Aller au contenu

kormick1

Membres
 Afficher le profil  Afficher son activité

  • Compteur de contenus

    134

  • Inscription

  • Dernière visite

 Type de contenu 

Tout ce qui a été posté par kormick1

  1. kormick1

    WebCam Fujitsu-Siemens

    kormick1 a posté un sujet dans Software

    Salut, j'ai un tout nouveau portable, Fujitsu-Siemens Amilo Xi2428 , il y a une webcam intégrée... mais si je veux aller sur msn et la mettre, ca marche pas... il dit que c'est pas installé, le problème c'est que je la trouve nulle part sur le C. je suis allé dans le panneau de configurations->programmes, le programme WebCam y est, à l'emplacement C:\Program Files, sauf que ce dossier n'existe pas... je galère la... merci de m'aider! a plus
  2. kormick1

    vidéo streaming

    kormick1 a répondu à un(e) sujet de kormick1 dans Internet & Réseaux

    ben quand ils me demandent entre real et wmp je prends wmp et ca marche qd meme pas
  3. kormick1

    vidéo streaming

    kormick1 a répondu à un(e) sujet de kormick1 dans Internet & Réseaux

    En fait les vidéos genre sur abrutis ou youtube etc (qui je pense sont en streaming) j'arrive à lire, sans problèmes.... c vraiment pour ce genre de vidéos que vous pouvez voir sur le lien
  4. kormick1
    Salut, j'ai des prlbèmes pour lire les vidéos par exemple de ce site: tsr.ch... http://www.tsr.ch/tsr/index.html?siteSect=800000 (vidéos à droite...). Je n'arrive tout simplement pas à les lire et il me dit meme pas de message d'erreur! J'ai télécharger - lecture des videos téléchargées ou sur le disque dur : win32-codecs-1.7-2plf.i586.rpm - lecture des vidéos en streaming : Download mplayerplug-in-3.05-1.fc4.i386.rpm mais est-ce qu'il faut installer? et comment? merci!
  5. kormick1
    Bonjour, j'ai 2 questions différentes: J'ai un HD externe de Texas Instruments et j'aimerais savoir comment faire pour faire directement les backups des dossiers qu'on veut... Est-ce qu'il y a la possibilité à l'ordi de dire de faire un backup sur le compartiment D:/ de dossiers importants se trouvant sur le C:/ ?? merci bien
  6. kormick1
    il part en couilles de nouveau!
  7. kormick1
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:23:35, on 05.09.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Fichiers communs\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Fichiers communs\Logishrd\LQCVFX\COCIManager.exe C:\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/index_d.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-21-1410259478-1878684319-1518022403-1009\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Gaby') O4 - HKUS\S-1-5-21-1410259478-1878684319-1518022403-1009\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background (User 'Gaby') O4 - HKUS\S-1-5-21-1410259478-1878684319-1518022403-1009\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe (User 'Gaby') O4 - HKUS\S-1-5-21-1410259478-1878684319-1518022403-1009\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe (User 'Gaby') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1163785631265 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing) O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe (file missing) O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 8723 bytes
  8. kormick1
    ;*********************************************************************************************************************************************************************************** ANALYSIS: 2007-09-05 18:52:14 PROTECTIONS: 2 MALWARE: 23 SUSPECTS: 0 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== AVG Anti-Virus 7.1.375 7.1.375 Yes No avast! antivirus 4.7.1029 [VPS 000773-0] 4.7.1029 No Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.casalemedia.com/] 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.casalemedia.com/] 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.doubleclick.net/] 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.doubleclick.net/] 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.doubleclick.net/] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@atdmt[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.atdmt.com/] 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.atdmt.com/] 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.tradedoubler.com/] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.fastclick.net/] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.fastclick.net/] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.fastclick.net/] 00145457 Cookie/FastClick TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.fastclick.net/] 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.mediaplex.com/] 00159564 Cookie/WUpd TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.revenue.net/] 00167753 Cookie/Statcounter TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.statcounter.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[ad.yieldmanager.com/] 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[ad.yieldmanager.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Cookies\lidia@serving-sys[2].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.serving-sys.com/] 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.serving-sys.com/] 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.bs.serving-sys.com/] 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Cookies\lidia@bs.serving-sys[1].txt 00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.weborama.fr/] 00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[fl01.ct2.comclick.com/] 00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[fl01.ct2.comclick.com/] 00168116 Cookie/Comclick TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[fl01.ct2.comclick.com/] 00170553 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.ig.com.br/] 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.overture.com/] 00170554 Cookie/Overture TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.overture.com/] 00170557 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.terra.com.br/] 00170557 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Cookies\gaby@terra.com[1].txt 00170559 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.uol.com.br/] 00170559 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Cookies\lidia@uol.com[2].txt 00170559 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.uol.com.br/] 00170559 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.uol.com.br/] 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.bluestreak.com/] 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.bluestreak.com/] 00182104 Cookie/Hitbox TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.phg.hitbox.com/] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[searchportal.information.com/] 00199984 Cookie/Searchportal TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[searchportal.information.com/] 00209833 Cookie/Com.com TrackingCookie No 0 Yes No C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.acesso.uol.com.br/] 00366244 Application/NirCmd.A HackTools No 0 Yes No C:\fixwareout\FindT\nircmd.exe 01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.enhance.com/] 01196325 Cookie/Enhance TrackingCookie No 0 Yes No C:\Documents and Settings\Jean-Marc\Application Data\Mozilla\Firefox\Profiles\txh35oy9.default\cookies.txt[.enhance.com/] ;=================================================================================================================================================================================== SUSPECTS Location ;=================================================================================================================================================================================== ;===================================================================================================================================================================================
  9. kormick1
    salut chef, c'est à nouveau moi... je te récris parce que mon ordi fait de nouveau un peu des siennes, mais ca va, je contôle la situation... y a juste qqch que je voulais te dire, je fais régulièrement des scans avec SPYBOT S&D ... et il trouve TOUJOURS Microsoft.Windows.IEFirewallBypass... je fais corriger l'erreur, il l'élimine mais au prochain scan il le trouve à nouveau! tu connais la bête?? merci
  10. kormick1
    catchme 0.3.1066 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2007-08-30 16:48:51 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden services & system hive ... scanning hidden registry entries ... scanning hidden files ... scan completed successfully hidden files: 0 et avec BTFix il n'a rien trouvé.... mais aujourd'hui mon ordi se comporte bien..... il ne fait pas des siennes.... tant mieux. je te redis si ca péclote à nouveau... mais merci pour le temps pris!
  11. kormick1
    et ca recommence........
  12. kormick1
    il va plutot pas mal...
  13. kormick1
    Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:31:49, on 29.08.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\DOCUME~1\Yannick\LOCALS~1\Temp\Répertoire temporaire 1 pour HiJackThis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/index_d.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1163785631265 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing) O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe (file missing) O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 8312 bytes
  14. kormick1
    21:50 28.08.2007Symantec Adware.Istbar / Trojan.ISTsvc Removal Tool 1.1.0 C:\Documents and Settings\Jean-Marc\Mes documents\Mes images\Art: (not scanned) C:\Documents and Settings\Lidia: (not scanned) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\bammt_kat@hotmail.com\DFSR\Staging\CS{DE9EC157-86F0-1984-DC22-FB02C15F3908}1\28-{DE9EC157-86F0-1984-DC22-FB02C15F3908}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v28-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\beaty_angel15@hotmail.com\DFSR\Staging\CS{01200121-C465-F6A8-BE64-9D296844A070}1\15-{01200121-C465-F6A8-BE64-9D296844A070}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v15-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\catou_1990@hotmail.com\DFSR\Staging\CS{C7E74DCD-B70F-4E10-E131-23B240CD19E5}1\22-{C7E74DCD-B70F-4E10-E131-23B240CD19E5}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v22-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\christinaki6@hotmail.com\DFSR\Staging\CS{1202E4D2-B5CB-C2E3-0E65-7921974AA026}1\18-{1202E4D2-B5CB-C2E3-0E65-7921974AA026}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v18-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\christinaki6@hotmail.com\DFSR\Staging\CS{1202E4D2-B5CB-C2E3-0E65-7921974AA026}\20\19-{F7F00979-6ACC-42BE-9E54-CB5F8522C64B}-v20-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v19-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\christinaki6@hotmail.com\DFSR\Staging\CS{1202E4D2-B5CB-C2E3-0E65-7921974AA026}\24\21-{F7F00979-6ACC-42BE-9E54-CB5F8522C64B}-v24-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v21-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\dafne_alves@hotmail.com\DFSR\Staging\CS{976B4A38-35D7-5CCC-EE9C-D8BF3804020B}1\14-{976B4A38-35D7-5CCC-EE9C-D8BF3804020B}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v14-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\joannie_f14@hotmail.com\DFSR\Staging\CS{AA00D3A5-A2E2-F0FE-A54D-40D29FD54245}1\17-{AA00D3A5-A2E2-F0FE-A54D-40D29FD54245}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v17-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\jobinjessica@hotmail.com\DFSR\Staging\CS{625B471D-5D54-EDFB-5B9E-9062D14E1803}1\29-{625B471D-5D54-EDFB-5B9E-9062D14E1803}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v29-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\may_maciel@hotmail.com\DFSR\Staging\CS{E44E1772-B21E-48DA-4B2D-B458E10C167E}1\26-{E44E1772-B21E-48DA-4B2D-B458E10C167E}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v26-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\mersutydruk@hotmail.com\DFSR\Staging\CS{710E3CCE-28EB-393B-9B47-290447DA2847}1\27-{710E3CCE-28EB-393B-9B47-290447DA2847}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v27-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\meyer_quentin@hotmail.com\DFSR\Staging\CS{98D83A6E-8839-2BF7-8DEC-C05E2F3C0573}1\30-{98D83A6E-8839-2BF7-8DEC-C05E2F3C0573}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v30-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\nigik2@hotmail.com\DFSR\Staging\CS{5EA1EFB5-6856-CDB4-C526-89A156BD92C0}1\31-{5EA1EFB5-6856-CDB4-C526-89A156BD92C0}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v31-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\pizbita@msn.com\DFSR\Staging\CS{BBC8724A-0859-A127-DE47-197F2575EFF0}1\76-{BBC8724A-0859-A127-DE47-197F2575EFF0}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v76-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\sex_sexygen@hotmail.com\DFSR\Staging\CS{4C7944C9-216C-B394-0565-4159251F22F6}1\25-{4C7944C9-216C-B394-0565-4159251F22F6}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v25-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\supervananas@yahoo.fr\DFSR\Staging\CS{91B705A3-59B2-88FE-EC36-27B506E85F40}1\11-{91B705A3-59B2-88FE-EC36-27B506E85F40}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v11-Downloaded.frx (WARNING: not scanned, path to long) C:\System Volume Information: (not scanned) D:\System Volume Information: (not scanned) E:\System Volume Information: (not scanned) Adware.Istbar has not been found on your computer. Logfile of HijackThis v1.99.1 Scan saved at 21:52:32, on 28.08.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Fichiers communs\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\nvsvc32.exe C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe C:\Program Files\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\winmine.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\HijackThis\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bluewin.ch/index_d.html R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [NvCplDaemon] "RUNDLL32.EXE" C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Console Java (Sun) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409} (TotalScan Installer Class) - http://www.nanoscan.com/as/v1/cabs/ascstubie.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.fr/scan8/oscan8.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdat...b?1163785631265 O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Unknown owner - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe (file missing) O23 - Service: Client de licence CA (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe O23 - Service: Serveur de licence CA (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Sunbelt Software\Personal Firewall 4\kpf4ss.exe (file missing) O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\LVMVFM\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Fichiers communs\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NMIndexingService - Unknown owner - C:\Program Files\Fichiers communs\Ahead\Lib\NMIndexingService.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\retrorun.exe O23 - Service: Retrospect WD Service (RetroWDSvc) - Dantz Development Corporation - C:\PROGRA~1\Dantz\RETROS~1\wdsvc.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
  15. kormick1
    ;*********************************************************************************************************************************************************************************** ANALYSIS: 2007-08-27 21:05:24 PROTECTIONS: 2 MALWARE: 9 SUSPECTS: 0 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== AVG Anti-Virus 7.1.375 7.1.375 Yes No avast! antivirus 4.7.1029 [VPS 000769-0] 4.7.1029 No Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00000431 adware/ist.istbar Adware No 1 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{386A771C-E96A-421F-8BA7-32F1B706892F} 00035722 adware/comet Adware No 0 Yes No HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1678F7E1-C422-11D0-AD7D-00400515CAAA} 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@doubleclick[1].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@atdmt[2].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@mediaplex[1].txt 00167704 Cookie/Xiti TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@xiti[2].txt 00168106 Cookie/Weborama TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@weborama[1].txt 00169190 Cookie/Advertising TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@advertising[2].txt 00173520 Cookie/Bluestreak TrackingCookie No 0 Yes No C:\Documents and Settings\Yannick\Cookies\yannick@bluestreak[2].txt ;=================================================================================================================================================================================== SUSPECTS Location ;=================================================================================================================================================================================== ;===================================================================================================================================================================================
  16. kormick1
    Symantec Adware.Istbar / Trojan.ISTsvc Removal Tool 1.1.0 C:\Documents and Settings\Jean-Marc\Mes documents\Mes images\Art: (not scanned) C:\Documents and Settings\Lidia: (not scanned) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\bammt_kat@hotmail.com\DFSR\Staging\CS{DE9EC157-86F0-1984-DC22-FB02C15F3908}1\28-{DE9EC157-86F0-1984-DC22-FB02C15F3908}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v28-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\beaty_angel15@hotmail.com\DFSR\Staging\CS{01200121-C465-F6A8-BE64-9D296844A070}1\15-{01200121-C465-F6A8-BE64-9D296844A070}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v15-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\catou_1990@hotmail.com\DFSR\Staging\CS{C7E74DCD-B70F-4E10-E131-23B240CD19E5}1\22-{C7E74DCD-B70F-4E10-E131-23B240CD19E5}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v22-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\christinaki6@hotmail.com\DFSR\Staging\CS{1202E4D2-B5CB-C2E3-0E65-7921974AA026}1\18-{1202E4D2-B5CB-C2E3-0E65-7921974AA026}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v18-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\christinaki6@hotmail.com\DFSR\Staging\CS{1202E4D2-B5CB-C2E3-0E65-7921974AA026}\20\19-{F7F00979-6ACC-42BE-9E54-CB5F8522C64B}-v20-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v19-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\christinaki6@hotmail.com\DFSR\Staging\CS{1202E4D2-B5CB-C2E3-0E65-7921974AA026}\24\21-{F7F00979-6ACC-42BE-9E54-CB5F8522C64B}-v24-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v21-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\dafne_alves@hotmail.com\DFSR\Staging\CS{976B4A38-35D7-5CCC-EE9C-D8BF3804020B}1\14-{976B4A38-35D7-5CCC-EE9C-D8BF3804020B}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v14-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\joannie_f14@hotmail.com\DFSR\Staging\CS{AA00D3A5-A2E2-F0FE-A54D-40D29FD54245}1\17-{AA00D3A5-A2E2-F0FE-A54D-40D29FD54245}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v17-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\jobinjessica@hotmail.com\DFSR\Staging\CS{625B471D-5D54-EDFB-5B9E-9062D14E1803}1\29-{625B471D-5D54-EDFB-5B9E-9062D14E1803}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v29-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\may_maciel@hotmail.com\DFSR\Staging\CS{E44E1772-B21E-48DA-4B2D-B458E10C167E}1\26-{E44E1772-B21E-48DA-4B2D-B458E10C167E}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v26-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\mersutydruk@hotmail.com\DFSR\Staging\CS{710E3CCE-28EB-393B-9B47-290447DA2847}1\27-{710E3CCE-28EB-393B-9B47-290447DA2847}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v27-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\meyer_quentin@hotmail.com\DFSR\Staging\CS{98D83A6E-8839-2BF7-8DEC-C05E2F3C0573}1\30-{98D83A6E-8839-2BF7-8DEC-C05E2F3C0573}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v30-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\nigik2@hotmail.com\DFSR\Staging\CS{5EA1EFB5-6856-CDB4-C526-89A156BD92C0}1\31-{5EA1EFB5-6856-CDB4-C526-89A156BD92C0}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v31-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\pizbita@msn.com\DFSR\Staging\CS{BBC8724A-0859-A127-DE47-197F2575EFF0}1\76-{BBC8724A-0859-A127-DE47-197F2575EFF0}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v76-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\sex_sexygen@hotmail.com\DFSR\Staging\CS{4C7944C9-216C-B394-0565-4159251F22F6}1\25-{4C7944C9-216C-B394-0565-4159251F22F6}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v25-Downloaded.frx (WARNING: not scanned, path to long) C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\SharingMetadata\supervananas@yahoo.fr\DFSR\Staging\CS{91B705A3-59B2-88FE-EC36-27B506E85F40}1\11-{91B705A3-59B2-88FE-EC36-27B506E85F40}-v1-{5528BBFF-8C42-492F-8A07-C9FFEC43E3B6}-v11-Downloaded.frx (WARNING: not scanned, path to long) C:\System Volume Information: (not scanned) D:\System Volume Information: (not scanned) E:\System Volume Information: (not scanned) Adware.Istbar has not been found on your computer.
  17. kormick1
    SALUT pas grave pour le retard, j'avais juste peur que mon post soit perdu dans les fin fonds du forum... résultats: je n'ai pas de DM_Server je n'ai pas de Comet Systems dans SOFTWARE..?! Je fais qd meme la 5ème démarche? merci, à plus SALUT pas grave pour le retard, j'avais juste peur que mon post soit perdu dans les fin fonds du forum... résultats: je n'ai pas de DM_Server je n'ai pas de Comet Systems dans SOFTWARE..?! Je fais qd meme la 5ème démarche? merci, à plus
  18. kormick1
    tjrs rien?
  19. kormick1
    alors, des nouvelles?
  20. kormick1
    Incident Statut Analyse Adware:adware/comet No Désinfecté Registre Windows Adware:adware/ist.istbar No Désinfecté Registre Windows Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.uol.com.br/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Statcounter No Désinfecté C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Xiti No Désinfecté C:\Documents and Settings\Jean-Marc\Cookies\jean-marc@xiti[1].txt Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.uol.com.br/] Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/Searchportal No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[searchportal.information.com/] Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Lidia\Cookies\lidia@bs.serving-sys[1].txt Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Lidia\Cookies\lidia@serving-sys[2].txt Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\Lidia\Cookies\lidia@uol.com[2].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Yannick\Cookies\yannick@atdmt[2].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Yannick\Cookies\yannick@doubleclick[1].txt Outil indésirable:Application/NirCmd.A No Désinfecté C:\fixwareout\FindT\nircmd.exe
  21. kormick1
    Search Navipromo version 2.0.8 commencé le 18.08.2007 à 1:33:40.25 !!! Attention,ce rapport peut indiquer des fichiers/programmes légitimes!!! !!! Poster ce rapport sur le forum pour le faire analyser !!! !!! Ne pas lancer la partie désinfection sans l'avis d'un spécialiste !!! Fix lancé depuis C:\Program Files\navilog1 Mise a jour le 15.08.2007 a 15h00 by IL-MAFIOSO Executé en mode normal *** Recherche Programmes installes *** *** Recherche dossiers dans C:\WINDOWS *** *** Recherche dossiers dans C:\Program Files *** *** Recherche dossiers dans C:\Documents and Settings\All Users\Application Data *** *** Recherche dossiers dans C:\Documents and Settings\Yannick\Application Data *** *** Recherche avec BlackLight Engine/F-secure *** BlackLight Engine est un produit de F-secure, pour + d'infos : http://www.f-secure.com/blacklight/blacklight_help.html F-SECURE BLACKLIGHT ROOTKIT ELIMINATOR ====================================== Copyright 2005-2006 F-Secure Corporation. All rights reserved. This is a beta version. It will expire on 1st of October, 2007. Version information: 2.2.1064. [+] Started on 08/18/07 at 01:33:46. [+] Initializing ... [+] Starting scan, press Ctrl-C to abort. [+] Scanning for hidden items ........................................................................................... [+] Scan complete. [+] Summary: 0 hidden item(s) found, 0 scheduled for renaming. [+] Exited on 08/18/07 at 01:44:27 (return code = 0). *** Recherche fichiers *** *** Recherche cles registre *** Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs] Recherche dans [HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage] Recherche Clé Magic Control *** Module de Recherche complémentaire *** (Recherche fichiers spécifiques) 1)Recherche fichiers connus: 2)Recherche Heuristique : * ** *** **** ***** ****** ******* ******** 3)Recherche Certificats : *** Recherche avec GenericNaviSearch Beta *** !!! Tous Ces résultats peuvent révéler des fichiers légitimes !!! !!! A verifier impérativement avant toute suppression manuelle !!! Fichiers trouvés : Aucun Fichier trouvé ! Fichiers suspects : Aucun Fichier suspect trouvé ! *** Analyse Terminé le 18.08.2007 à 1:45:14.43 ***
  22. kormick1
    Incident Statut Analyse Outil indésirable:application/mywebsearch No Désinfecté HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} Adware:adware/comet No Désinfecté Registre Windows Adware:adware/ist.istbar No Désinfecté Registre Windows Outil indésirable:application/myway No Désinfecté HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0494D0D1-F8E0-41AD-92A3-14154ECE70AC} Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.uol.com.br/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/Statcounter No Désinfecté C:\Documents and Settings\Gaby\Application Data\Mozilla\Firefox\Profiles\bt6pmbhr.default\cookies.txt[.statcounter.com/] Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.doubleclick.net/] Spyware:Cookie/YieldManager No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[ad.yieldmanager.com/] Spyware:Cookie/Bluestreak No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.bluestreak.com/] Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.uol.com.br/] Spyware:Cookie/Tradedoubler No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.tradedoubler.com/] Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.serving-sys.com/] Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[.bs.serving-sys.com/] Spyware:Cookie/Searchportal No Désinfecté C:\Documents and Settings\Lidia\Application Data\Mozilla\Firefox\Profiles\tijg9d1r.default\cookies.txt[searchportal.information.com/] Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Lidia\Cookies\lidia@bs.serving-sys[1].txt Spyware:Cookie/Serving-sys No Désinfecté C:\Documents and Settings\Lidia\Cookies\lidia@serving-sys[2].txt Spyware:Cookie/Com.com No Désinfecté C:\Documents and Settings\Lidia\Cookies\lidia@uol.com[2].txt Spyware:Cookie/Atlas DMT No Désinfecté C:\Documents and Settings\Yannick\Cookies\yannick@atdmt[2].txt Spyware:Cookie/Doubleclick No Désinfecté C:\Documents and Settings\Yannick\Cookies\yannick@doubleclick[1].txt Outil indésirable:Application/NirCmd.A No Désinfecté C:\fixwareout\FindT\nircmd.exe
  23. kormick1
    Ok, c'est bien embêtant... ça m'arrive sur toutes les pages web, mais en partiruclier sur quelques unes plus souvent et chacune sa spécialité... ex. sur une, je vois que des scripts, sur l'autre lle fond noir disparait et ca devient blanc et l'écriture change, sur zebulon je n'ai que la barre d'options en-haut.. etc, donne-moi des nouvelles
  24. kormick1
    impossible d'effacer le dernier fichier cité....
  25. kormick1
    salut, j'ai fait tout ce que t'as dit... juste la procédure numéro 2... pas moyen, y a pas de trace dans mon ordi de ce equi est marqué (mywebsearch etc.) résultat eSearch: File C:\Documents and Settings\All Users\Documents\Ma musique\Toutes les musiques\Brasil\Tom Jobim, Chico Buarque e Caetano Veloso - A´guas de Marc¸o.MP3 infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\Documents and Settings\Yannick\Local Settings\Application Data\Microsoft\Messenger\kormick1@hotmail.com\Sharing Folders\christinaki6@hotmail.com\?????a(191).jpg infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\Documents and Settings\Yannick\Local Settings\Temp\MsgPlusSetupFile-A_7c.VI. infected by "BkCln.Unknown" Virus. Action Taken: File Renamed. File C:\System Volume Information\_restore{C9D4939E-1D21-4856-B31C-89202670BFBC}\RP755\A0163085.exe tagged as not-a-virus:AdWare.Win32.SaveNow.z. No Action Taken.
×
×
  • Créer...