Impossible d'exécuter un antivirus

[Thanos]

ok, ca n'a pas fonctionné, mais ce n'est pas grave! il y a d'autres moyens d'éliminer les restes

Poste le rapport DiagHelp stp

[celou13]

J'ai fais parvenir le fichier comme recommandé et voici le résultat du programme:

 

DiagHelp version v1.4 - http://www.malekal.com

excute le 26/12/2007 à 22:39:46,59

 

 

Liste des derniers fichies modifies/crees dans windir\system32 et prefetch

C:\WINDOWS\prefetch\CHCP.COM-18156052.pf -->26/12/2007 22:39:44

C:\WINDOWS\prefetch\CMD.EXE-087B4001.pf -->26/12/2007 22:39:36

C:\WINDOWS\prefetch\NOTEPAD.EXE-336351A9.pf -->26/12/2007 22:38:54

C:\WINDOWS\prefetch\FIND.EXE-0EC32F1E.pf -->26/12/2007 22:37:45

C:\WINDOWS\prefetch\GZIP.EXE-16AB2A93.pf -->26/12/2007 22:36:18

C:\WINDOWS\prefetch\NTVDM.EXE-1A10A423.pf -->26/12/2007 22:36:14

C:\WINDOWS\prefetch\SORT.EXE-194AE83C.pf -->26/12/2007 22:36:12

C:\WINDOWS\prefetch\REG.EXE-0D2A95F7.pf -->26/12/2007 22:35:57

C:\WINDOWS\prefetch\KPROCCHECK.EXE-0ED8CEB4.pf -->26/12/2007 22:35:56

C:\WINDOWS\prefetch\CATCHME.EXE-39855953.pf -->26/12/2007 22:34:18

 

C:\WINDOWS\System32\drivers\fidbox2.idx -->26/12/2007 12:46:42

C:\WINDOWS\System32\drivers\fidbox2.dat -->26/12/2007 12:46:42

C:\WINDOWS\System32\drivers\fidbox.idx -->26/12/2007 12:46:42

C:\WINDOWS\System32\drivers\fidbox.dat -->26/12/2007 12:46:42

C:\WINDOWS\System32\drivers\Msft_Kernel_Spyder3_01001.Wdf -->09/12/2007 08:59:02

C:\WINDOWS\System32\drivers\Msft_Kernel_Spyder2_01001.Wdf -->11/10/2007 18:16:05

C:\WINDOWS\System32\drivers\MsftWdf_Kernel_01001_Coinstaller_Critical.Wdf -->11/10/2007 18:16:04

 

C:\WINDOWS\System32\tablet.dat -->26/12/2007 19:34:30

C:\WINDOWS\System32\nvapps.xml -->26/12/2007 19:33:31

C:\WINDOWS\System32\wpa.dbl -->21/12/2007 12:33:38

C:\WINDOWS\System32\FNTCACHE.DAT -->19/12/2007 07:45:35

C:\WINDOWS\System32\ptevideo.dll -->06/12/2007 22:39:37

C:\WINDOWS\System32\MRT.exe -->02/11/2007 08:12:57

C:\WINDOWS\System32\perfh00C.dat -->28/10/2007 07:49:01

C:\WINDOWS\System32\perfh009.dat -->28/10/2007 07:49:01

C:\WINDOWS\System32\perfc00C.dat -->28/10/2007 07:49:01

C:\WINDOWS\System32\perfc009.dat -->28/10/2007 07:49:01

C:\WINDOWS\System32\PerfStringBackup.INI -->28/10/2007 07:49:00

C:\WINDOWS\System32\QuickTimeVR.qtx -->19/10/2007 20:16:46

C:\WINDOWS\System32\QuickTime.qts -->19/10/2007 20:16:46

C:\WINDOWS\System32\jupdate-1.6.0_03-b05.log -->10/10/2007 05:11:29

C:\WINDOWS\System32\TZLog.log -->04/10/2007 13:48:37

C:\WINDOWS\System32\h323log.txt -->03/10/2007 17:05:34

C:\WINDOWS\System32\$winnt$.inf -->03/10/2007 15:15:33

C:\WINDOWS\System32\CONFIG.NT -->03/10/2007 15:12:17

C:\WINDOWS\System32\nscompat.tlb -->03/10/2007 15:12:06

C:\WINDOWS\System32\amcompat.tlb -->03/10/2007 15:12:06

C:\WINDOWS\System32\WindowsLogon.manifest -->03/10/2007 15:10:27

C:\WINDOWS\System32\logonui.exe.manifest -->03/10/2007 15:10:27

C:\WINDOWS\System32\wuaucpl.cpl.manifest -->03/10/2007 15:10:19

C:\WINDOWS\System32\sapi.cpl.manifest -->03/10/2007 15:10:19

C:\WINDOWS\System32\nwc.cpl.manifest -->03/10/2007 15:10:19

 

C:\WINDOWS.log -->26/12/2007 19:34:32

C:\WINDOWS\wiaservc.log -->26/12/2007 19:34:27

C:\WINDOWS\wiadebug.log -->26/12/2007 19:34:26

C:\WINDOWS\QTFont.qfn -->26/12/2007 19:33:25

C:\WINDOWS\bootstat.dat -->26/12/2007 19:33:14

C:\WINDOWS\SchedLgU.Txt -->26/12/2007 19:32:16

C:\WINDOWS\WindowsUpdate.log -->26/12/2007 19:32:15

C:\WINDOWS\msicpl.ini -->24/12/2007 12:23:52

C:\WINDOWS\ViewNX.INI -->20/12/2007 16:48:11

C:\WINDOWS\NeroDigital.ini -->12/12/2007 13:48:10

C:\WINDOWS\setupapi.log -->11/12/2007 06:12:32

C:\WINDOWS\mozver.dat -->10/12/2007 18:23:48

C:\WINDOWS\setupact.log -->09/12/2007 08:59:02

C:\WINDOWS\win.ini -->08/12/2007 23:56:36

C:\WINDOWS\wmsetup.log -->29/11/2007 20:53:36

 

winlogon.exe

Verified: Signed

svchost.exe

Verified: Signed

ws2_32.dll

Verified: Signed

user32.dll

Verified: Signed

tcpip.sys

Verified: Signed

ndis.sys

Verified: Signed

null.sys

Verified: Signed

 

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

explorer.exe pid: 1296

Command line: C:\WINDOWS\Explorer.EXE

 

Base Size Version Path

0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\comctl32.dll

0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL

0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll

0x10000000 0x136000 2.00.0016.0000 C:\Program Files\Fichiers communs\Ahead\Lib\NeroSearchBar.dll

0x7c340000 0x56000 7.10.3052.0004 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCR71.dll

0x014f0000 0x102000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MFC71U.DLL

0x7c3a0000 0x7b000 7.10.3077.0000 C:\Program Files\Fichiers communs\Ahead\Lib\MSVCP71.dll

0x01600000 0x2b5000 8.60.0000.0000 C:\Program Files\Fichiers communs\Ahead\Lib\BCGCBPRO860un71.dll

0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll

0x5d360000 0xf000 7.10.3077.0000 C:\WINDOWS\system32\MFC71FRA.DLL

0x01400000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll

0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL

0x7d200000 0x2be000 3.01.4000.4039 C:\WINDOWS\system32\msi.dll

0x00cd0000 0x1e000 1.01.0000.0000 C:\Program Files\Fichiers communs\Logitech\Scrolling\LgMsgHk.dll

0x023f0000 0x16d000 6.14.0010.10028 C:\WINDOWS\system32\nview.dll

0x01c40000 0x4e000 6.14.0010.10028 C:\WINDOWS\system32\NVWRSFR.DLL

0x00a90000 0x7000 1.00.0000.0000 C:\Program Files\Logitech\iTouch\iTchHk.dll

0x78130000 0x9b000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCR80.dll

0x023d0000 0x15000 6.14.0010.7125 C:\WINDOWS\system32\nvwddi.dll

0x02d70000 0x15000 1.00.0309.0000 C:\Program Files\Pro Imaging Powertoys\Microsoft RAW Image Thumbnailer and Viewer for Windows XP\CRawViewerExtension.dll

0x02e60000 0x5b000 8.01.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.dll

0x02ed0000 0x4c000 8.00.0000.0000 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\PDFShell.FRA

0x02f30000 0x71000 4.00.0000.0086 C:\Program Files\SPAMfighter\Clients\Outlook Express\SFOE0001.dll

0x00a80000 0x7000 2.22.0289.0000 C:\Program Files\Logitech\iTouch\kbdhook.dll

0x03780000 0x54000 8.00.0005.0456 C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.fra

0x00b40000 0x10000 8.00.0000.0456 C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\AcroIEHelper.dll

0x6bd10000 0x10000 12.00.4518.1014 C:\Program Files\Microsoft Office\Office12\msohevi.dll

0x02310000 0x13000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll

0x02360000 0x19000 2.10.0003.0002 C:\Program Files\Nero\Nero 7\Nero BackItUp\NBShell.dll

0x03650000 0xa5000 8.00.0005.0456 C:\Program Files\Adobe\Acrobat 8.0\Acrobat Elements\ContextMenu.dll

0x782e0000 0x10f000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_3bf8fa05\MFC80U.DLL

0x7c420000 0x87000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_6b128700\MSVCP80.dll

0x03470000 0xf000 8.00.50727.0762 C:\WINDOWS\WinSxS\x86_Microsoft.VC80.MFCLOC_1fc8b3b9a1e18e3b_8.0.50727.762_x-ww_91481303\MFC80FRA.DLL

0x03490000 0x2c000 C:\Program Files\WinRAR\rarext.dll

0x03700000 0x1c000 1.00.0001.0000 C:\Program Files\TechSmith\SnagIt 8\SnagItShellExt.dll

0x7c140000 0x103000 7.10.3077.0000 C:\Program Files\TechSmith\SnagIt 8\MFC71.DLL

0x03720000 0x2a000 7.05.0001.0036 C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\context.dll

0x03750000 0x24000 4.42.0000.0000 C:\Program Files\7-Zip\7-zip.dll

0x03ec0000 0x4e000 1.01.0011.0000 C:\Program Files\Sony Ericsson\Mobile\File Manager\fmgrgui.dll

0x7c080000 0x77000 7.00.9466.0000 C:\WINDOWS\system32\MSVCP70.dll

0x7c000000 0x54000 7.00.9466.0000 C:\WINDOWS\system32\MSVCR70.dll

0x03610000 0x27000 1.01.0001.0001 C:\Program Files\Sony Ericsson\Mobile\File Manager\fmgrguil.dll

0x60980000 0x7000 3.01.4000.1823 C:\WINDOWS\system32\MSISIP.DLL

0x74e10000 0x10000 5.06.0000.8820 C:\WINDOWS\system32\wshext.dll

0x73d20000 0xfe000 6.02.4131.0000 C:\WINDOWS\system32\MFC42.DLL

0x61d70000 0xe000 6.00.8665.0000 C:\WINDOWS\system32\MFC42LOC.DLL

0x59000000 0xe000 5.06.0000.6626 C:\WINDOWS\system32\wshFR.DLL

 

ListDLLs v2.25 - DLL lister for Win9x/NT

Copyright © 1997-2004 Mark Russinovich

Sysinternals - www.sysinternals.com

 

------------------------------------------------------------------------------

winlogon.exe pid: 564

Command line: winlogon.exe

 

Base Size Version Path

0x01000000 0x81000 \??\C:\WINDOWS\system32\winlogon.exe

0x58b50000 0x9a000 5.82.2900.2982 C:\WINDOWS\system32\COMCTL32.dll

0x74730000 0x3d000 3.525.1117.0000 C:\WINDOWS\system32\ODBC32.dll

0x20000000 0x18000 3.525.1117.0000 C:\WINDOWS\system32\odbcint.dll

0x76ac0000 0x11000 3.05.2284.0000 C:\WINDOWS\system32\ATL.DLL

0x77000000 0xd4000 2001.12.4414.0258 C:\WINDOWS\system32\COMRes.dll

0x76f80000 0x7f000 2001.12.4414.0308 C:\WINDOWS\system32\CLBCATQ.DLL

0x76010000 0x65000 6.02.3104.0000 C:\WINDOWS\system32\MSVCP60.dll

 

 

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est F042-0F83

 

Répertoire de C:\WINDOWS\system32

 

05/08/2004 11:00 6 144 csrss.exe

1 fichier(s) 6 144 octets

0 Rép(s) 53 855 518 720 octets libres

 

Contenu de Downloaded Program Files

Le volume dans le lecteur C n'a pas de nom.

Le numéro de série du volume est F042-0F83

 

Répertoire de C:\WINDOWS\Downloaded Program Files

 

04/10/2007 13:53 <REP> .

04/10/2007 13:53 <REP> ..

03/10/2007 15:10 65 desktop.ini

20/01/2000 14:25 1 162 Microsoft XML Parser for Java.osd

2 fichier(s) 1 227 octets

 

Total des fichiers listés :

2 fichier(s) 1 227 octets

2 Rép(s) 53 855 518 720 octets libres

 

Recherche de rootkit! (Merci S!Ri)

 

Recherche d'infections connues

 

Export des clefs sensibles..

 

 

Liste des fichiers en exception sur le pare-feu XP SP2

 

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"

"C:\\Program Files\\Bonjour\\mDNSResponder.exe"="C:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"

"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"

"C:\\Program Files\\Adobe\\Adobe Dreamweaver CS3\\Dreamweaver.exe"="C:\\Program Files\\Adobe\\Adobe Dreamweaver CS3\\Dreamweaver.exe:*:Enabled:Adobe Dreamweaver CS3"

 

"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

 

Export de la clef SharedTaskScheduler

 

[sharedTaskScheduler]

"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Pré-chargeur Browseui"

"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Démon de cache des catégories de composant"

 

 

 

exports des policies

REGEDIT4

 

[system]

"dontdisplaylastusername"=dword:00000000

"legalnoticecaption"=""

"legalnoticetext"=""

"shutdownwithoutlogon"=dword:00000001

"undockwithoutlogon"=dword:00000001

 

 

 

Export des clefs sensibles..

Rechercher adresses sensibles dans le fichier HOSTS...

catchme 0.3.1319 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2007-12-26 22:40:07

Windows 5.1.2600 Service Pack 2 NTFS

 

scanning hidden services & system hive ...

 

scanning hidden registry entries ...

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders]

"C:\Program Files\Microsoft Office\OFFICE11\"=""

"C:\Program Files\Microsoft Office\"=""

"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\1036\"=""

"C:\Program Files\Fichiers communs\Microsoft Shared\OFFICE11\"=""

"C:\Program Files\Microsoft Office\OFFICE11\1036\"=""

"C:\WINDOWS\Installer\{9084040C-6000-11D3-8CFE-0150048383C9}\"=""

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\"="1"

"C:\WINDOWS\Microsoft.NET\Framework\"="1"

"C:\WINDOWS\Microsoft.NET\"="1"

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1033\"=""

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\ASP.NETClientFiles\"=""

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\CONFIG\"=""

"C:\WINDOWS\Microsoft.NET\Framework\v1.0.3705\"=""

"C:\Program Files\Internet Explorer\MUI\"=""

"C:\WINDOWS\system32\MUI409\"=""

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MUI409\"=""

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MUI\"=""

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\1036\"=""

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\fr\"=""

"C:\Program Files\Internet Explorer\MUI40C\"=""

"C:\WINDOWS\system32\MUI40C\"=""

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\MUI40C\"=""

"C:\WINDOWS\Installer\{9A394342-4A68-4EBA-85A6-55B559F4E700}\"=""

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\"=""

"C:\WINDOWS\Installer\{9085040C-6000-11D3-8CFE-0150048383C9}\"=""

"C:\Program Files\Adobe\Reader 8.0\"="1"

"C:\Program Files\Adobe\"="1"

"C:\Program Files\Adobe\Reader 8.0\Reader\"="1"

"C:\Program Files\Fichiers communs\Adobe\Acrobat\ActiveX\"="1"

"C:\Program Files\Fichiers communs\Adobe\Acrobat\"="1"

"C:\Program Files\Fichiers communs\Adobe\"="1"

"C:\Program Files\Adobe\Adobe Help Viewer\1.0\Resources\"="1"

"C:\Program Files\Adobe\Adobe Help Viewer\1.0\"="1"

"C:\Program Files\Adobe\Adobe Help Viewer\"="1"

"C:\Program Files\Adobe\Reader 8.0\Reader\AMT\"="1"

"C:\Program Files\Adobe\Reader 8.0\Reader\Browser\"="1"

"C:\Program Files\Adobe\Reader 8.0\Setup Files\"="1"

"C:\Program Files\Adobe\Reader 8.0\Setup Files\{AC76BA86-7AD7-1036-7B44-A81000000003}\"="1"

"C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\FRA\"="1"

"C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\"="1"

"C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\FRA\Images\"="1"

"C:\Program Files\Fichiers communs\Adobe\Help\en_US\Adobe Reader\8.0\images\"=""

"C:\Program Files\Fichiers communs\Adobe\Help\en_US\Adobe Reader\8.0\"=""

"C:\Program Files\Fichiers communs\Adobe\Help\en_US\Adobe Reader\"=""

"C:\Program Files\Fichiers communs\Adobe\Help\en_US\"=""

"C:\Program Files\Fichiers communs\Adobe\Help\"=""

"C:\Program Files\Fichiers communs\Adobe\Help\fr_FR\Adobe Reader\8.0\"=""

"C:\Program Files\Fichiers communs\Adobe\Help\fr_FR\Adobe Reader\"=""

"C:\Program Files\Fichiers communs\Adobe\Help\fr_FR\"=""

"C:\Program Files\Fichiers communs\Adobe\Help\fr_FR\Adobe Reader\8.0\images\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\VDKHome\FRA\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\VDKHome\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\VDKHome\ENU\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\AcroForm\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\AcroForm\PMP\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Multimedia\MPP\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Multimedia\"=""

"C:\Program Files\Adobe\Reader 8.0\Resource\CMap\"=""

"C:\Program Files\Adobe\Reader 8.0\Resource\"=""

"C:\Program Files\Adobe\Reader 8.0\Resource\Font\PFM\"=""

"C:\Program Files\Adobe\Reader 8.0\Resource\Font\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Stamps\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Stamps\FRA\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\Annotations\Stamps\ENU\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\HowTo\ENU\Images\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\SPPlugins\"=""

"C:\Program Files\Adobe\Reader 8.0\Esl\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\Legal\"=""

"C:\Documents and Settings\All Users\Application Data\Adobe\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\adobe_epic\eula\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\adobe_epic\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\Tracker\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\AIR\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\adobe_epic\eula\fr_FR\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\adobe_epic\eula\en_US\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\IDTemplates\ENU\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\IDTemplates\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\IDTemplates\FRA\"=""

"C:\WINDOWS\winsxs\x86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.163_x-ww_681e29fb\"=""

"C:\WINDOWS\winsxs\Policies\x86_policy.8.0.Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_x-ww_77c24773\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\ImageViewer\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\ImageViewer\en_US\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins\ImageViewer\fr_FR\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\BeyondReader\ENU\Onramp\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\BeyondReader\ENU\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\BeyondReader\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\BeyondReader\FRA\Onramp\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\BeyondReader\FRA\"=""

"C:\Program Files\Adobe\Adobe Help Viewer\1.0\Resources\fr\"=""

"C:\Program Files\Adobe\Adobe Help Viewer\1.0\Resources\en\"=""

"C:\Program Files\Fichiers communs\Adobe\Updater5\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins3d\prc\"=""

"C:\Program Files\Adobe\Reader 8.0\Reader\plug_ins3d\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\win\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSpt\Unicode\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSpt\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\Mac\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSpt\Unicode\Mappings\Adobe\"=""

"C:\Program Files\Adobe\Reader 8.0\Resource\Linguistics\"=""

"C:\Program Files\Adobe\Reader 8.0\Resource\Linguistics\Providers\Proximity\"=""

"C:\Program Files\Adobe\Reader 8.0\Resource\Linguistics\Providers\"=""

"C:\WINDOWS\Installer\{AC76BA86-7AD7-1036-7B44-A81000000003}\"=""

"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\"="1"

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\common\alert\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\common\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\common\scripts\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\media\css\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\media\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\media\img\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\pages\complete\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\pages\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\pages\eula\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\pages\installationOptions\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\pages\installationProgress\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\pages\maintenanceWelcome\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\pages\modifyOptions\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\pages\personalization\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\pages\readyToModify\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\pages\selectDestination\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\pages\systemCheck\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\pages\uninstallOptions\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\resources\scripts\"=""

"C:\Program Files\Fichiers communs\Adobe\Installers\e79070e1ef25043cbd93191267ecaf0\payloads\"=""

"C:\Documents and Settings\Marcel Boi\Application Data\Adobe\Updater5\"="1"

"C:\Program Files\Fichiers communs\Adobe\Adobe Anchor Service\AMT\"=""

"C:\Program Files\Fichiers communs\Adobe\Adobe Anchor Service\"=""

"C:\Program Files\Fichiers communs\Adobe\Adobe Asset Services CS3\AMT\"=""

"C:\Program Files\Fichiers communs\Adobe\Adobe Asset Services CS3\"=""

"C:\Program Files\Fichiers communs\Adobe\Adobe Asset Services CS3\Plug-Ins\"=""

"C:\Program Files\Fichiers communs\Adobe\Adobe Asset Services CS3\Presets\Color Books\"=""

"C:\Program Files\Fichiers communs\Adobe\Adobe Asset Services CS3\Presets\"=""

"C:\Program Files\Fichiers communs\Adobe\Adobe Asset Services CS3\Required\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSupport\CMaps\AMT\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSupport\CMaps\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSupport\"=""

"C:\Program Files\Fichiers communs\Adobe\Camera Raw 4\AMT\"=""

"C:\Program Files\Fichiers communs\Adobe\Camera Raw 4\"=""

"C:\Program Files\Fichiers communs\Adobe\PDFL\8.0\AMT\"=""

"C:\Program Files\Fichiers communs\Adobe\PDFL\8.0\"=""

"C:\Program Files\Fichiers communs\Adobe\PDFL\"=""

"C:\Program Files\Fichiers communs\Adobe\PDFL\8.0\CMaps\"=""

"C:\Program Files\Fichiers communs\Adobe\PDFL\8.0\Fonts\"=""

"C:\Program Files\Fichiers communs\Adobe\PDFL\8.0\Fonts\PFM\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSupport\AMT\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSupport\Unicode\ICU\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSupport\Unicode\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSupport\Unicode\Mappings\Adobe\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSupport\Unicode\Mappings\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSupport\Unicode\Mappings\Mac\"=""

"C:\Program Files\Fichiers communs\Adobe\TypeSupport\Unicode\Mappings\Win\"=""

"C:\Program Files\Fichiers communs\Adobe\Bridge CS3 Extensions\Workspaces\"="1"

"C:\Program Files\Fichiers communs\Adobe\Bridge CS3 Extensions\"="1"

"C:\Program Files\Adobe\Adobe Bridge CS3\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\AMT\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\moxplugins\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\moxplugins\microsoft.vc80.crt\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\custom_window\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\main_window\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\widgets\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\bitmaps\workflow_icons\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ar_ae\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\cs_cz\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\da_dk\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\de_de\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\el_gr\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\en_us\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\es_es\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fi_fi\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\fr_fr\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\he_il\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\hu_hu\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\it_it\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ja_jp\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ko_kr\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\nl_nl\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\no_no\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pl_pl\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\pt_br\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ro_ro\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\ru_ru\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\sv_se\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\tr_tr\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\uk_ua\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_cn\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\apd\shared_assets\locales\zh_tw\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\browser\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\browser\classes\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\browser\defaults\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\browser\plugins\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\browser\skin\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\db_support\data\mysql\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\db_support\data\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\db_support\"=""

"C:\Program Files\Adobe\Adobe Bridge CS3\db_support\install%5

[celou13]

[Thanos]

Ok je vois le responsable!! le pc est infecté par Baggle! du coup tu ne peux pas installer Kaspersky...

 

Voilà ce que tu vas faire >

 

Télécharge ELIBAGLA en bas de cette page > http://www.zonavirus.com/datos/descargas/95/elibagla.asp

• Clique sur le bouton Descargar Elibagla cela va télécharger le fichier, place le sur le bureau.
   
  
• Double-clique dessus pour l'ouvrir.
   
  
• Assure-toi que dans le menu déroulant Unidad, tu aies bien C:\
   
  
• Vérifie aussi que l'option en bas de la fenêtre Eliminar Ficheros Automaticamente soit bien cochée.
   
  
• Clique sur le bouton Explorar pour lancer l'analyse.
  

Poste le rapport ELIBAGLA stp.Si tu ne le vois pas, il se trouve ici > C:\InfoSat.txt

 

salut Coolman

Modifié le 26 décembre 2007 par charles ingals

[celou13]

Bonjour à tous.......

 

c'est reparti, voila le rapport "ELIBAGLA"

 

 

Thu Dec 27 11:58:13 2007

EliBagle v10.78 ©2007 S.G.H. / Satinfo S.L.

----------------------------------------------

Lista de Acciones (por Acción Directa):

Por favor, envienos una muestra del fichero

C:\Muestras\WINSYS.EXE.Muestra EliBagle v10.78

a "[email protected]". Gracias.

C:\WINDOWS\SYSTEM32\WINSYS.EXE --> Eliminado Bagle

C:\WINDOWS\SYSTEM32\DRIVERS\HIDR.EXE --> Bagle Renombrado a .VIR

C:\WINDOWS\SYSTEM32\DRIVERS\SROSA.SYS --> Eliminado Bagle (rootkit)

C:\DOCUMENTS AND SETTINGS\MARCEL BOI\APPLICATION DATA\M\FLEC006.EXE --> Bagle.dldr Renombrado a .VIR

C:\DOCUMENTS AND SETTINGS\MARCEL BOI\APPLICATION DATA\M\LIST.OCT --> Eliminado Bagle

Eliminada Carpeta "%WinDir%\exefld"

Restaurada Clave: "SafeBoot\Minimal y Network"

 

Thu Dec 27 11:59:13 2007

EliBagle v10.78 ©2007 S.G.H. / Satinfo S.L.

----------------------------------------------

Lista de Acciones (por Exploración):

Explorando Unidad C:\

C:\Program Files\PixBuilderStudio\PIXBUILDER STUDIO 1.35 (KEYGEN).EXE --> Eliminado Bagle

 

Nº Total de Directorios: 8264

Nº Total de Ficheros: 93368

Nº de Ficheros Analizados: 9655

Nº de Ficheros Infectados: 3

Nº de Ficheros Limpiados: 1

[celou13]

Hé les mecs...vous me laissez tomber?

[Thanos]

salut

 

Non on ne te laisse pas tomber, mais on bosse aussi

 

Très bien! le rapport montre que l'infection a été éliminée par EliBagla : à présent tu dois avoir accès au mode sans échec (le malware empêche cet accès) et tu dois pouvoir installer Kaspersky.

 

1) Fais le scan en ligne suivant à présent >

 

Fais un scan en ligne avec Panda > http://www.nanoscan.com/as/v1/principal.aspx?Lang=en

En images ici > http://www.malekal.com/scan_Av_en_ligne.php#mozTocId131054

• Il faut choisir Full Scan (et pas QuickScan)
  
• Poste le rapport qu'il t'affichera à la fin.
  
• Note : Tu n'es pas obligé de donner ton email, tu peux utiliser une adresse jetable si tu le souhaites : http://www.jetable.org/fr/index
  
• Si ca ne fonctionne pas,assure toi que Internet Explorer est correctement configuré pour le scan en ligne comme indiqué ici : http://www.malekal.com/scan_Av_en_ligne.html#mozTocId898809
  
• Plus d'infos ici > http://www.malekal.com/scan_Av_en_ligne.php#mozTocId131054
  

2) Retente l'installation de Kaspersky et dis moi ce qu'il en est

[celou13]

Scusez moi m'ssieurs dames, mais l'(espace d'un moment je me suis senti seul.

Bon je fais le truc que vous me demandez et puis hop au lit car demain matin c'est à 4 heure que le réveil sonne.

 

Merci les gras je vous reprendrai demain.

 

Bonne nuit à vous

[celou13]

Bonjour l'équipe, voila, rentré chez moi je vous fais passer le rapport de scan ci-dessous.

 

;***********************************************************************************************************************************************************************************

ANALYSIS: 2007-12-28 12:29:51

PROTECTIONS: 0

MALWARE: 32

SUSPECTS: 0

;***********************************************************************************************************************************************************************************

PROTECTIONS

Description Version Active Updated

;===================================================================================================================================================================================

;===================================================================================================================================================================================

MALWARE

Id Description Type Active Severity Disinfectable Disinfected Location

;===================================================================================================================================================================================

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.casalemedia.com/]

00139060 Cookie/Casalemedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.casalemedia.com/]

00139061 Cookie/Doubleclick TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.doubleclick.net/]

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.atdmt.com/]

00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Cookies\marcel boi@atdmt[2].txt

00139535 Application/Processor HackTools No 0 No No F:\PROGRAMMES DIVERS\LIVRES PHOTOS\Snapfish-livrephoto-Setup.exe[process.exe]

00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.tradedoubler.com/]

00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.tradedoubler.com/]

00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.tradedoubler.com/]

00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.tradedoubler.com/]

00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.tradedoubler.com/]

00145405 Cookie/RealMedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.247realmedia.com/]

00145405 Cookie/RealMedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.247realmedia.com/]

00145405 Cookie/RealMedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.247realmedia.com/]

00145405 Cookie/RealMedia TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.247realmedia.com/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.fastclick.net/]

00145457 Cookie/FastClick TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.fastclick.net/]

00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.tribalfusion.com/]

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.mediaplex.com/]

00145738 Cookie/Mediaplex TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.mediaplex.com/]

00167642 Cookie/Com.com TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.com.com/]

00167704 Cookie/Xiti TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.xiti.com/]

00167704 Cookie/Xiti TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.xiti.com/]

00167704 Cookie/Xiti TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.xiti.com/]

00167704 Cookie/Xiti TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.xiti.com/]

00167704 Cookie/Xiti TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.xiti.com/]

00167704 Cookie/Xiti TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.xiti.com/]

00167704 Cookie/Xiti TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.xiti.com/]

00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[fe.lea.lycos.fr/]

00167709 Cookie/fe.lea.lycos TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.fe.lea.lycos.fr/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.statcounter.com/]

00167753 Cookie/Statcounter TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.statcounter.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[ad.yieldmanager.com/]

00168056 Cookie/YieldManager TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[ad.yieldmanager.com/]

00168061 Cookie/Apmebf TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.apmebf.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.serving-sys.com/]

00168090 Cookie/Serving-sys TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.serving-sys.com/]

00168093 Cookie/Serving-sys TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.bs.serving-sys.com/]

00168106 Cookie/Weborama TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.weborama.fr/]

00168106 Cookie/Weborama TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.weborama.fr/]

00168106 Cookie/Weborama TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.weborama.fr/]

00168109 Cookie/Adtech TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.adtech.de/]

00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[server.iad.liveperson.net/hc/14130865]

00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[server.iad.liveperson.net/]

00168116 Cookie/Comclick TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[fl01.ct2.comclick.com/]

00168116 Cookie/Comclick TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[fl01.ct2.comclick.com/]

00168116 Cookie/Comclick TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[fl01.ct2.comclick.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.advertising.com/]

00169190 Cookie/Advertising TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.advertising.com/]

00170554 Cookie/Overture TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.overture.com/]

00172221 Cookie/Zedo TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.zedo.com/]

00172449 Cookie/MetriWeb TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.metriweb.be/]

00173520 Cookie/Bluestreak TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.bluestreak.com/]

00207936 Cookie/Adviva TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.adviva.net/]

00273339 Cookie/Smartadserver TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.smartadserver.com/]

00273339 Cookie/Smartadserver TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.smartadserver.com/]

00273339 Cookie/Smartadserver TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.smartadserver.com/]

00273339 Cookie/Smartadserver TrackingCookie No 0 Yes Yes C:\Documents and Settings\Marcel Boi\Application Data\Mozilla\Firefox\Profiles15ludp3.default\cookies.txt[.smartadserver.com/]

01228849 Adware/Gator Adware No 0 Yes Yes F:\System Volume Information\_restore{DF1BCD0F-A71C-4700-8C26-053EF9C87D46}\RP80\A0022337.exe

01262593 Application/NirCmd.A HackTools No 0 No No H:\System Volume Information\_restore{DF1BCD0F-A71C-4700-8C26-053EF9C87D46}\RP80\A0022338.exe[nircmd.exe]

01953746 Generic Malware Virus/Trojan No 0 Yes Yes H:\System Volume Information\_restore{DF1BCD0F-A71C-4700-8C26-053EF9C87D46}\RP80\A0022338.exe

02217691 Generic Trojan Virus/Trojan No 0 Yes Yes F:\System Volume Information\_restore{DF1BCD0F-A71C-4700-8C26-053EF9C87D46}\RP80\A0022336.exe

;===================================================================================================================================================================================

SUSPECTS

Location

;===================================================================================================================================================================================

;===================================================================================================================================================================================

[Thanos]

salut celou13

 

Le rapport du scan est bon Mis à part des cookies il n'y a rien !

Est ce que tu as déjà retenté d'installer Kaspersky ? si ce n'est pas fait, réessaie à présent et dis moi si ca marche stp.