG-antispyware) regarde ce tutoriel:
http://www.kachouri.com/tuto/tuto-161-avg-anti-spyware-75-pour-votre-securite.html
Alors ceci; C:\System Volume Information\_restore indique que ta restauration du systeme etait infecté ou est infecté, pour être sûr, nous allons créer un point propre.
Clic sur "demarrer", cliques droit sur "poste de travail", "propriétés", onglet "restauration du systeme"
¤ coches la case "desactiver la Restauration du systéme sur tous les lecteurs", puis clic ur "appliquer"
¤ decoches la case et clic sur "appliquer" puis "ok".
Maintenant, que l'ont à effacés les point infectés, nous allons créer un point propre:
Clic sur "demarrer", "tous les programmes", "accessoires", "outils système", "restauration du système", choisis "créer un point de restauration" nommes le " ccm" par exemple, cliques sur "créer" puis "ok".
Voilà, maintenant le point de restauration est créer si un jour tu décides tu pourra revenir en arriere à la date que tu l'as créer donc à ce jour; en fesant la marche arriére tu pourra remettre ton ordinateur à la date ou l'on à créer ce point de restauration mais tu perdra les modifications que tu aura faites entre deux.
Utilisateur anonyme
23 nov. 2006 à 02:20
23 nov. 2006 à 02:20
Oula, non, il va juste falloir que tu fasses un nettoyage plus réguliérement
Fait ce nettoyage: (à faire réguliérement)
¤Telecharges et installes ceci:
CCleaner:
Ccleaner
dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes
¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
Si tu as besoin d'aide pour Ccleaner, regarde ce tutoriel:
http://www.tutopat.com/viewtopic.php?t=305
Ensuite, fait ce test en ligne stp ça prend deux minutes
https://www.sdv.fr/
Fait ce nettoyage: (à faire réguliérement)
¤Telecharges et installes ceci:
CCleaner:
Ccleaner
dans la colonne de gauche clic sur "erreurs" coches toutes les cases, puis cliques en bas sur "chercher des erreurs" une fois finit, cliques sur "reparer les erreurs" et tu aura un message pour sauvegarder ta base de registre tu dis "oui" puis tu recommences jusqu'a ce qu'il te trouve plus d'erreurs.
Les sauvegardes que tu aura faites tu pourra les supprimer si ton ordinateur n'a plus de problémes
¤Relance Ccleaner, vas dans l'onglet "nettoyeur" present sur la gauche, decoches la derniere case (Avancé si elle est cochée) puis clic sur "lancer le nettoyage"
Si tu as besoin d'aide pour Ccleaner, regarde ce tutoriel:
http://www.tutopat.com/viewtopic.php?t=305
Ensuite, fait ce test en ligne stp ça prend deux minutes
https://www.sdv.fr/
Résultat du test :
Conclusion:
Aucun port ne semble ouvert sur votre machine.
Votre securité est excellente.
J'ai lancé cleaner et j'ai TOUT viré!
Maintenant reste à savoir si Adware Gator C à jarter ou pas!
Ensuite j'avais qqn questions puisque je t'ai sous la patte si je puis dire...:)
Est-que ce spyware a pu endommager certains de mes fichiers? Parce que par exemple, mon pc ne reconnait plus mon graveur et ne lis plus les DVD alors qu'il y a ces 2 fonctions sur mon lecteur...
Ensuite j'avais une session et depuis que je suis infectée des que je l'ouvre il n'y a rien sur le bureau mais pourtant mes dossiers sont enregistrés sur mon DD...
Quelques explications ne seraient pas de refus, si c possible, evidemment!!!
En tt cas, encore merci!
Conclusion:
Aucun port ne semble ouvert sur votre machine.
Votre securité est excellente.
J'ai lancé cleaner et j'ai TOUT viré!
Maintenant reste à savoir si Adware Gator C à jarter ou pas!
Ensuite j'avais qqn questions puisque je t'ai sous la patte si je puis dire...:)
Est-que ce spyware a pu endommager certains de mes fichiers? Parce que par exemple, mon pc ne reconnait plus mon graveur et ne lis plus les DVD alors qu'il y a ces 2 fonctions sur mon lecteur...
Ensuite j'avais une session et depuis que je suis infectée des que je l'ouvre il n'y a rien sur le bureau mais pourtant mes dossiers sont enregistrés sur mon DD...
Quelques explications ne seraient pas de refus, si c possible, evidemment!!!
En tt cas, encore merci!
Utilisateur anonyme
23 nov. 2006 à 12:34
23 nov. 2006 à 12:34
Salut,
oui il se peut que les virus ont détruit quelques fichiers mais sûrement que ton PC est encore infecté..
telecharge ça:
http://download.bleepingcomputer.com/sUBs/combofix.exe
appuyes sur "Y" pour continuer
Attends quelques minutes..un rapport va s'ouvrir enregistre son contenu, puis copie et colle le sur ici stp
et
Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
_Online Scanner
_Kaspersky Online Scanner
_My Computer
https://www.kaspersky.fr/downloads
oui il se peut que les virus ont détruit quelques fichiers mais sûrement que ton PC est encore infecté..
telecharge ça:
http://download.bleepingcomputer.com/sUBs/combofix.exe
appuyes sur "Y" pour continuer
Attends quelques minutes..un rapport va s'ouvrir enregistre son contenu, puis copie et colle le sur ici stp
et
Fait ce scan anti-virus en ligne avec Internet Explorer, accepte l'active X; la barre anti-popup du SP2(en haut) va se mettre à clignoter, clic dessus et choisis "accepter l'active X" pour faire fonctionner le scan anti-virus.
Une fois qu'il a terminé colle le rapport ici stp
_Online Scanner
_Kaspersky Online Scanner
_My Computer
https://www.kaspersky.fr/downloads
Salut boulepate62!
Désolée d'avoir mis du temps à répondre mais mon pc a eu franchement du mal à être scanné ac kaspersky...Voilà donc les résultats dans l'ordre dans lequels tu m'as dit de procéder!!
Malina - 06-11-24 23:04:37.99 Service Pack 2
ComboFix 06.11.22 - Running from: "C:\Documents and Settings\Malina\Bureau"
((((((((((((((((((((((((((((((( Files Created from 2006-10-23 to 2006-11-23 ))))))))))))))))))))))))))))))))))
2006-11-23 02:37 <REP> dr-h----- C:\Documents and Settings\Malina\Recent
2006-11-23 02:28 <REP> d-------- C:\Program Files\CCleaner
2006-11-22 23:44 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-22 23:44 <REP> d-------- C:\Program Files\Grisoft
2006-11-22 23:14 <REP> d-------- C:\Program Files\iTunes
2006-11-22 22:59 <REP> d--hs---- C:\Config.Msi
2006-10-24 16:59 <REP> d-------- C:\Program Files\Dofus
2006-10-24 14:12 <REP> d-------- C:\Documents and Settings\Malina\Application Data\Lavasoft
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-22 23:15 -------- d-------- C:\Program Files\iPod
2006-11-22 23:05 -------- d-a------ C:\Program Files\QuickTime
2006-11-19 14:11 -------- d-------- C:\Program Files\Internet Explorer
2006-11-13 00:23 -------- d-------- C:\Program Files\Soulseek
2006-10-25 21:49 -------- d-------- C:\Program Files\Apple Software Update
2006-10-24 13:59 -------- d-------- C:\Program Files\Spybot - Search & Destroy
2006-10-15 22:46 -------- d---s---- C:\Documents and Settings\Malina\Application Data\Microsoft
2006-10-15 21:02 -------- d-------- C:\Documents and Settings\Malina\Application Data\Apple Computer
2006-10-15 00:10 -------- d-------- C:\Documents and Settings\Malina\Application Data\Real
2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-11 22:40 -------- d-------- C:\Documents and Settings\Malina\Application Data\Sun
2006-10-11 13:47 -------- d-------- C:\Documents and Settings\Malina\Application Data\Sonic
2006-10-11 13:47 -------- d-------- C:\Documents and Settings\Malina\Application Data\Leadertech
2006-10-11 13:46 -------- d-------- C:\Program Files\Windows Live Safety Center
2006-10-11 13:41 -------- d-------- C:\Program Files\MSN Messenger
2006-10-11 07:32 -------- d-------- C:\Documents and Settings\Malina\Application Data\AdobeUM
2006-10-11 07:31 -------- d-------- C:\Documents and Settings\Malina\Application Data\Adobe
2006-10-11 07:12 -------- d-------- C:\Documents and Settings\Malina\Application Data\Macromedia
2006-10-11 07:11 -------- d-------- C:\Documents and Settings\Malina\Application Data\Talkback
2006-10-11 04:21 -------- d-------- C:\Documents and Settings\Malina\Application Data\Mozilla
2006-10-11 04:11 -------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
2006-10-05 14:18 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-03 16:27 532480 --a------ C:\Program Files\cwshredder anti spyware.exe
2006-10-03 16:11 5037072 --a------ C:\Program Files\spybotsd14.exe
2006-09-13 06:03 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-08-25 16:51 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-13 11:25 323 --a------ C:\Program Files\INSTALL.LOG
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"SiSUSBRG"="C:\\WINDOWS\\SiSUSBrg.exe"
"SiS Tray"="C:\\WINDOWS\\System32\\sistray.EXE"
"SiS KHooker"="C:\\WINDOWS\\System32\\khooker.exe"
"Smapp"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMTray.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"BDMCon"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdmcon.exe\""
"BDOESRV"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\""
"BDNewsAgent"="\"c:\\program files\\softwin\\bitdefender9\\bdnagent.exe\""
"BDSwitchAgent"="\"c:\\program files\\softwin\\bitdefender9\\bdswitch.exe\""
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,ff,00,00,00,00,00,00,00,01,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
Completion time: 06-11-24 23:07:49.48
C:\ComboFix.txt ... 06-11-24 23:07
C:\ComboFix2.txt ... 06-11-23 22:39
KASPERSKY :
Sunday, November 26, 2006 12:58:39 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 25/11/2006
Kaspersky Anti-Virus database records: 231693
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
E:\
Scan Statistics
Total number of scanned objects 73805
Number of viruses found 0
Number of infected objects 0 / 0
Number of suspicious objects 0
Duration of the scan process 01:42:51
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Malina\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Malina\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Malina\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Malina\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Malina\Local Settings\Historique\History.IE5\MSHist012006112520061126\index.dat Object is locked skipped
C:\Documents and Settings\Malina\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Malina\Mes documents\Ma musique\iTunes\iTunes Library.itl Object is locked skipped
C:\Documents and Settings\Malina\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Malina\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Malina\UserData\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Softwin\BitDefender9\asdict.dat Object is locked skipped
C:\Program Files\Softwin\BitDefender9\aspdict.dat Object is locked skipped
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP305\change.log Object is locked skipped
C:\WINDOWS\$NtUninstallKB833407$\bssym7.ttf Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\tmp0000366f\tmp00000000 Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Désolée d'avoir mis du temps à répondre mais mon pc a eu franchement du mal à être scanné ac kaspersky...Voilà donc les résultats dans l'ordre dans lequels tu m'as dit de procéder!!
Malina - 06-11-24 23:04:37.99 Service Pack 2
ComboFix 06.11.22 - Running from: "C:\Documents and Settings\Malina\Bureau"
((((((((((((((((((((((((((((((( Files Created from 2006-10-23 to 2006-11-23 ))))))))))))))))))))))))))))))))))
2006-11-23 02:37 <REP> dr-h----- C:\Documents and Settings\Malina\Recent
2006-11-23 02:28 <REP> d-------- C:\Program Files\CCleaner
2006-11-22 23:44 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-22 23:44 <REP> d-------- C:\Program Files\Grisoft
2006-11-22 23:14 <REP> d-------- C:\Program Files\iTunes
2006-11-22 22:59 <REP> d--hs---- C:\Config.Msi
2006-10-24 16:59 <REP> d-------- C:\Program Files\Dofus
2006-10-24 14:12 <REP> d-------- C:\Documents and Settings\Malina\Application Data\Lavasoft
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-11-22 23:15 -------- d-------- C:\Program Files\iPod
2006-11-22 23:05 -------- d-a------ C:\Program Files\QuickTime
2006-11-19 14:11 -------- d-------- C:\Program Files\Internet Explorer
2006-11-13 00:23 -------- d-------- C:\Program Files\Soulseek
2006-10-25 21:49 -------- d-------- C:\Program Files\Apple Software Update
2006-10-24 13:59 -------- d-------- C:\Program Files\Spybot - Search & Destroy
2006-10-15 22:46 -------- d---s---- C:\Documents and Settings\Malina\Application Data\Microsoft
2006-10-15 21:02 -------- d-------- C:\Documents and Settings\Malina\Application Data\Apple Computer
2006-10-15 00:10 -------- d-------- C:\Documents and Settings\Malina\Application Data\Real
2006-10-13 13:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-11 22:40 -------- d-------- C:\Documents and Settings\Malina\Application Data\Sun
2006-10-11 13:47 -------- d-------- C:\Documents and Settings\Malina\Application Data\Sonic
2006-10-11 13:47 -------- d-------- C:\Documents and Settings\Malina\Application Data\Leadertech
2006-10-11 13:46 -------- d-------- C:\Program Files\Windows Live Safety Center
2006-10-11 13:41 -------- d-------- C:\Program Files\MSN Messenger
2006-10-11 07:32 -------- d-------- C:\Documents and Settings\Malina\Application Data\AdobeUM
2006-10-11 07:31 -------- d-------- C:\Documents and Settings\Malina\Application Data\Adobe
2006-10-11 07:12 -------- d-------- C:\Documents and Settings\Malina\Application Data\Macromedia
2006-10-11 07:11 -------- d-------- C:\Documents and Settings\Malina\Application Data\Talkback
2006-10-11 04:21 -------- d-------- C:\Documents and Settings\Malina\Application Data\Mozilla
2006-10-11 04:11 -------- d-------- C:\Program Files\Fichiers communs\Symantec Shared
2006-10-05 14:18 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-10-03 16:27 532480 --a------ C:\Program Files\cwshredder anti spyware.exe
2006-10-03 16:11 5037072 --a------ C:\Program Files\spybotsd14.exe
2006-09-13 06:03 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2006-08-25 16:51 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-13 11:25 323 --a------ C:\Program Files\INSTALL.LOG
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"SiSUSBRG"="C:\\WINDOWS\\SiSUSBrg.exe"
"SiS Tray"="C:\\WINDOWS\\System32\\sistray.EXE"
"SiS KHooker"="C:\\WINDOWS\\System32\\khooker.exe"
"Smapp"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMTray.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"BDMCon"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdmcon.exe\""
"BDOESRV"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\""
"BDNewsAgent"="\"c:\\program files\\softwin\\bitdefender9\\bdnagent.exe\""
"BDSwitchAgent"="\"c:\\program files\\softwin\\bitdefender9\\bdswitch.exe\""
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,ff,00,00,00,00,00,00,00,01,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
Completion time: 06-11-24 23:07:49.48
C:\ComboFix.txt ... 06-11-24 23:07
C:\ComboFix2.txt ... 06-11-23 22:39
KASPERSKY :
Sunday, November 26, 2006 12:58:39 AM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 25/11/2006
Kaspersky Anti-Virus database records: 231693
Scan Settings
Scan using the following antivirus database standard
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
C:\
E:\
Scan Statistics
Total number of scanned objects 73805
Number of viruses found 0
Number of infected objects 0 / 0
Number of suspicious objects 0
Duration of the scan process 01:42:51
Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Malina\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Malina\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Malina\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Malina\Local Settings\Historique\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Malina\Local Settings\Historique\History.IE5\MSHist012006112520061126\index.dat Object is locked skipped
C:\Documents and Settings\Malina\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Malina\Mes documents\Ma musique\iTunes\iTunes Library.itl Object is locked skipped
C:\Documents and Settings\Malina\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\Malina\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Malina\UserData\index.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Softwin\BitDefender9\asdict.dat Object is locked skipped
C:\Program Files\Softwin\BitDefender9\aspdict.dat Object is locked skipped
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP305\change.log Object is locked skipped
C:\WINDOWS\$NtUninstallKB833407$\bssym7.ttf Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\DEFAULT Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\SOFTWARE Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SYSTEM Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\tmp0000366f\tmp00000000 Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
Scan process completed.
Vous n’avez pas trouvé la réponse que vous recherchez ?
Posez votre question
Malina - 06-12-28 1:40:07,99 Service Pack 2
ComboFix 06.11.22 - Running from: "C:\Documents and Settings\Malina\Bureau"
((((((((((((((((((((((((((((((( Files Created from 2006-11-28 to 2006-12-28 ))))))))))))))))))))))))))))))))))
2006-12-28 00:18 <REP> d-------- C:\Documents and Settings\Malina\Application Data\Skype
2006-12-28 00:17 <REP> d-------- C:\Program Files\Fichiers communs\Skype
2006-12-28 00:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2006-12-27 00:08 <REP> dr-h----- C:\Documents and Settings\Malina\Recent
2006-12-18 22:32 <REP> d-------- C:\Program Files\eMule
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-28 00:17 -------- d-------- C:\Program Files\Skype
2006-12-28 00:17 -------- d-------- C:\Program Files\Fichiers communs
2006-12-26 22:30 -------- d-------- C:\Program Files\SuperCopier
2006-12-26 21:29 -------- d-a------ C:\Program Files\QuickTime
2006-12-26 21:13 -------- d---s---- C:\Documents and Settings\Malina\Application Data\Microsoft
2006-12-24 02:54 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-17 13:41 -------- d-------- C:\Program Files\Internet Explorer
2006-12-17 13:39 -------- d-------- C:\Program Files\Outlook Express
2006-12-17 13:39 -------- d-------- C:\Program Files\Fichiers communs\System
2006-12-07 06:40 2362184 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-11-25 19:55 -------- d-------- C:\Program Files\MSN Messenger
2006-11-25 18:01 -------- d-------- C:\Documents and Settings\Malina\Application Data\AdobeUM
2006-11-23 01:28 -------- d-------- C:\Program Files\CCleaner
2006-11-23 01:27 1496208 --a------ C:\Program Files\ccsetup134.exe
2006-11-22 22:44 -------- d-------- C:\Program Files\Grisoft
2006-11-22 22:43 6469352 --a------ C:\Program Files\avgas-setup-7.5.0.50.exe
2006-11-22 22:15 -------- d-------- C:\Program Files\iTunes
2006-11-22 22:15 -------- d-------- C:\Program Files\iPod
2006-11-12 23:23 -------- d-------- C:\Program Files\Soulseek
2006-11-08 05:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-10-20 01:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-13 12:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-03 15:27 532480 --a------ C:\Program Files\cwshredder anti spyware.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"SiSUSBRG"="C:\\WINDOWS\\SiSUSBrg.exe"
"SiS Tray"="C:\\WINDOWS\\System32\\sistray.EXE"
"SiS KHooker"="C:\\WINDOWS\\System32\\khooker.exe"
"Smapp"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMTray.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"BDMCon"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdmcon.exe\""
"BDOESRV"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\""
"BDNewsAgent"="\"c:\\program files\\softwin\\bitdefender9\\bdnagent.exe\""
"BDSwitchAgent"="\"c:\\program files\\softwin\\bitdefender9\\bdswitch.exe\""
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
Completion time: 06-12-28 1:46:56.46
C:\ComboFix.txt ... 06-12-28 01:46
C:\ComboFix2.txt ... 06-12-27 00:14
C:\ComboFix3.txt ... 06-11-24 22:07
ComboFix 06.11.22 - Running from: "C:\Documents and Settings\Malina\Bureau"
((((((((((((((((((((((((((((((( Files Created from 2006-11-28 to 2006-12-28 ))))))))))))))))))))))))))))))))))
2006-12-28 00:18 <REP> d-------- C:\Documents and Settings\Malina\Application Data\Skype
2006-12-28 00:17 <REP> d-------- C:\Program Files\Fichiers communs\Skype
2006-12-28 00:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2006-12-27 00:08 <REP> dr-h----- C:\Documents and Settings\Malina\Recent
2006-12-18 22:32 <REP> d-------- C:\Program Files\eMule
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-28 00:17 -------- d-------- C:\Program Files\Skype
2006-12-28 00:17 -------- d-------- C:\Program Files\Fichiers communs
2006-12-26 22:30 -------- d-------- C:\Program Files\SuperCopier
2006-12-26 21:29 -------- d-a------ C:\Program Files\QuickTime
2006-12-26 21:13 -------- d---s---- C:\Documents and Settings\Malina\Application Data\Microsoft
2006-12-24 02:54 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-17 13:41 -------- d-------- C:\Program Files\Internet Explorer
2006-12-17 13:39 -------- d-------- C:\Program Files\Outlook Express
2006-12-17 13:39 -------- d-------- C:\Program Files\Fichiers communs\System
2006-12-07 06:40 2362184 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-11-25 19:55 -------- d-------- C:\Program Files\MSN Messenger
2006-11-25 18:01 -------- d-------- C:\Documents and Settings\Malina\Application Data\AdobeUM
2006-11-23 01:28 -------- d-------- C:\Program Files\CCleaner
2006-11-23 01:27 1496208 --a------ C:\Program Files\ccsetup134.exe
2006-11-22 22:44 -------- d-------- C:\Program Files\Grisoft
2006-11-22 22:43 6469352 --a------ C:\Program Files\avgas-setup-7.5.0.50.exe
2006-11-22 22:15 -------- d-------- C:\Program Files\iTunes
2006-11-22 22:15 -------- d-------- C:\Program Files\iPod
2006-11-12 23:23 -------- d-------- C:\Program Files\Soulseek
2006-11-08 05:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-10-20 01:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-13 12:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-03 15:27 532480 --a------ C:\Program Files\cwshredder anti spyware.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"SiSUSBRG"="C:\\WINDOWS\\SiSUSBrg.exe"
"SiS Tray"="C:\\WINDOWS\\System32\\sistray.EXE"
"SiS KHooker"="C:\\WINDOWS\\System32\\khooker.exe"
"Smapp"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMTray.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"BDMCon"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdmcon.exe\""
"BDOESRV"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\""
"BDNewsAgent"="\"c:\\program files\\softwin\\bitdefender9\\bdnagent.exe\""
"BDSwitchAgent"="\"c:\\program files\\softwin\\bitdefender9\\bdswitch.exe\""
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
Completion time: 06-12-28 1:46:56.46
C:\ComboFix.txt ... 06-12-28 01:46
C:\ComboFix2.txt ... 06-12-27 00:14
C:\ComboFix3.txt ... 06-11-24 22:07
Boulepate62!! Je vous remercie de votre précieuse aide et m'excuse de ne pas être venue vous rmercier plutôt mais depuis mon dernier message j'ai déménagé en Angleterre!
Adware Gator C a totalement disparu de mon PC :o) mais j'ai récupéré 2 trojans! Les Dieux s'archarnent...
Je me permets donc de vous joindre les rapports de bitdefender et de Combofix afin de savoir quelles sont les démarches à suivre.
Cordialement.
Rapport Bitdefender :
//-----------------------------------------------------------------
//
// Product: BitDefender 9 Professional Plus
// Version: 9.5
//
// Créé le: 26/12/2006 22:32:03
//
//-----------------------------------------------------------------
Statistiques
Chemin cible: C:\
Dossiers : 5602
Fichiers : 341250
Archives : 7541
Fichiers empaquetés : 27099
Virus trouvés : 1
Fichiers infectés : 2
Alertes : 0
Fichiers suspects : 0
Fichiers désinfectés : 0
Fichiers effacés : 0
Fichiers copiés : 0
Fichiers déplacés : 2
Fichiers renommés : 0
Erreurs I/O : 29
Temps d'analyse := 01:25:18
Fichiers/seconde :66
Statistiques Spywares
Processus Mémoire analysés : 17
Processus Mémoire infectés : 0
Clés de registres analysées : 1837
Clés de registres infectés : 0
Cookies analysés : 17
Cookies infectés : 0
Fichiers spyware infectés : 0
Menaces Spyware détectées : 0
Définitions virus : 380995
Plugins d'analyse : 16
Plugins archives : 41
Plug-ins décompression : 6
Plug-ins messagerie : 6
Plug-ins système : 5
Options d'analyse
Détection
[X] Analyser le secteur de boot
[X] Analyser les archives
[X] Analyser les fichiers en paquets
[X] Analyser la messagerie
Masque fichiers
[ ] Programmes
[X] Tous les fichiers
[ ] Extensions définies par l'utilisateur:
[ ] Exclure les extensions: ;
Action
Objets infectés
[ ] Ignorer
[X] Désinfecter
[ ] Effacer
[ ] Copier
[ ] Déplacer dans le dossier infectés
[ ] Renommer
[ ] Demander l'action
Seconde action
[ ] Ignorer
[ ] Effacer
[ ] Copier
[X] Déplacer dans le dossier infectés
[ ] Renommer
[ ] Demander l'action
Options d'analyse
[X] Activer les alertes
[X] Activer l'heuristique
[ ] Afficher tous les fichiers dans le journal
[X] Fichier journal : C:\Program Files\Softwin\BitDefender9\Logs\vscan_1167168722.log
Options d'analyse Spyware
[X] Processus mémoire
[X] Clés de registres
[X] Cookies
Sommaire :
C:\Program Files\SuperCopier\ApiHooks.dll Infecté avec: Trojan.Exploit.Debploit.F
C:\Program Files\SuperCopier\ApiHooks.dll Désinfection impossible
C:\Program Files\SuperCopier\ApiHooks.dll Déplacé
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP318\A0243302.dll Infecté avec: Trojan.Exploit.Debploit.F
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP318\A0243302.dll Désinfection impossible
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP318\A0243302.dll Déplacé
Rapport Combofix:
Malina - 06-12-28 1:40:07,99 Service Pack 2
ComboFix 06.11.22 - Running from: "C:\Documents and Settings\Malina\Bureau"
((((((((((((((((((((((((((((((( Files Created from 2006-11-28 to 2006-12-28 ))))))))))))))))))))))))))))))))))
2006-12-28 00:18 <REP> d-------- C:\Documents and Settings\Malina\Application Data\Skype
2006-12-28 00:17 <REP> d-------- C:\Program Files\Fichiers communs\Skype
2006-12-28 00:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2006-12-27 00:08 <REP> dr-h----- C:\Documents and Settings\Malina\Recent
2006-12-18 22:32 <REP> d-------- C:\Program Files\eMule
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-28 00:17 -------- d-------- C:\Program Files\Skype
2006-12-28 00:17 -------- d-------- C:\Program Files\Fichiers communs
2006-12-26 22:30 -------- d-------- C:\Program Files\SuperCopier
2006-12-26 21:29 -------- d-a------ C:\Program Files\QuickTime
2006-12-26 21:13 -------- d---s---- C:\Documents and Settings\Malina\Application Data\Microsoft
2006-12-24 02:54 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-17 13:41 -------- d-------- C:\Program Files\Internet Explorer
2006-12-17 13:39 -------- d-------- C:\Program Files\Outlook Express
2006-12-17 13:39 -------- d-------- C:\Program Files\Fichiers communs\System
2006-12-07 06:40 2362184 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-11-25 19:55 -------- d-------- C:\Program Files\MSN Messenger
2006-11-25 18:01 -------- d-------- C:\Documents and Settings\Malina\Application Data\AdobeUM
2006-11-23 01:28 -------- d-------- C:\Program Files\CCleaner
2006-11-23 01:27 1496208 --a------ C:\Program Files\ccsetup134.exe
2006-11-22 22:44 -------- d-------- C:\Program Files\Grisoft
2006-11-22 22:43 6469352 --a------ C:\Program Files\avgas-setup-7.5.0.50.exe
2006-11-22 22:15 -------- d-------- C:\Program Files\iTunes
2006-11-22 22:15 -------- d-------- C:\Program Files\iPod
2006-11-12 23:23 -------- d-------- C:\Program Files\Soulseek
2006-11-08 05:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-10-20 01:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-13 12:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-03 15:27 532480 --a------ C:\Program Files\cwshredder anti spyware.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"SiSUSBRG"="C:\\WINDOWS\\SiSUSBrg.exe"
"SiS Tray"="C:\\WINDOWS\\System32\\sistray.EXE"
"SiS KHooker"="C:\\WINDOWS\\System32\\khooker.exe"
"Smapp"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMTray.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"BDMCon"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdmcon.exe\""
"BDOESRV"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\""
"BDNewsAgent"="\"c:\\program files\\softwin\\bitdefender9\\bdnagent.exe\""
"BDSwitchAgent"="\"c:\\program files\\softwin\\bitdefender9\\bdswitch.exe\""
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
Completion time: 06-12-28 1:46:56.46
C:\ComboFix.txt ... 06-12-28 01:46
C:\ComboFix2.txt ... 06-12-27 00:14
C:\ComboFix3.txt ... 06-11-24 22:07
Adware Gator C a totalement disparu de mon PC :o) mais j'ai récupéré 2 trojans! Les Dieux s'archarnent...
Je me permets donc de vous joindre les rapports de bitdefender et de Combofix afin de savoir quelles sont les démarches à suivre.
Cordialement.
Rapport Bitdefender :
//-----------------------------------------------------------------
//
// Product: BitDefender 9 Professional Plus
// Version: 9.5
//
// Créé le: 26/12/2006 22:32:03
//
//-----------------------------------------------------------------
Statistiques
Chemin cible: C:\
Dossiers : 5602
Fichiers : 341250
Archives : 7541
Fichiers empaquetés : 27099
Virus trouvés : 1
Fichiers infectés : 2
Alertes : 0
Fichiers suspects : 0
Fichiers désinfectés : 0
Fichiers effacés : 0
Fichiers copiés : 0
Fichiers déplacés : 2
Fichiers renommés : 0
Erreurs I/O : 29
Temps d'analyse := 01:25:18
Fichiers/seconde :66
Statistiques Spywares
Processus Mémoire analysés : 17
Processus Mémoire infectés : 0
Clés de registres analysées : 1837
Clés de registres infectés : 0
Cookies analysés : 17
Cookies infectés : 0
Fichiers spyware infectés : 0
Menaces Spyware détectées : 0
Définitions virus : 380995
Plugins d'analyse : 16
Plugins archives : 41
Plug-ins décompression : 6
Plug-ins messagerie : 6
Plug-ins système : 5
Options d'analyse
Détection
[X] Analyser le secteur de boot
[X] Analyser les archives
[X] Analyser les fichiers en paquets
[X] Analyser la messagerie
Masque fichiers
[ ] Programmes
[X] Tous les fichiers
[ ] Extensions définies par l'utilisateur:
[ ] Exclure les extensions: ;
Action
Objets infectés
[ ] Ignorer
[X] Désinfecter
[ ] Effacer
[ ] Copier
[ ] Déplacer dans le dossier infectés
[ ] Renommer
[ ] Demander l'action
Seconde action
[ ] Ignorer
[ ] Effacer
[ ] Copier
[X] Déplacer dans le dossier infectés
[ ] Renommer
[ ] Demander l'action
Options d'analyse
[X] Activer les alertes
[X] Activer l'heuristique
[ ] Afficher tous les fichiers dans le journal
[X] Fichier journal : C:\Program Files\Softwin\BitDefender9\Logs\vscan_1167168722.log
Options d'analyse Spyware
[X] Processus mémoire
[X] Clés de registres
[X] Cookies
Sommaire :
C:\Program Files\SuperCopier\ApiHooks.dll Infecté avec: Trojan.Exploit.Debploit.F
C:\Program Files\SuperCopier\ApiHooks.dll Désinfection impossible
C:\Program Files\SuperCopier\ApiHooks.dll Déplacé
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP318\A0243302.dll Infecté avec: Trojan.Exploit.Debploit.F
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP318\A0243302.dll Désinfection impossible
C:\System Volume Information\_restore{9AEDEF4B-1977-4657-B854-EFDB21259CFF}\RP318\A0243302.dll Déplacé
Rapport Combofix:
Malina - 06-12-28 1:40:07,99 Service Pack 2
ComboFix 06.11.22 - Running from: "C:\Documents and Settings\Malina\Bureau"
((((((((((((((((((((((((((((((( Files Created from 2006-11-28 to 2006-12-28 ))))))))))))))))))))))))))))))))))
2006-12-28 00:18 <REP> d-------- C:\Documents and Settings\Malina\Application Data\Skype
2006-12-28 00:17 <REP> d-------- C:\Program Files\Fichiers communs\Skype
2006-12-28 00:17 <REP> d-------- C:\Documents and Settings\All Users\Application Data\Skype
2006-12-27 00:08 <REP> dr-h----- C:\Documents and Settings\Malina\Recent
2006-12-18 22:32 <REP> d-------- C:\Program Files\eMule
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2006-12-28 00:17 -------- d-------- C:\Program Files\Skype
2006-12-28 00:17 -------- d-------- C:\Program Files\Fichiers communs
2006-12-26 22:30 -------- d-------- C:\Program Files\SuperCopier
2006-12-26 21:29 -------- d-a------ C:\Program Files\QuickTime
2006-12-26 21:13 -------- d---s---- C:\Documents and Settings\Malina\Application Data\Microsoft
2006-12-24 02:54 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-12-17 13:41 -------- d-------- C:\Program Files\Internet Explorer
2006-12-17 13:39 -------- d-------- C:\Program Files\Outlook Express
2006-12-17 13:39 -------- d-------- C:\Program Files\Fichiers communs\System
2006-12-07 06:40 2362184 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-11-25 19:55 -------- d-------- C:\Program Files\MSN Messenger
2006-11-25 18:01 -------- d-------- C:\Documents and Settings\Malina\Application Data\AdobeUM
2006-11-23 01:28 -------- d-------- C:\Program Files\CCleaner
2006-11-23 01:27 1496208 --a------ C:\Program Files\ccsetup134.exe
2006-11-22 22:44 -------- d-------- C:\Program Files\Grisoft
2006-11-22 22:43 6469352 --a------ C:\Program Files\avgas-setup-7.5.0.50.exe
2006-11-22 22:15 -------- d-------- C:\Program Files\iTunes
2006-11-22 22:15 -------- d-------- C:\Program Files\iPod
2006-11-12 23:23 -------- d-------- C:\Program Files\Soulseek
2006-11-08 05:07 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-10-20 01:38 716800 --a------ C:\WINDOWS\system32\sxs.dll
2006-10-13 12:36 145920 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-03 15:27 532480 --a------ C:\Program Files\cwshredder anti spyware.exe
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Skype"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"Apoint"="C:\\Program Files\\Apoint2K\\Apoint.exe"
"SiSUSBRG"="C:\\WINDOWS\\SiSUSBrg.exe"
"SiS Tray"="C:\\WINDOWS\\System32\\sistray.EXE"
"SiS KHooker"="C:\\WINDOWS\\System32\\khooker.exe"
"Smapp"="C:\\Program Files\\Analog Devices\\SoundMAX\\SMTray.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"TkBellExe"="\"C:\\Program Files\\Fichiers communs\\Real\\Update_OB\\realsched.exe\" -osboot"
"BDMCon"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdmcon.exe\""
"BDOESRV"="\"C:\\Program Files\\Softwin\\BitDefender9\\bdoesrv.exe\""
"BDNewsAgent"="\"c:\\program files\\softwin\\bitdefender9\\bdnagent.exe\""
"BDSwitchAgent"="\"c:\\program files\\softwin\\bitdefender9\\bdswitch.exe\""
"SunJavaUpdateSched"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Ma page d'accueil"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"ALUAlert"="C:\\Program Files\\Symantec\\LiveUpdate\\ALUNotify.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001
[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
Completion time: 06-12-28 1:46:56.46
C:\ComboFix.txt ... 06-12-28 01:46
C:\ComboFix2.txt ... 06-12-27 00:14
C:\ComboFix3.txt ... 06-11-24 22:07
23 nov. 2006 à 02:04
J'ai suivi tes instructions à la lettre, voilà le rapport de AVG et j'ai crée un point de restauration.
Penses tu que le travail est fini ou il ne fait juste que commencer?!!!
Merci!!
23 nov. 2006 à 02:07
Désolée!
+ Créé à: 01:46:34 23/11/2006
+ Résultat de l'analyse:
:mozilla.33:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.34:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.35:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.36:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.37:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.38:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.39:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.87:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.88:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.247realmedia : Aucune action entreprise.
:mozilla.140:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.141:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.142:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.143:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.144:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.145:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.146:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.147:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.147:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.429:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.465:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.471:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.54:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.592:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Malina\Cookies\malina@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Malina\Cookies\malina@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Mikaélé\Cookies\mikaélé@112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Mikaélé\Cookies\mikaélé@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
C:\Documents and Settings\Mikaélé\Cookies\mikaélé@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Aucune action entreprise.
:mozilla.166:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.167:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Adbrite : Aucune action entreprise.
:mozilla.704:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Adjuggler : Aucune action entreprise.
:mozilla.705:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Adjuggler : Aucune action entreprise.
:mozilla.20:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.21:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.22:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.23:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.24:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.25:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Adrevolver : Aucune action entreprise.
:mozilla.178:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.179:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.73:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.74:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.7:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.8:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Adtech : Aucune action entreprise.
:mozilla.71:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Advertising : Aucune action entreprise.
:mozilla.114:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.74:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Atdmt : Aucune action entreprise.
:mozilla.48:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
C:\Documents and Settings\Mikaélé\Cookies\mikaélé@bluestreak[1].txt -> TrackingCookie.Bluestreak : Aucune action entreprise.
:mozilla.81:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Casalemedia : Aucune action entreprise.
:mozilla.246:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Com : Aucune action entreprise.
C:\Documents and Settings\Mikaélé\Cookies\mikaélé@com[1].txt -> TrackingCookie.Com : Aucune action entreprise.
:mozilla.676:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.677:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.678:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Comclick : Aucune action entreprise.
:mozilla.659:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Counted : Aucune action entreprise.
:mozilla.642:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Cqcounter : Aucune action entreprise.
:mozilla.21:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.69:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Doubleclick : Aucune action entreprise.
:mozilla.289:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.28:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.72:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Estat : Aucune action entreprise.
C:\Documents and Settings\Malina\Cookies\malina@estat[1].txt -> TrackingCookie.Estat : Aucune action entreprise.
:mozilla.115:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.116:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.117:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.118:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.119:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.120:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.121:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.122:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.123:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.75:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Falkag : Aucune action entreprise.
:mozilla.31:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.804:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.805:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.806:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.807:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.808:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.809:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.810:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.811:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Googleadservices : Aucune action entreprise.
:mozilla.30:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Hitslink : Aucune action entreprise.
:mozilla.712:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.713:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.714:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Liveperson : Aucune action entreprise.
:mozilla.122:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Mediaplex : Aucune action entreprise.
:mozilla.717:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Onestat : Aucune action entreprise.
:mozilla.718:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Onestat : Aucune action entreprise.
:mozilla.103:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.104:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.468:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.58:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.78:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.79:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Overture : Aucune action entreprise.
:mozilla.171:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.172:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.173:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.174:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.175:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Pointroll : Aucune action entreprise.
:mozilla.477:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.478:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Questionmarket : Aucune action entreprise.
:mozilla.498:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Revenue : Aucune action entreprise.
:mozilla.282:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Ru4 : Aucune action entreprise.
:mozilla.283:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Ru4 : Aucune action entreprise.
:mozilla.162:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.163:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.164:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.165:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.166:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.217:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.532:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.533:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.534:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.535:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.536:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.81:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.82:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.83:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.84:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.85:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
C:\Documents and Settings\Malina\Cookies\malina@serving-sys[2].txt -> TrackingCookie.Serving-sys : Aucune action entreprise.
:mozilla.682:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.683:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.684:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.690:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.691:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.738:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Sitestat : Aucune action entreprise.
:mozilla.122:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.22:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.23:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.24:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.25:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.40:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.41:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.42:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
C:\Documents and Settings\Malina\Cookies\malina@www.smartadserver[2].txt -> TrackingCookie.Smartadserver : Aucune action entreprise.
:mozilla.170:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Specificclick : Aucune action entreprise.
:mozilla.82:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.83:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Statcounter : Aucune action entreprise.
:mozilla.554:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.555:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.556:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Tacoda : Aucune action entreprise.
:mozilla.44:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.45:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.46:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Tradedoubler : Aucune action entreprise.
:mozilla.90:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Tribalfusion : Aucune action entreprise.
:mozilla.608:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Web-stat : Aucune action entreprise.
:mozilla.609:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Web-stat : Aucune action entreprise.
:mozilla.26:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.27:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.28:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.47:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.49:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.50:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.91:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.92:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.93:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Weborama : Aucune action entreprise.
C:\Documents and Settings\Malina\Cookies\malina@weborama[2].txt -> TrackingCookie.Weborama : Aucune action entreprise.
:mozilla.130:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Webtrendslive : Aucune action entreprise.
:mozilla.107:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.108:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\qc3pwzoc.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.112:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.113:C:\Documents and Settings\Mikaélé\Application Data\Mozilla\Firefox\Profiles\nps96792.default\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.14:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.15:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.16:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.17:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.18:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
:mozilla.19:C:\Documents and Settings\Malina\Application Data\Mozilla\Firefox\Profiles\uaef1su2.dudu\cookies.txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
C:\Documents and Settings\Mikaélé\Cookies\mikaélé@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Aucune action entreprise.
Fin du rapport